Skip to main content

Home/ WPPS C-Suite News/ Group items tagged Internal Threat

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
sandy ingram

THE INSIDE THREAT: Financial firms focus on internal threats, employee errors - 0 views

searchfinancialsecurity.techtarget.com/...9142,sid185_gci1347604,00.html

Security Internal Threat Human Error Employees

shared by sandy ingram on 12 Feb 09 - Cached
  • Mark Steinhoff, head of Deloitte's financial services security and privacy practices, said an organization's biggest mistake would be to let its guard down
  • "The number of breaches that are occurring are really at the hands of insiders and organizations are understanding that there is a real threat of malicious attacks and exposure of personal information by insiders," Steinhoff said.
    • sandy ingram
      sandy ingram on 12 Feb 09
       
      The failing economy may be driving the increased concern over insider threats
    • sandy ingram
      sandy ingram on 12 Feb 09
       
      "We are seeing the layoffs and other forms of downsizing. Frankly with limited budget and less than satisfied employees, it really raises the parameter on that threat."
    • sandy ingram
      sandy ingram on 12 Feb 09
       
      Human error is the leading cause of information systems failure, and is likely to be the main cause of security attacks in the near future, according to 86% of those surveyed
  • sandy ingram on 12 Feb 09
     
    Banks and financial firms are placing more emphasis on internal threats to cut the flow of data leakage as a result of employee mistakes or workers disgruntled with layoffs and downsizing during the economic crisis, according to a recent survey.
sandy ingram

CERT's Podcast Series - 0 views

www.cert.org/...20090120pethia.html

Cert podcast

shared by sandy ingram on 12 Feb 09 - Cached
sandy ingram liked it
  • sandy ingram on 12 Feb 09
     
    CERT'S PODCASTS: SECURITY FOR BUSINESS LEADERS: SHOW NOTES Tackling Tough Challenges: Insights from CERT's Director Rich Pethia Key Message: Rich Pethia reflects on CERT's 20-year history and discusses how he is positioning the program to tackle future IT and security challenges. Executive Summary CERT's vision is a securely connected world. CERT's mission is to enable informed trust and confidence in the use of information technology. To achieve this vision and mission, CERT has broadened its perspective to include the full system/software engineering and operations life cycle and is reaching out to thought leaders in the global IT and security community. In this podcast, Rich Pethia, director of the CERT Program at Carnegie Mellon University's Software Engineering Institute, discusses the past, current, and future state of Internet security and CERT's role in tackling future challenges as CERT celebrates its 20th anniversary. PART 1: LOOKING BACK, LOOKING FORWARD: THE GOOD, THE BAD, AND THE UGLY CERT's Vantage Point CERT's vision is a securely connected world, supported by CERT's mission of enabling informed trust and confidence in the use of information technology. As the director of CERT, Pethia has unique access to government, commercial, and industry leaders. The Good News Internet use continues to grow, not just in size (number of people, volume of traffic) but also in utility, for example: * the increasing amount of real government and business operations * the introduction of new applications * the growing use of new mobile appliances User awareness of the need to address security is increasing along with increasing attention from service providers (firewalls, virus protection, anti-spyware, data backup). Developers are paying more attention to building security into their products. Vendors have more mature processes for providing cost-effective, timely updates for software vulnerabilities. Users are more willing
sandy ingram

How long can CISO's avoid Cloud Computing? | CISO - 0 views

ciso.in/...567

security Privacy compliance Best Practice cloud computing workplace ipad tablets windows

shared by sandy ingram on 23 Feb 12 - No Cached
  • Network & Systems delivering the cloud service How does the authentication to access the network devices and operating system implemented? Does it use any two factor authentication? About the availability of the network and security infrastructure? does it implement load balancing or high availability solutions for the critical infrastructure components like firewalls, IPS, reverse proxies etc… Is the underlying cloud systems are secured? Do they have a baseline configuration implemented? How does the configuration managed? Does the cloud computing provider got a plan and/or policy to perform configuration management, patch management, anti-malware etc. Does the network undergoes periodic penetration testing? Does it undergo internal vulnerability assessment periodically? How is it ensuring that a compromised client with privileged access to the operating system is separated internally? Does it undergo periodic audits against standards like ISO27001, SAS70 etc? How is the customer data separated from one another? What are the security controls implemented to ensure this separation? What are the protection and response controls against the Denial of Service attacks?
  • Cloud Applications & Data Protection What are the security controls in the application development process? Does it include security code reviews of the code being developed or used? Is there a documented change and configuration management process? How does the application servers patched and what frequency? What are the mechanisms for managing the access control? How is the database protected from unauthorized access? How are they identifying the access reset requests are from the actual user. How do they create and delete/disable user accounts? what are the procedures for these activities. IS the data encrypted? If encrypted, how is the encryption keys are protected? What is key management process being followed? How is the data loss prevention ensured? Details of the DLP controls implemented? Is there a backup mechanism established? How is the data protected in the backups? Does the cloud service provider meets the regulatory requirements? For example, if the service is a ecommerce service then the cloud service could become part of the card holder environment and thus the PCI DSS regulation as there are potential card data being processed. Similarly, if the health information is processed, it can be HIPAA and similar other regulations. Is the cloud computing service provider meets the compliance requirements? Where is your data being hosted? Is it within your country or its jurisdiction? Is your organization comfortable with the legal system in the country where your data resides? How about cloud computing service provider who has a network of data centres across the globe and your data is scattered across these data centres? Can it limit the countries where the data is stored?
  • What are the conditions / scenarios where the data is revealed without the consent / approval of the organization? Does the application provide enough audit trials to review the incidents? Does it corporate with local legal system? Often the local law authorities require access to the processing computers, how is it support those requests?
  • ...1 more annotation...
  • Security Management What are the information security management policies and procedures implemented and documented? Are all employees required to undergo the security awareness training and acknowledge their acceptance to the policies and procedures at least annually? Is the cloud computing service provider has a dedicated information security professional? What are the network security capabilities established by the service provider? Are these personal technical qualified and certified? How is the insider threats within the cloud service provider being addressed? What is the background verification process being followed by the cloud service provider? Is there a privileged activity monitoring of systems and databases? How is the security incidents and violations are handled? Does it have a documented policy? How is the log integrity ensured? What are the mechanisms implemented to ensure that the logs cannot be altered and / or stopped. How long the logs are kept online and on the backup? What are the business continuity and disaster recovery capabilities of the cloud service provider? Many organization look at cloud as a BCM solution. Does the underlying cloud service provider is capable of delivering a BCM aware cloud service?
1 - 3 of 3
Showing 20 items per page