Online degree in Information Security courses

Submitted by Rajitha on Tue, 04/02/2013 - 10:57

The field of Information Security is the study of countermeasures to the threat of information infrastructure failure to ensure the security of electronic information. It embraces a range of technologies such as cryptography, computer security, and fraud detection, and also includes the study of how security can best be managed. There are a number of courses offered online in the field of Information Security.

Bookmark/Search this post with

Enterprise Information Security

Submitted by Binoy on Thu, 03/21/2013 - 09:42

Enterprise Information Security is receiving a lot of attention these days. Especially with the wide reach of media and Internet, Enterprise Information Security Incidents get maximum coverage in no time.

Enterprises and government entities are under continuous attack and many of them have no clue on how to take this forward. These attacks range from website defacement to financial fraud to Internet worms and viruses. Exploitability of the common software programs such as Java run time, Internet browsers and adobe reader etc… are increasing in an alarming way.

Bookmark/Search this post with

PCI DSS & Network Devices

Submitted by Jobbin on Mon, 01/14/2013 - 11:54

PCI DSS requirements say many things about network security to make the card holder data safe and protected when it is stored, transmitted & processed. How we can achieve the maximum level of security through network devices? PCI DSS requirement talk about installation and maintenance of infrastructure devices like firewalls, IPS, routers, switches, etc. How we are going to make them secure?

Bookmark/Search this post with

Advanced Persistent Threats - Detection

Submitted by Binoy on Mon, 11/05/2012 - 00:15

When an attacker targets someone or some organization (target) to obtain or change information using ways that are difficult to detect and exploit. Attackers use advanced mechanisms to perform he same and their persistence gives the name Advanced Persistent Threat. The techniques used by the attackers is the key in these types of attacks and many times use custom exploits designed to infiltrate a targeted network without detection and remain undetected for extended periods.

Bookmark/Search this post with

List of Disk wipe software

Submitted by Binoy on Fri, 09/28/2012 - 13:47

People and organizations dispose of their computers including the Hard drives when no more needed or considering that they are obsolete. The media such as hard drives, USB etc when disposed of may contain confidential information vital to you or your organization. Deleting files or formatting the drive may not help you in permanently deleting information from you drives. For this purpose, you need to perform secure deleting of your files or drive.There are other mechanisms for secure disposal of media such as degaussing, pulverising, shredding etc...

Bookmark/Search this post with

Malware attack at Saudi Aramco

Submitted by Binoy on Thu, 08/16/2012 - 22:05

In the recent past, Middle Eastern companies are becoming a frequent target of attackers. Malware attack at the Saudi Aramco oil company is the latest in these series. News sources confirms that a malware infection at Saudi Aramco user workstations; however, the core production network is said to be not affected with this attack.

Bookmark/Search this post with

Profiling a Vendor of Visa/Mastercard Plastics and Holograms

Submitted by Binoy on Thu, 08/16/2012 - 08:29

The cardholder data breach is not a new thing. It is been a nightmare for every CIO in the world. Dancho Danchev's blog has an interesting article on how these compromised cardholder data is turned into a physical card. He is profiling a rougue plastic card vendor. His findings are listed below, specifically the cost part.

 

Bookmark/Search this post with

Cloud Computing = Low cost? Check again.

Submitted by Binoy on Wed, 08/15/2012 - 23:15

It is been considered that the cloud computing solutions reduces the cost of computing resources as far as organization is concerned. However, a recent white paper from ISACA indicates that the true cost of cloud computing may be higher than earlier thought values. In the white paper titled “Calculating Cloud ROI : From the Customer Perspective” ISACA provides a detailed framework on how the cost of cloud computing operations shall be assessed for a better understanding towards calculating the ROI of cloud computing

Bookmark/Search this post with

Critical Infrastructure system security in India

Submitted by Binoy on Wed, 08/15/2012 - 22:41

The recent power outage in the northern parts of India was part of a grid failure. However, it could have been a result of security failure as well. The security of these installations is considerably weak and such an attack would be hitting a much larger number of people across the country.

It is high time for India to build the cyber security framework for the protection of its critical systems. it is understood that such a move is happening under the leadership of the National Security Advisor, Mr. Shivshankar Menon.

Bookmark/Search this post with

Cloud Computing and Enterprise risk management

Submitted by Binoy on Wed, 08/15/2012 - 00:24

The number of organizations adopting clouding computing increases day by day. The COSO has published a thought paper on Enterprise Risk Management for Cloud Computing. In this paper, it provide guidelines on using the COSO Enterprise Risk Management – Integrated Framework for performing the assessment of risks from the colud computing solutions.

Bookmark/Search this post with

Pages