Mostly Security Snippets from Tom Olzak
Just trying to make it through the morass of information security issues slamming the Net every day. Helping others to do the same.
Is Comcast Pulling Wool
Reports of data breaches aren’t uncommon. And explanations are typically slow in coming, but most large organizations fall on the proverbial sword and admit their security controls played a role in…
PCI DSS Compliance Made Easier, but Upside Down
Most companies required to jump on the PCI DSS wagon are SMBs. So implementing security controls to protect cardholder information is not an easy task. And the difficulties begin when business owners…
Maybe we should use the threat of space aliens next
Now security researchers and vendors are using the threat of cyber-warfare to push vulnerability mitigation. Maybe we should try space aliens next.
Risk Mitigation Drives Breach Prevention Costs
Remember the objective of breach risk mitigation is to increase the effort necessary to successfully breach a network, system, etc. beyond the value gained by a successful attack. Most…
New Centralized Storage for SMBs
Keeping all your sensitive information in a centralized location helps with security. However, SMBs with large storage needs (or home users with way too much audio-video gear) may find the new D-Link…
The DoS Still Does Not Get It
The DoD not only doesn’t protect national defense secrets like they’re, well, national defense secrets. It simply doesn’t follow basic security practices.
Penetration tools continue to improve, how about your defenses?
Developers of tools used to penetrate networks seem to have unlimited resources to draw upon as they continue to improve ways to crack through your network and device defenses. Your defense should…
Juniper is set to launch software to allows security products from competing vendors to share and analyse log information in order to determine the root cause of network problems and fix them.
Called Adaptive Threat Management, the data-sharing software includes upgrades to its SSL VPN and Unified Access Control devices that enable them to publish log information to a UAC server that shares the data with other platforms.
” - Juniper offers multi-vendor threat management, Tim Greene, Network World, 9 March 2009Cyber profiling benefits and pitfalls
Cyber profiling provides deeper insights into a prospective candidate character. It can also send the wrong message.
Vet employees, vet employees, vet employees
Placing new employees in positions of trust requires establishing how far new people can actually be trusted. This seems like common sense, but a recent incident demonstrates just how little some…
