Ransomware is a type of malware that encrypts a victim's files. The attackers then demand a ransom from the victim to restore access to the files upon payment. Ransomware attacks are becoming increasingly common, with billions...
Last week New York Times revealed that former USA state secretary Hillary Clinton used a private email account instead of official email address for communications while serving the State department. It is reported that Clinton used...
Cloud Security Alliance Guidance on Security as a Service (SecaaS)
The CSA (Cloud Security Alliance) has issued a new guideance with a focus on how security can be provided as a service (SecaaS). This...
List of Disk wipe software
People and organizations dispose of their computers including the Hard drives when no more needed or considering that they are obsolete. The...
Cloud Computing = Low cost? Check again.
It is been considered that the cloud computing solutions reduces the cost of computing resources as far as organization is concerned. However, a recent...
Cloud Computing and Enterprise risk management
The number of organizations adopting clouding computing increases day by day. The COSO has published a thought paper on Enterprise Risk Management for Cloud...
NIST Computer Security Incident Handling Guide
NIST has published the final version of their guide on Computer Security Incident Handling. This guide is built based on the best practices adopted...
Dual Control or Segregation of Duties?
Many information security professionals, event at the senior level roles, are still getting the internal control mechanisms such as Dual Control and Segregation of...
Cloud Service brokerage
Many organizations source cloud services from different vendors which introduces various challenges to business including, but not limited to, billing, payments, access management etc......
The rat race of vulnerability management
Patch management is one among the major IT Security concerns most of the organizations are worried about. It is practically not possible to have...
Global Payments breach.initial review
Security breaches are become a common thing these days. They hit the front page only when the size or importance of the breach become...
PCI DSS compliance and Password policy
Usernames and passwords is still the major method of authenticating users to the systems. It would be difficult to find someone without a user...
Cloud solutions & PCI DSS Compliance
Businesses are increasing its dependence on cloud computing solutions. PCI DSS compliance is often a concern for many organizations when considering cloud or virtualized...
Google data center security
Found this interesting video in Youtube. It talks about the Google efforts on enforcing security across its data centres. The key security...