The UltraTech Zone

Integrating Life, Technology and Business with Andrew S. Baker...
Welcome to The UltraTech Zone Sign in | Join | Help
in
Home My Blog Forums Photos Resume Reading List External News Knowledgebase Consulting Mailing Lists Other Links

Browse by Tags

All Tags » Business » Vulnerabilities   (RSS)
  • To Disclose or not to Disclose

    …that is the question. Every time a software vendor experiences a vulnerability or releases patches for a serious security issue, the debate about Full Disclosure or Responsible Disclosure gains a little more steam. Just how much information should a vendor disclose about the nature of the vulnerability that it has identified, and how that ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on June 9, 2011
  • Just ask Sony…

    Why should you take your organization’s information security posture seriously? Just ask Sony.  It has been estimated that Sony will spend more than $170 million dollars due to the recent breaches they have suffered.  Personally, I think that the $170M figure is too conservative.  I expect it to get much closer to $300M than ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on May 31, 2011
  • Reactive Security: Feel the pain in 2011+

    We are only one third of the way into 2011, but we have had some of the largest information security breaches of the decade – and the trend does not appear to be slowing down. Here are just a few of the biggest reports for the year: http://www.eweek.com/c/a/Security/RSA-SecurID-Breach-Shows-Why-Everybody-Must-Stay-Vigilant-595858/ ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on April 29, 2011
  • Maintaining Good Security Practices

    Security is not just a state of being. We are often called to provide an assessment about our present security posture, and usually, the person asking the question is doing so within a very narrow context – one that the may or may not have shared with you. Answering such a question is difficult at best. Imagine walking up to your doctor and ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on March 31, 2011
  • It’s Time to Re-evaluate Host-based Security

    I’ve said it for a few years now, but host-based antivirus is really not working out anymore.  Not with its reliance on signatures to detect malware. Recently, several prominent antivirus vendors have experienced problems with faulty virus definitions:  Faulty McAfee update burns IT execs BitDefender update breaks 64-bit Windows ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on May 10, 2010
  • The InfoSec Perspective for April 2010

    It has been a busy month or so for information security.  Apple has patched a vulnerability that was showcased in a recent hacking contest, Microsoft has released a major set of fixes in its most recently Patch Tuesday, and and Oracle (which now owns Sun) has not yet committed to patching a Java vulnerability on Windows that has been ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on April 15, 2010
  • Searching for Return on Security Investments

    There are several major challenges to the successful implementation of good information security in many organizations today.  It is not because business owners do not think that security is important.  No, the issues exist because they do not grasp the complexities that embody the Information Security profession, and thus make decisions ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on October 30, 2009
  • Yes, Security Is Still Important in 2009

    Quite frankly, it’s even more important than it has been in the past.   This morning, I was reading some articles on information security, including news about the Conficker worm.  You know, we haven’t had a really good worm in 3 or 4 years, so it seems that people have forgotten about how dangerous those things can be, and how ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on February 13, 2009
  • Managing Information Security in 2009

    Since the middle of 2008, we have seen an increase in the types and complexity of information security attacks that organizations have been facing. The widespread worms of 2004 and 2005 gave way to the targeted attacks of 2006 and early 2007.  Things quieted down in the latter portion of 2007, as the security industry was able to clamp down ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on January 2, 2009
  • March Patch Madness

    This has been a fun month with all the Daylight Saving Time patching from a myriad of vendors.  (I wonder if anyone has done a study to see how much energy we burned preparing to save three more weeks of daylight?) Although Microsoft is the favorite whipping boy in these situations, they weren't the only vendor that was slow to provide solid ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on March 14, 2007
Powered by Community Server (Personal Edition), by Telligent Systems