Showing Blog Posts: 161–170 of 204 tagged Cybersecurity

  • PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance

    by Ben Rothke on October 2, 2010

    This review of PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance originally appeared in the October 2010 issue of Security Management magazine. Six years ago, the Payment Card Industry Security Standards Council created the Payment Card Industry Data Security Standard (PCI DSS, or PCI for short) in an effort to have card data better protected by card…

  • Government Proposes Encryption Backdoors

    by Stephen Wu on September 28, 2010

    The New York Times published a story yesterday saying that the Obama Administration will propose new legislation next year that would require communications service providers to create the capability to allow the government to seek the equivalent of a wiretap to view encrypted communications. Communications service providers that encrypt communications would need to have the capability to provide…

  • Preview - Hacking For Dummies - 3rd edition

    by Ben Rothke on September 8, 2010

    I just got a copy of the 3rd-edition of Hacking for Dummies by Kevin Beaver. I read the first edition about 6 years ago. That edition was great, with its clear, easy-to-read style that won't intimidate readers unfamiliar with abstruse security terms and concepts. This edition seems even better. This edition is broader, but like the original, it shows the reader all of the steps involved; from the…

  • The Executive MBA in Information Security

    by Ben Rothke on September 1, 2010

    In The Executive MBA in Information Security, author John Trinckes notes that according to Washington, D.C., think tank the Brookings Institution, an organization’s information and other intangible data assets account for more than 80 percent of its market value. Such a statistic unequivocally demonstrates the imperative of a strong enterprise information security program. With that in mind, …

  • CISSP Study Guide

    by Debbie Hartman on August 17, 2010

    The goal of every certification preparation book is to help the reader pass the exam, which is a noble goal. Evaluating the actually efficacy of a specific certification book is a challenge, if not an impossibility. As to the CISSP exam; a statistical approach would be to take two sample groups using two different CISSP prep guides, using the same study methods, and then judge the outcome. The…

  • Preview - Security Strategy: From Requirements to Reality

    by Debbie Hartman on July 30, 2010

    Just saw a blurb about a new book Security Strategy: From Requirements to Reality by Bill Stackpole and Eric Oksendahl. Here is the book description: Every business initiative begins with a set of goals and requirements followed by a strategy for meeting those goals. An information security program is no different. The majority of what is touted as security strategy is usually more in the realm of…

  • Supreme Court Weighs in On Privacy of Workplace Communications

    by Stephen Wu on June 24, 2010

    On June 17, 2010, the United States Supreme Court issued a ruling in the highly-anticipated case of City of Ontario, California v. Quon. The case concerned a City of Ontario police officer, Mr. Quon, who used a City-issued pager for sending explicit text messages, and whose communications the City discovered when it audited usage in a review of the cost of the pagers. The Court ruled that the City…

  • The Psychology of Safety

    by Ben Rothke on June 18, 2010

    Left Seat: The Psychology of Safety is a brilliant article from the June 2010 issue of Flying magazine by J. Mac McClellan. While the article is on aviation safety; the keys point, namely about predicting risk, is completely relevant for anyone in the information security field. THE GENERAL AVIATION safety record has changed very little in decades despite continuous efforts by regulators and the…

  • Is the oil industry due for a little cyber security attention?

    by Gib Sorebo on June 1, 2010

    The legal profession is often seen as having the rather dubious distinction of seeking to profit at the misfortunes of others or, more simply, of being ambulance chasers. As law graduate myself, I don’t dispute that many practicing lawyers get rather aggressive around accident sites. Nonetheless, much of the profession’s bad name derives instead from the highly valuable function they perform, …

  • New Jersey Law on Interception of Internet Communications

    by Stephen Wu on May 27, 2010

    In October, New Jersey enacted cybercrime legislation signed by Governor Corzine authorizing the interception of wire or electronic communications of “computer trespassers.” A 3761 (2009). For a copy of the legislation, click here. Under A 3761, persons acting “under color of law” are authorized to “to intercept the wire or electronic communications of a suspected computer trespasser transmitted…

This document was retrieved from on Tue, 28 Jul 2015 13:43:21 -0400.
© 2015 EMC Corporation. All rights reserved.