The Hacker's Profiling Project (HPP)
The Hacker's Profiling Project (HPP) attempts to apply traditional criminal profiling techniques to the many different types of hackers and their motivations, as well as offering the opportunity to many stripes of hackers to describe themselves and their motivations via a unique questionnaire, which in turn will aid in the prevention and countering of IT crimes. This chapter from Profiling Hackers: The Science of Criminal Profiling as Applied to the World of Hacking shows in detail the single steps that make up the project.
Prevent Identity Theft with 12 Tips for Safe Holiday Shopping Online
As more business is conducted online and sensitive data is stored on personal computers, the risk of electronic fraud increases exponentially. The holiday shopping season further increases this risk as online retailers provide heavy discounts to attract consumers searching for the best deals. If history repeats itself, Monday November 30th, better known as Cyber Monday, will be the largest online shopping day of the year. And while shoppers look forward to this day, identity thieves are even more eager to steal the plethora of personal information that will be shared between consumers and businesses. Here are 12 tips for savvy consumers who wish to protect themselves this holiday season.
Getting Started with Security Metrics
In this audio interview, Krag Brotby, author of Information Security Management Metrics, explains the necessary preliminary steps you need to take before you start to collect data. It's a process of first determining the outcome, then the objectives to achieve that outcome, the strategies needed to reach the objectives, and finally the metrics needed to manage the process of achieving the outcome. As he makes clear, a security metrics program is much more than data collection and analysis.
Introduction to Computer Ethics
This introduction to computer ethics by Rebecca Herold traces its history, covers regulatory requirements, discusses various topics in computer ethics, highlights common fallacies, codes of conduct, and resources.
Introduction to Social Engineering
Social engineering is the name given to a category of security attacks in which someone manipulates others into revealing information that can be used to steal, data, access to systems, access to cellular phones, money or even your own identity. This article examines ways in which people, government agencies, military organizations and companies have been duped into giving information that has opened them to attack. It looks at who the social engineers of today are, what they are after, the low-tech as well as the newer forms of electronic theft and explore measures that will keep your personal, customer, supplier and company information out of the hands of the social engineer.
Security Weaknesses of System and Application Interfaces Used to Process Sensitive Information
This chapter from the Information Security Management Handbook focuses on the problems associated with user abuse of authorized interfaces. Common interface aspects that provide a user with the ability to circumvent or disregard security policy will be presented. The discussion is centered on Microsoft Windows NT-based operating systems and compatible applications, but much of the information is applicable to other operating systems that also make use of graphical interfaces.
Introduction to Vulnerability Management
Vulnerability management (VM) is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. This is a broad definition that has implications for corporate or government entities. It is not a new discipline, nor is it a new technology. This vital function has been a normal part of hardening defenses and identifying weaknesses to systems, processes, and strategies in the military and in the private sector. With growing complexity in organizations, it has become necessary to draw out this function as a unique practice complete with supporting tools. This has resulted in an important refinement of the definition of VM as a segment of risk management.
Security Metrics Overview
Metrics is a term used to denote a measure based on a reference and involves at least two points, the measure and the reference. Security in its most basic meaning is the protection from or absence of danger. This article discusses metrics as they are used-or not used--to tell us about the state or degree of safety relative to a reference point and what to do to avoid danger.
Could Your Mobile Device Land Your CEO in Court?
There are many industry specific compliance regulations that are there to protect customers’ personal data and yet so many companies are still contravening these statutes and laws. So, if you lose your mobile device with work data on it or details of your customers, who is liable? Even if you own the device and it has work related data on it, your board of directors could be liable so effectively you could land your boss in court. That’s great fun if you hate your boss, but on the serious side most companies are just not aware of the implications or regulations of protecting data. This article outlines why companies should be protecting their data and how they can go about doing this.
Mid-Year 2009 Internet Security Trends
One well-known characteristic of the computer industry is how quickly it changes. Advancements are made in technology so fast that keeping up with the curve often seems daunting. However, one aspect of the industry is essential to stay ahead of--security. As threats increase in volume and severity, the importance of monitoring those changes is paramount. Symantec maintains a watchful eye on threat landscape trends. At the end of 2008, Symantec researchers predicted a number of security developments to watch for in 2009. Here's what Symantec predicted and how the predictions have stood up thus far.
On the Web's 40th Anniversary, the Top Web Threats
This week marks the 40th anniversary of the Internet. Symantec Security Response pulled together a list of the top ten most notorious threats seen on the Internet in its 40-year history.
The Business Survivability Question: Is Your Data Safe?
Today's workforce requires immediate access to information, applications, coworkers and customers. Both large and small enterprises are increasingly online, mobile and Web 2.0-driven. These advancements illustrate that IT is no longer just a business tool; it is business. Yet every year businesses experience the effects of data loss stemming from information technology (IT) network outages and as IT systems fail, daily operations follow, and the results can be fatal. Businesses should strive to create a high availability infrastructure that responds robustly to new-age business challenges and disruptions. Data replication solutions can play an important role in implementing high availability. They can also serve as a cornerstone to effective business continuity (BC) and disaster recovery (DR) strategy and they can be very affordable.
