6 Steps to Handle IT Security Incidents

The National Institute of Standards and Technology has issued a revision of its guidance to help organizations establish programs to manage computer security incidents. NIST, in Special Publication 800-61 Revision 2: Computer Security Incident Handling Guide, spells out what incident-response capabilities are necessary to rapidly detect incidents, minimize loss [...]

By |2012-08-13T09:08:04+00:00August 13th, 2012|Corporate Security|0 Comments

Coming of Age of Cyber Insurance

Cyber Benefits from Shift to Enterprise Risk Management Flipping through the 150-page 2012 RIMS Benchmark Survey, in preparation for an interview on the study's findings (see Social Media Risks: Weigh Pros, Cons), I noticed lots of figures on payouts for auto, aviation, fiduciary, marine, malpractice, worker's compensation policies and [...]

By |2012-08-12T09:26:05+00:00August 12th, 2012|Corporate Security|0 Comments

Healthcare Anti-Fraud Coalition Formed

Public-Private Partnership Focuses On Prevention The Obama administration has launched a new public-private collaborative effort to help prevent healthcare insurance fraud. The voluntary group includes healthcare organizations and associations, health insurers, federal and state agencies, and anti-fraud groups that together aim to combat healthcare fraud through the sharing of [...]

5 Tips to Improve Intrusion Detection

NIST Revising Guide on Detection, Prevention Software Intrusion detection and prevention software has become a necessary addition to the information security infrastructure of many organizations, so the National Institute of Standards and Technology is updating its guidance to help organizations to employ the appropriate programs. NIST is seeking comments [...]

By |2012-08-06T08:35:58+00:00August 6th, 2012|Corporate Security, Threat Assessment|0 Comments

NSA Chief: Cybercrime constitutes the “greatest transfer of wealth in history”

NSA Chief: Cybercrime constitutes the “greatest transfer of wealth in history”  The loss of industrial information and intellectual property through cyber espionage constitutes the "greatest transfer of wealth in history," the nation's top cyber warrior Gen. Keith Alexander said Monday. U.S. companies lose about $250 billion per year through [...]

Small Businesses at Risk from Online File Sharing: Symantec

As more small-business employees share larger files, the security risk is growing, according to a Symantec survey. By: Nathan Eddy As the prevalence of online sharing grows, small and midsize businesses are increasingly at risk due to employees adopting unmanaged, personal-use online file-sharing solutions without permission from IT, according [...]

By |2012-07-10T21:14:26+00:00July 10th, 2012|Corporate Security, Identity Theft|0 Comments

Preview of the Webinar on Workplace Violence Prevention

Companies often don't think about preventing workplace violence until there is an incident that affects them, or a company similar to them, or geographically close.  As soon as something happens close to home, they want to get serious and do something about it right away. Workplace violence prevention is [...]

Data-Driven Security – Using Metrics to Focus & Target Security Programs

Security programs can be dramatically improved by using a metrics-based assessment to focus them on the areas of greatest threat, and to use metrics as a management tool to keep the security program targeted on the areas that need the most attention. Using a data-driven approach – that is, [...]