|
|
| Title |
Contributor |
Date |
Description |
Rating |
|
PCI DSS made easy |
GFI Software Ltd |
13/06/07 |
This white paper, contributed by GFI, examines the requirements to adhere to the Payment Card Industry Data Security Standard (PCI DSS), the implications of non-compliance and how effective event log management and network vulnerability management can help achieve compliance. |
1 |
|
10 Communications Tips For Security Managers |
Steve Purser |
07/12/05 |
Steve Purser writes this must-read paper for anyone managing Information Security. |
8 |
|
Intelligent Security, IPDM, the Winning Formula |
Webb Wang |
11/08/04 |
This submission is relative to Enterprise Network Security. It discusses the winning formula and the requirements of an appropriate security infrastructure to protect critical assets.
|
1 |
|
Information Systems Misuse - Threats & Countermeasures |
Vijay Gawde |
08/07/04 |
Misuse of Information Systems by employees poses serious problems to organizations including loss of productivity, loss of revenue, legal liabilities etc. This paper discusses some of the issues related to Information System misuse, resulting threats and countermeasures. |
10 |
|
Secure Development Framework |
Glyn Geoghegan |
11/06/04 |
Secure development is the process of producing reliable, stable, bug and vulnerability free software. The author describes an efficient development framework, its benefits and implementation. |
3 |
|
The need for Security Testing |
Charles W. Fullerton |
09/06/04 |
Will help C-level executives understand what Security Testing is and how the Open Source Security Testing Methodology Manual (OSSTMM) can help raise the level of security within their organization. |
7 |
|
IT Security Event Management |
Yahya Mehdizadeh |
03/06/04 |
IT Security Event Manager (IT SEM) provides an enterprise-wide security monitoring and administration solution that collects and analyzes data on events and provides a suitable response to threats on enterprise assets. This paper looks at the SEM system architecture and features. |
7 |
|
Risk Assessment On IT Infrastructure |
P L Pradhan |
07/05/04 |
A follow up to “Risk Management on IS”, this takes a detailed look at developing and implementing a risk management & assessment method to safeguard and protect Information System assets of an organization. |
7 |
|
Proposing the role of Governance Director |
Gary Hinson |
05/05/04 |
Says Gary Hinson: 'In the context of corporate governance, I propose the role of Governance Director at executive Board level to act as a senior focal point for issues relating to management control, risk management and ethics. Through this paper explaining the rationale for my position, I intend to stimulate further discussion and development of the concept.' |
8 |
|
Evaluation, Metrics and Measurement for Security Awareness |
Melissa Guenther |
24/04/04 |
Gives insight into developing Security Awareness programs and on evaluating their effectiveness. |
8 |
|
Risk Management on IS |
P L Pradhan |
16/04/04 |
Outlines how risk assessment is performed through identifying assets, identifying threats and calculating risks. |
7 |
|
Information Security & Negligence - Targeting the C-Class |
Carter Schoenberg (ISS Atlanta) |
18/03/04 |
Numerous recommendations since September 11, 2001 have been published on the evils of negligence relative to protecting one’s assets (cyber & physical)...how do you physically “prove” negligence versus the common
business practice of risk management? |
9 |
|
Business Case for an Information Security Awareness Program |
Gary Hinson |
09/12/03 |
Lays out the case for an innovative program designed to raise awareness of information security, create a strong security culture and cut net costs. |
10 |
|
Human Factors in Information Security |
Gary Hinson |
19/11/03 |
Managing the human side of information security just as carefully as the technical side; says Gary Hinson, technological controls alone simply cannot deliver sufficient information security in practice. |
5 |
|
Cyber 101: Why is Cyber Security Important Now? |
Kenneth Newman |
21/10/03 |
The wide spread use and dependency on the constantly changing technology also come with corporate complacency and increased sophisticated tools and attacks (which not necessarily require technical expertise). There are major risks companies face when their security have been breached, but there are preventive measures that can be implemented through risk management. Kenneth Newman presented these and more at the IMN’s 2003 Cyber Security Summit in NY. |
10 |
|
Reducing 'Human Factor' Mistakes |
Dancho Danchev |
08/08/03 |
On the topic of the human element of network security, this paper will try to summarize various mistakes of the system administrator, company executive and of course the end user. It will also attempt to provide useful strategies to help reduce such human errors. |
9 |
|
Presenting Security to Management and the Business |
Charles Hornat |
30/03/03 |
Presenting security to management is something all security managers must do. They must be prepared to overcome any and all obstacles and conceptions management may have. This paper covers several key notes that one must remember when presenting any security topic to management. |
7 |
|
|