Understanding DLP
In the past year or two, the term "data loss prevention" ("DLP") has been both abused and overused by security vendors that are desperate to make their products sound more relevant and useful than they really are for solving the problem of data breaches. This has led to the unfortunate situation today where it's often difficult to tell exactly what DLP is and what is not. To help clarify the current confusing situation, this article describes what DLP is as well as what it can and cannot do. It also describes both the capabilities and limitations of DLP.
Devising a Workable IT Planning Strategy
Effective decisions are elusive without good planning abilities and good decisions about how IT should be deployed and managed are no different. Consistent decision-making requires a defined framework, methodology or, in short, a process. So if IT planning consists of all of the activities that support consistent decision-making, then the IT planning discipline has to be made up of activities performed in a process that is repeatable, has defined responsibilities, has a defined order to the activities and is auditable. As this article explains, to make quality decisions, the process should provoke the right questions and supply the information that can support the decision-making.
More Than a Check Box: How GRC Principles Measure Security and Accountability
Privileged accounts and privileged users have the power to change system data, user access, configuration, and so forth. They also have the power to easily sabotage the critical IT operations of any organization. Privileged passwords are extremely critical to overall system access and functionality, and in order to meet compliance regulations, organizations must address this issue. This article shows how you can mitigate the insider threat with GRC.
Protecting Your Email Infrastructure
Defending business email infrastructure in the constant crossfire that is the modern Internet is a never-ending battle. It is important to maintain virus protection on end-user machines because they deal with threats that come in by vectors other than email. Most threats are best stopped before they reach your infrastructure and filtering technology can halt threats from reaching infrastructure. There are many products available for network-based mail filtering in a variety of architectures. When choosing a filtering technology, consider whether it is a service model or appliance. Because neither technology is the right answer for everyone, this article compares the two.
Web Application Firewall Implementation Strategies
Today's Web Application Firewalls (WAF) are much more technologically mature than in years past, but most importantly the biggest missing piece has been addressed: accurate vulnerability data. Commercial scanning vendors proved time and time again that dumping hundreds or even thousands of unvalidated results loaded with false positives and duplicate vulnerabilities into a WAF just doesn't work. By contrast, with people, process, and innovative technology we've overcome that hurdle. This article explains how WAF are now easy to set-up, manage, and best of all, block attacks attempting to exploit vulnerabilities.
Deep Packet Inspection Technologies
This chapter investigates what deep packet inspection is, its application in the current network/computer security scenario, and how to decide if it is appropriate for your organization's environment.
Integrated Threat Management
Integrated threat management (ITM) is the evolution of stand-alone security products into a single, unified solution that is generally cheaper and easier to implement and maintain. Combine a single console for management, updates, reports, and metrics, and you will wonder why you do not have one at home too. This chapter introduces what an ITM solution is, the benefits and drawbacks of the solution, what to look for, and how to select a solution. Finally, the chapter wraps up with lessons learned to help avoid some of the common pitfalls and gaps in a typical ITM solution.
What Defines a Green, Next-Generation, Virtual Data Center?
Many approaches and technologies, addressing different issues and requirements, can be used to enable a green and virtual data center. Virtualization is a popular approach to consolidating underutilized IT resources, including servers, storage, and I/O networks to free up floor-space, lower energy consumption, and reduce cooling demand, all of which can result in cost savings. However, virtualization-and particularly consolidation-applies to only a small percentage of all IT resources. The importance of this chapter from The Green and Virtual Data Center is that there are many facets of virtualization that can be used to enable IT infrastructure resource management to improve service delivery in a more cost-effective and environmentally friendly manner.
Why SaaS Plays Nicer than Enterprise Software
This article looks at the benefits of SAAS software in comparison to enterprise software. It argues that with enterprise software, what you thinks you are buying, what was demonstrated and what is actually delivered, are frequently different things. On the contrary, with SaaS, it’s “What You See Is What You Get.” Further, with SaaS, rather like Open Source, you have not one, but many voices of criticism pointing out the numerous ways the software can be improved. Of course, you will hear both good and bad ideas, but since we’re in a market of ideas, the good ones win out. So over time, a SaaS solution begins to represents a consolidated set of best practices.
Security of Mobile Communications
This innovative text provides comprehensive coverage of the complex security issues that face the mobile communications industry. Discussions include hacking and infecting with viruses; techniques used to provide access control, authentication, and authorization; the security of SIM-like cards; standards implemented by the GSM, third generation, WLAN, and ad-hoc networks; the security of wireless sensor networks, satellite services, mobile e-services, and inter-system roaming and interconnecting systems; and the applications using IP mobility. Mobile communications scientists, students, engineers, and telecom service providers, will find this to be an invaluable resource.
