INFORMATION

Site Map - Cybersecurity

Financial Services Firms Under Siege

- The malicious side of social networking, financial firms under siege, and a new roadmap for security convergence.

Antisocial Networking Sites

- The malicious side of social networking, financial firms under siege, and a new roadmap for security convergence.

Quick Bytes: Text on Net annoyances

- Need to know everything there is to know about Web-based dangers and annoyances? Looking for a one-stop shop for the tips and tools that will prevent spam from hitting your computer or spyware from taking it over? Point your browser to a free online text by Dan Sullivan called The Definitive Guide to Controlling Malware, Spyware, Phishing, and Spam.

Security Convergence Roadmap Released

- The Open Security Exchange (OSE), a nonprofit association working with multiple industries to facilitate the convergence of physical and IT security, has created a roadmap that will help companies achieve the convergence of these functions; it is scheduled to be revealed this month.

Making Data Breaches Public

- When sensitive consumer information is stolen, the risk of identity theft rises. Many states have notification legislation; but, writes Michael Turner of the Information Policy Institute, federal rules are needed to prevent “patchwork responses.” Turner, in Towards a Rational Personal Data Breach Notification Regime, explains that a legislative solution is necessary because “market forces may undersupply notification,” since companies may not wish to notify consumers of a breach if the cost of doing so exceeds the expected damage to the company.

Antisocial Networking Sites

- The next time you visit a Web site on which users contribute much of the content—say, social networking sites like Myspace or photo-sharing sites like Flickr—be aware that some of the content other users are contributing may be malicious.

New in Plaintext

- Nancy Flynn, in her new book Blog Rules: A Business Guide to Managing Policy, Public Relations, and Legal Issues, doesn’t waste time in getting to the statistics.

Numbers

- 6 Percentage of organizations able to provide new employees access to all required applications and systems on their first day of work, highlighting the inefficiency of identity access and management practices, according to a study conducted by Computer Associates.

Quick Bytes: Encrypting data at rest

- Pressure to comply with regulatory efforts such as Sarbanes-Oxley and Gramm-Leach-Bliley is the key driver of enterprisewide encryption efforts, according to security professionals at 112 financial services companies surveyed by InfoTech, yet just over half of those surveyed said that encryption of data at rest is “a high priority for their organizations.” Less than a third said they think their firms are doing “an adequate job of encrypting data at rest.” Fifty-seven percent plan new encryption efforts in the near future. @ More results from Enterprise Encryption in the Financial Services Sector are available at SM Online.

Following Standard is Not Standard Practice

- Only one in five of the top 200 merchants is in compliance with the Payment Card Industry (PCI) data security standard more than a year after the standard went into effect to improve security among merchants and credit card processors.

A Plan for Sharing

-

Laptop Lessons Learned?

- Who’s responsible for restoring the Web after disruption? Also, advice on laptop security, a book on corporate blogs, and slow compliance with the PCI data security standard.

Who Owns the Net?

- Who’s responsible for restoring the Web after disruption? Also, advice on laptop security, a book on corporate blogs, and slow compliance with the PCI data security standard.
 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.