http://www.infosectoday.com Information Security Today (www.infosectoday.com) provides essential information for managing the security of a modern, evolving enterprise. It is written for information security managers and other technical managers and staff who are the first-line support responsible for the daily, efficient operation of security policies, procedures, standards, and practices. It covers access control systems and methodologies; computer operations security; application and systems development; business continuity and disaster recovery planning; telecommunications and network security; security architecture and models; physical security; cryptography; security management practices; law, investigations, and ethics. en-us Mon, 01 Feb 2010 09:17:45 EST An alert management platform empowers companies to target actionable information from IT applications and systems automatically to the employee who can resolve the issue--escalating as necessary. Effective alert management provides the tools to access internal systems and address events from a mobile workbench as well as resolve issues from any web-enabled mobile device. Process acceleration and service improvements can help resolve incidents an average of 40 percent faster, saving up to millions of dollars annually. There are five ways that implementing alert management can immediately increase operational effectiveness across the enterprise--including process and efficiency improvements in incident, service, and change management--while significantly reducing costs. http://www.ittoday.info/Articles/Alert_Management.htm rich.ohanley@taylorandfrancis.com Mon, 01 Feb 2010 09:17:45 EST One problem with the implementation of SOX is that it tends to set a standard for compliance that may be inadequate. Meeting SOX standards--i.e., passing 404--does not imply that a firm or an IT department has the processes in place required to manage its business. Nor does it mean that an optimal level of control exists anymore than having a pulse signifies good health. SOX compliance is the minimum standard, not an optimum standard. Regardless of the current maturity level of your firm, you will need to demonstrate SOX compliance efficiently and honestly. This article describes the typical steps required to pass section 404. http://www.ittoday.info/Articles/Ten_Steps_to_SOX_Compliance.htm rich.ohanley@taylorandfrancis.com Mon, 25 Jan 2010 15:36:45 EST Vulnerability management (VM) is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. This is a broad definition that has implications for corporate or government entities. It is not a new discipline, nor is it a new technology. This vital function has been a normal part of hardening defenses and identifying weaknesses to systems, processes, and strategies in the military and in the private sector. With growing complexity in organizations, it has become necessary to draw out this function as a unique practice complete with supporting tools. Listen as Park Foreman discusses how to get started. http://www.infosectoday.com/Podcasts/Vulnerability_Management.mp3 rich.ohanley@taylorandfrancis.com Mon, 18 Jan 2010 08:30:45 EST According to the Symantec Report on Rogue Security Software, 43 million users fell victim to rogue security software scams between June 2008 and June 2009. During this period, Symantec observed 250 distinct security software programs that were marketed and advertised as legitimate but that were, in fact, rogue security applications. Users either installed this software manually, believing it to be legitimate, or the software automatically installed when the user visited a malicious website. Here are tips for your users who want to avoid becoming the next victim of a rogue security software scam must be able to identify such threats and know how to mitigate their risk. http://www.infosectoday.com/Articles/Rogue_Security_Software.htm rich.ohanley@taylorandfrancis.com Mon, 18 Jan 2010 08:30:45 EST Meeting the need for an authoritative and practical classroom resource, Information Security Management: Concepts and Practice provides a general overview of security auditing before examining the various elements of the information security life cycle. It explains the ISO 17799 standard and walks readers through the steps for conducting a nominal security audit that conforms to the standard. The text also provides detailed guidance for conducting an in-depth technical security audit leading to certification against the 27001 standard. Topics addressed include cyber security, security risk assessments, privacy rights, HIPAA, SOX, intrusion detection systems, security testing activities, cyber terrorism, and vulnerability assessments. http://www.crcpress.com/product/isbn/9781420078541 rich.ohanley@taylorandfrancis.com Mon, 18 Jan 2010 08:30:45 EST IT departments willing to look beyond the surface and the obvious can often eliminate apparent tradeoffs without having to choose one side or the other. When faced with a situation that appears to force a tradeoff, try to examine the problem from a different angle. Taking this fresh-thinking perspective can stretch the IT budget to achieve goals that you might otherwise forgo in an environment of severe financial constraints. http://www.ittoday.info/Articles/Stretch_IT_Budget.htm rich.ohanley@taylorandfrancis.com Mon, 11 Jan 2010 08:30:45 EST This excerpt from Intelligent Network Video: Understanding Modern Video Surveillance Systems by Fredrik Nilsson and Axis Communications outlines the evolution of video surveillance systems. It explains different system configurations, from fully analog to fully digital, along with the benefits of each configuration. The systems described in Sections 2 and 3 constitute partly "digital" video systems. Only the systems described in Sections 4 and 5 are true network video systems in which video streams are continuously being transported over an IP network, providing full scalability and flexibility. http://www.infosectoday.com/Articles/Video_Surveillance_Systems.htm rich.ohanley@taylorandfrancis.com Wed, 06 Jan 2010 15:42:45 EST