02/07/2012 |
Enterprise Risk Management
The current wave of consumerization of IT will not wane any time soon. The next decade will be marked by a growing amount of consumer-grade technology, which will continue to bleed over into the corporate environment.
This document will address the steps an organization can take to securely allow personally liable mobile devices on the corporate network, keeping in mind legal and
12/14/2011 |
Enterprise Risk Management
“Information risk” is a tricky topic with which many IANS client grapple. For most security professionals, there is a fine line to walk between offering up the right amount of information and spreading FUD throughout their companies. Combining his experiences from the Verizon Business RISK Team, a top 25 financial institution, and several other major organizations, IANS Faculty
09/28/2011 |
Enterprise Risk Management
In a world where borders are blurring and social media is the prevalent form of communication, Hart Rossman, IANS Faculty and CTO at SAIC, recommends taking a progressive approach to information security that will create greater value for the security professional as well as his/her organization as a whole. In the following interview, Hart shares his thoughts on why and how
05/13/2010 |
Enterprise Risk Management
Join us as Faculty Aaron Turner takes us on a journey through the vulnerabilities of these “four winds” - iPhone, Blackberry, Android, and Windows Mobile devices - starting with where is your organization’s critical data and where is it going off to? What tools do you already have in your arsenal to better manage these emerging risks? Turner will discuss how bootloaders can
03/28/2007 |
Enterprise Risk Management
In response to the general confusion among IT security teams as to what constitutes “compliance” to the Payment Card Industry (PCI) Data Security Standard1 (“the Standard”), the Institute for Applied Network Security (IANS) assembled a working group of IT security leaders (“members” or the “group”) to establish benchmarks of interpretation that group members could use to defend
05/23/2006 |
Enterprise Risk Management
Overview
A variety of technologies and scenarios were covered including reverse proxies, VPN, and file-integrity monitoring. Delegates discussed how some of the newer technologies were not robust or scalable enough for enterprise implementation. Getting budget dollars for such emerging technologies is difficult without a legal mandate to push management.
The PCI (payment card
03/13/2006 |
Enterprise Risk Management
Overview
Corporate IT departments have to meet numerous regulatory standards, including those set by Sarbanes-Oxley, Graham-Leach-Bliley, HIPAA, and various state laws. Government agencies have oversight too, although the standards are somewhat different. Adding complexity, the regulations and the standards for compliance to them are changing.
Most organizations are seeking to do
08/03/2005 |
Enterprise Risk Management
As the IDS/IPS market matures, Delegates continue to experiment with deployment configurations targeting specific security and business needs such as internal monitoring, eliminating feature redundancy, and meeting regulatory compliance. The future of the IDS/IPS market continues to be called into question as core functionalities are rolled into existing technologies like gateways
05/10/2005 |
Enterprise Risk Management
There is much interest in moving beyond intrusion detection (IDS) to prevention (IPS) because of the ability to actually block traffic rather than just log it. A number of Forum Members are looking for knowledge about IPS technology as their organizations are seriously considering implementing it. However, actual IPS experience is limited; much of the experience with IPS has been
05/10/2005 |
Enterprise Risk Management
Overview
Complying with regulations is the minimum necessary action for corporations and IT Security. Depending on the business, there may be much more that the corporate IT Security team can and should do. Further, compliance is not solely the domain of IT Security. Instead it requires the cooperation and collaboration of the entire organization, especially legal counsel. This
Next Event
Space is limited, reserve your spot today