The UltraTech Zone

Integrating Life, Technology and Business with Andrew S. Baker...
Welcome to The UltraTech Zone Sign in | Join | Help
in
Home My Blog Forums Photos Resume Reading List External News Knowledgebase Consulting Mailing Lists Other Links

Browse by Tags

All Tags » Security   (RSS)
Showing page 2 of 5 (65 total posts)
  • Why Businesses Standardize on Technology

    I experienced a wide range of emotions as I read this allegedly tech savvy article in the Wall Street Journal, written by someone who is deemed a journalist for reasons which clearly have no basis in reality.  Mostly, I was surprised, because this is not the caliber of information that I expect from a publication such as the Wall Street ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on November 23, 2009
  • Searching for Return on Security Investments

    There are several major challenges to the successful implementation of good information security in many organizations today.  It is not because business owners do not think that security is important.  No, the issues exist because they do not grasp the complexities that embody the Information Security profession, and thus make decisions ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on October 30, 2009
  • Is Security by way of Diversity Still Effective?

    It has long been accepted that Information Security should be implemented in layers: Defense in Depth. The idea being that you should add overlapping protection mechanisms to either stop or slow down an intruder.  To use a simple analogy, if you store valuables in your home, you’re not just going to have a safe to keep them in, but you will ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on September 30, 2009
  • We Have Found the Enemy -- and It Is Us

    I just finished reading a provocative Computer World article about the PCI compliance process, entitled “Will the Real Enemy of Security Please Stand Up?”, and it highlights a common misconception about the role of auditing and auditors in the compliance process. The article is a follow-up to an interview with the CEO of Heartland Payment Systems ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on August 14, 2009
  • Another Zero-Day Vulnerability for IE

    Well, it’s been a while since we’ve had an active zero-day in Internet Explorer, but according to Microsoft Security Advisory 972890, that’s what we’re looking at:  a vulnerability in DirectX that allows for unauthenticated, remote execution attacks via Internet Explorer.  In other words, drive-by attacks. This vulnerability impacts ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on July 7, 2009
  • Short Takes for April 2009

    It’s only the second of April, and already I’m dealing with chaos.   And not the kind I expected, either. We’ve all been waiting for Conflicker to do something this month, but so far, nothing has occurred.  This is not a bad thing, mind you, as long as we realize that we need to be equally vigilant about all subsequent ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on April 2, 2009
  • We’re Back In The Worm Zone

    The Conficker worm continues to make headlines, not only because it has been so elusive over the past 5 or so months, but because it is configured to do something special on April 1, 2009.  For a disturbingly large number of individuals and organizations, it could prove to be a not-so-happy day. You can read up on the anticipated April 1 ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on March 30, 2009
  • The Compliance Trap

    The more things change, the more they remain the same. Almost exactly two years ago, I posted an article about the general organizational obsession with regulatory (or industry) compliance, at the expense of proper information security.  Just today, I read an article on the CIOzone that asks: Does PCI Compliance Work? The point being made ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on March 12, 2009
  • Yes, Security Is Still Important in 2009

    Quite frankly, it’s even more important than it has been in the past.   This morning, I was reading some articles on information security, including news about the Conficker worm.  You know, we haven’t had a really good worm in 3 or 4 years, so it seems that people have forgotten about how dangerous those things can be, and how ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on February 13, 2009
  • Managing Information Security in 2009

    Since the middle of 2008, we have seen an increase in the types and complexity of information security attacks that organizations have been facing. The widespread worms of 2004 and 2005 gave way to the targeted attacks of 2006 and early 2007.  Things quieted down in the latter portion of 2007, as the security industry was able to clamp down ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on January 2, 2009
  • Vendor Patch Management Support

    ComputerWorld has a very interesting article this week that talks about how immature Oracle's patch management program for customers is, compare to Microsoft's. As the following quote indicates, there are things that vendors should be doing to provide their Enterprise and SMB customers with the necessary tools and information to keep their ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on March 14, 2008
  • Timely Breach Disclosure

    Yes, we know that information security in an interconnected world is not trivial.  We accept that configuration errors or malicious insiders or new, complex threats might conspire to provide opportunities for a breach.  But who says that it is acceptable that notification and disclosure of a breach be done months or years after the ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on September 26, 2007
  • The Price of Poor Security?

    Given the recent spate of breach announcements from companies like Monster.com and TradeFreedom Securities Inc., I've been thinking about how poor security is going to impact organizations and consumers over the next few years. Even though there have been an increasing number of attacks over the past 18-24 months, and even though the ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on August 30, 2007
  • Needless Vendor Bashing -- by Vendors

    In today's story of immense irony, we find a vendor taking time to bash another vendor for a security flaw, only to have diligent 3rd parties point out that the flaw exists for the bashing vendor as well. What a waste of time.  If folks would focus more on the issues they need to address, and less on showmanship and one-up-manship, they ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on July 24, 2007
  • Don't Drop the Ball on Security

    On a number of fronts, April 2007 is turning out to be a very interesting month for me.  For this particular post, we'll just touch on Information Security again. A recent report from MessageLabs indicates very clearly that targeted security attacks are on the rise, and that email is still a common threat vector.  This morning, I ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on April 18, 2007
Powered by Community Server (Personal Edition), by Telligent Systems