JOURNAL ARTICLE - Does risk management make sense? Experts Bruce Schneier and Marcus Ranum debate whether risk management is an appropriate strategic direction for information security professionals to follow.
Posted: October 14, 2008 | Published: October 1, 2008


Topics:  Business Processes | Information Management | Information Security | Risk Management | Security Best Practices | Security Managers | Strategic Planning

JOURNAL ARTICLE - Read what security people have to say. They want to be heard. They want to talk to the CIO, whisper in the CFO's ear, croon to the board, and scream at users. Problem is: an appropriate forum isn't always available. This article makes one available.
Posted: October 14, 2008 | Published: October 1, 2008


Topics:  Business Process Management | Enterprise Resource Management | Information Security | Risk Assessment | Security Best Practices | Security Industry | Security Managers

JOURNAL ARTICLE - Read personal essays from the 2008 Security 7 Award winners to learn more about history, convergence, information sharing, relationship management and developing strategic plans.
Posted: October 14, 2008 | Published: October 1, 2008


Topics:  Converged Networks | CRM | Project Management | Regulatory Compliance | Security | Security Industry | Strategic Planning

JOURNAL ARTICLE - Chris Nickerson is your worst nightmare. He's the guy you never see coming, the one who can slip into your data center, install malware on any server he chooses and ease out without so much as a shadow on your security cameras.
Posted: October 14, 2008 | Published: October 1, 2008


Topics:  Data Centers | Industrial Espionage | Malware | Outsourcing | Security Best Practices | Security Management | Security Systems | Security Threats

JOURNAL ARTICLE - Unravel the ins and outs of how your organization should deploy encryption.
Posted: October 14, 2008 | Published: October 1, 2008


Topics:  Data Encryption | Encryption Standards | Information Security | Security Best Practices | Security Infrastructure | Security Management | Storage Security

JOURNAL ARTICLE - Like his counterparts at many universities, Bill Jiminez, systems architect at the University of the Pacific, has to balance security with the desire of faculty and students for openness.
Posted: September 15, 2008 | Published: September 1, 2008


Topics:  Security Best Practices | Security Managers | Security Policies

JOURNAL ARTICLE - A little more than a year ago, I wrote a Perspectives column about the role of ethics in information security certifications offered by ISACA, GIAC, (ISC)2 and ASIS.
Posted: September 15, 2008 | Published: September 1, 2008


Topics:  Security

JOURNAL ARTICLE - I've forgotten passwords before, but recently I actually forgot an account. I have a password scribbled on a note, and I have no idea what account name or system it's for.
Posted: September 15, 2008 | Published: September 1, 2008


Topics:  Password Synchronization | Passwords

JOURNAL ARTICLE - In this month's Viewpoint:<br> Bug Finding: Ethical and Necessary, plus Upfront Data Protection
Posted: September 15, 2008 | Published: September 1, 2008


Topics:  Credit Cards | Data Security | Data Stewardship | Error Handling

JOURNAL ARTICLE - While governance, risk and compliance tools over-promise, organizations need to streamline and break away from their siloed approaches.
Posted: September 11, 2008 | Published: September 1, 2008


Topics:  Compliance (Systems Operations) | Compliance Best Practices | Security Best Practices | Security Policies | Security Standards

JOURNAL ARTICLE - Three organizations reveal how they use a combination of frameworks such as COBIT or ISO 27001 along with GRC tools to satisfy overlapping industry and federal regulatory demands.
Posted: September 11, 2008 | Published: September 1, 2008


Topics:  CobiT | Security Best Practices | Security Management

JOURNAL ARTICLE - The security features in SQL Server 2008 are well thought out and properly implemented, by far the most significant change over its predecessors is its granular data security features: encryption, key management and meta data security enhancements.
Posted: September 11, 2008 | Published: September 1, 2008


Topics:  Database Management | Database Performance Management | Database Performance Management Software | Database Security | Database Server Software | Metadata | Secure Content Management Software | SQL | SQL Server

JOURNAL ARTICLE - This paper explains 4 organizations sharing the challenges and rewards of NAC implementations.
Posted: September 11, 2008 | Published: September 1, 2008


Topics:  Access Control | Network Security | Security Policies

WEBCAST - This webcast looks at five common pitfalls, drawn from lessons learned by four organizations that have deployed NAC.
Posted: September 9, 2008 | Premiered: September 24, 2008


Topics:  Access Control Software | Cost Benefit Analysis | IT Managers | Network Management | Network Operating Systems | Security

JOURNAL ARTICLE - Feature-rich suites are putting a face on integration and interoperability.
Posted: September 4, 2008 | Published: May 1, 2008


Topics:  Compliance Best Practices | Identity Management