Security in 2010

Trust No One: Info Security’s Biggest Weakness

I came across an intriguing article in a 2009 issue of Fortune...

Policies for the sake of policies

Security policies are those "talk is cheap" enablers of compliance and risk management. The problem is they're often poorly written, disjointed, inaccurate and so on - often creating the very risks they're supposed to mitigate. Everyone treats policies differently, so your needs and mileage will...

Would you like some snake oil with that network assessment?

There are many IT services firms - including some run...

Is a new Obama mandate putting IT security at risk?

We're not here to discuss politics, but one of the big stories today is the Obama administration's development of...

Security, huh! What is it good for?

Not too long ago an ad for a mortgage company on my local radio station said something that caught my ear. The owner of...

ISSA International Conference Recap: More of the same

The 2010

Stop fearing your smartphone: Mobile encryption & your security policy

4 things you can do right now to find out if your business is at risk

A lot of executives and business owners - especially in smaller organizations - haven't a clue about where things stand with information security and compliance. But that doesn't mean they don't have the fiduciary responsibility to do so. Well, here are four things that can be done right now, over...