Information Security Assurance for Executives An international business companion to the 2002 OECD Guidelines for the Security of Networks and Information Systems: Towards a Culture of Security Although I was already familiar with the original OECD paper, I only recently chanced across this impressive guide while researching for a security awareness module on trust and ethics. It was written by the International Chamber of Commerce (ICC) in conjunction with the Business and Industry Advisory Committee to the OECD (BIAC), and published back in 2003. Towards a Culture of Security, based on a paper written way back in 1992, remains highly... Read more →
« September 2012 | Main | November 2012 »
Posts from October 2012
26 October 2012
Information Security Assurance for Executives
Posted by Gary Hinson on 26 October 2012 at 03:14 PM | Permalink
|
Comments (0)
24 October 2012
The 2013 Global Information Security Workforce Study is important for all of us
The 2013 Information Security Workforce study needs your input! Read more →
Posted by Wim Remes on 24 October 2012 at 03:59 PM | Permalink
|
Comments (0)
19 October 2012
Password Practice: With Age Comes Wisdom?
My friend and colleague Stephen Cobb has shared some interesting survey data in a blog article indicating that the age group between 18 and 34 is less likely than older groups to use complex passwords or even to use different passwords according to the sensitivity of the context. Kevin Townsend had his own take on the article, and in fact we talked subsequently about his suggestions that: More mature people have had more negative experiences in life which make them more cautious/security conscious People with more to lose will make more effort to protect what they've got. I agree that... Read more →
Posted by David Harley on 19 October 2012 at 03:16 PM in Cybersecurity Training, IT Security, Privacy | Permalink
|
Comments (0)
Responsible Digital Citizenship – A Year-Round, Lifelong Pursuit
With (ISC)² being a supporter of U.S. National Cyber Security Awareness Month every year since its inception, it strikes me that many more organizations are getting involved this year – maybe more than ever before. I asked myself what’s changed. Then, I realized I don’t care – I’m just glad that our society is shining a spotlight on helping vulnerable groups – especially children – understand the lasting consequences of their actions online – for themselves and for other people. As recent as last week, we were told of the heartbreaking suicide of a young girl in British Columbia as... Read more →
Posted by Hord Tipton on 19 October 2012 at 12:31 PM in IT Security, Legal | Permalink
|
Comments (0)
16 October 2012
Don’t Forget About ID Thieves and Online Predators during NCSA Month: 5 Tips for Protecting and Educating Your Children
With National Cyber Security Awareness Month in full stride, parents are realizing the vulnerability of their children and the necessity for cyber safety education. Although numerous types of cybercrime are being discussed this month, I’d like to examine two areas that have an increasing incidence rate and lack of parent awareness: child identity theft and the prevalence of online predators. While malware, phishing and hacking are key buzz words in today’s headlines, identity theft should be top-of-mind, given its swift and detrimental repercussions. Once a child’s identity is stolen, it often takes less than 24 hours for changes to be... Read more →
Posted by Julie Peeler on 16 October 2012 at 05:12 PM | Permalink
|
Comments (0)
03 October 2012
Mitigating against a Certificate Authority Breach
What would you do if you found out that the Certificate Authority that provides Digital Certificates to your company was compromised, and Microsoft was adding the Certificate Authority’s public key to Windows un-trusted Root Store? Well if you have not got a contingency plan to implement then I can presume you will be in a panic to purchase new certificates from another Certificate Authority. If you only have to secure a few domains this might not be too bad but you will still have to join a queue of companies in the same position. What do you do if you... Read more →
Posted by Conor Roantree on 03 October 2012 at 04:30 PM | Permalink
|
Comments (0)
Search
Categories
- (ISC)² Chapters (22)
- (ISC)² Events (159)
- Center for Cyber Safety and Education (52)
- Cloud Security (132)
- Cybersecurity Certifications (376)
- Cybersecurity Training (310)
- Cybersecurity Workforce (243)
- Digital Forensics (29)
- Ethics (52)
- Government (124)
- Insider Risk (56)
- IT Security (373)
- Legal (45)
- Malware (112)
- Network Security (176)
- Operations Security (141)
- Privacy (116)
- Ransomware (84)
- Risk (196)
- Software Development (44)
- Spotlight (71)