Predicting the ROI of Change
Process Simulation Modeling (PSIM) can provide real business value to organizations that are trying to change processes. When companies use the appropriate software simulation, designed for their industry to evaluate process performance, these organizations can improve their operations and achieve higher levels of process maturity with the integration of CMMI. Discover how Process Simulation Modeling (PSIM) can help you zero-in on the changes that will deliver a positive ROI.
Managing the IT Procurement Process
This chapter from IS Management Handbook, Eighth Edition presents a model of the IT procurement process that was developed by the SIM Working Group to provide a framework for studying IT procurement.
Why Tomorrow Is Too Late to Think about Business Continuity
Business owners and executives juggle a number of projects each day that draw on their time and resources. As a result, they tend to defer business continuity into the "solve tomorrow" column until right before (or right after) an incident. This is a critical, sometimes disastrous mistake. Like all business-essential IT programs, designing and implementing a functional continuity plan is a multi-month process. The link between business continuity and disaster survivability is significant. If you are inclined to agree, you can get started today by following steps in this article.
Optimizing Exchange and Active Directory Backup and Recovery
To optimize backup and recovery of Exchange and Active Directory environments, organizations can leverage a growing number of advanced tools that overcome the challenges of traditional approaches. As this article explains, these new tools give businesses a more simplified and streamlined process that reduces their backup windows, provides continuous protection and delivers efficient granular recovery of the critical business information.
Introduction to Web Application Firewalls
This article pushes the concept of Web application firewalls to "protect the information processed by web applications from web-based attacks," presents some typical information security requirement scenarios, and analyzes available technology control options for securing the information.
How to Develop and Implement a Security Master Plan
This articles discusses the reasons for developing a security master plan and outlines the thought processes and initial steps required.
Employer Preparation for a Pandemic
To most public health authorities, including the Centers for Disease Control (CDC), the question is not if there will be a pandemic, but when it will occur. A pandemic is a global outbreak of a disease. Employers need to validate that they have performed their due diligence in developing plans to cope with a pandemic. Employee welfare should be upper most in the mind of employers and contingency plans should reflect a variety of options depending on the severity of the pandemic’s effects on employees and on the employer’s supply chain.
Pandemic Influenza: Emergency Planning and Community Preparedness
This book outlines the containment and response capabilities needed to effectively plan and prepare for a wide-spread outbreak. Addressing clinical factors and public health challenges, the authors examine critical issues such as the types of influenza and related health implications, outbreak prevention and mass prophylactic measures, medical supply and fatality management, response actions for various emergency service disciplines, and the potential economic effects of a pandemic outbreak. Mirroring the goals of the U.S. National Strategy for Pandemic Influenza, the text underscores the importance of expanding the health care system’s capacity to provide adequate triage and medical care.
Malware Writers Jump on Swine Flu Bandwagon
Symantec Security Response has observed malware writers joining spammers in leveraging the Swine Flu to reach unsuspecting computer users. While samples are extremely limited, this appears to be yet another attempt by hackers to leverage current events as lures to distribute their malware.
Dealing with High Availability/Disaster Recovery Issues in Multi-tier, Heterogeneous Environments
According to research conducted by Symantec in 2008, virtualization is the major factor causing 55 percent of organizations to reevaluate their disaster recovery plans. Complications with having different tools for physical and virtual environments include higher training costs, operating inefficiencies, greater software costs and workforces that work in silos. This article discusses how to keep lines of communication open, develop an accurate high-availability disaster recovery solution and the importance of implementing a tool that allows organizations to manage virtualized environments alongside physical environments.
Insider Threats Remain Low Priority
Despite recent headlines announcing major corporate data breaches, concerns about insider security threats remain a low priority for enterprise organizations. According to a survey of IT industry professionals conducted by Lieberman Software Corporation, insider security threats and corporate data breaches are lesser security concerns than more traditional security risks, such as viruses, Trojans and worms.
Information Security Fundamentals
The purpose of information protection is to protect an organization's valuable resources, such as information, hardware, and software. Through the selection and application of appropriate safeguards, security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets. This chapter from Information Security Fundamentals by Tom Peltier examines the elements of computer security, employee roles and responsibilities, and common threats. It also examines the need for management controls, policies and procedures, and risk analysis. Finally, it presents a comprehensive list of tasks, responsibilities, and objectives that make up a typical information protection program.
Understanding Information Security Management Systems
Recent high profile information security breaches and the value of information are highlighting the ever increasing need for organizations to protect their information. An Information Security Management System (ISMS) is a systematic approach to managing sensitive company information so that it remains secure. It encompasses people, processes and IT systems. This article will help you understand an Information Security Management System.
ITIL and Security Management Overview
This article focuses on how information security management works within the Information Technology Infrastructure Library (ITIL).
