Information Security Magazine

WHITE PAPER: Check out this expert eBook and learn about best practices and techniques for protecting your company's data with encryption technology.

Posted: 28 Oct 2008 | Published: 28 Oct 2008

JOURNAL ARTICLE: Does risk management make sense? Experts Bruce Schneier and Marcus Ranum debate whether risk management is an appropriate strategic direction for information security professionals to follow.

Posted: 14 Oct 2008 | Published: 01 Oct 2008

JOURNAL ARTICLE: Read what security people have to say. They want to be heard. They want to talk to the CIO, whisper in the CFO's ear, croon to the board, and scream at users. Problem is: an appropriate forum isn't always available. This article makes one available.

Posted: 14 Oct 2008 | Published: 01 Oct 2008

JOURNAL ARTICLE: Read personal essays from the 2008 Security 7 Award winners to learn more about history, convergence, information sharing, relationship management and developing strategic plans.

Posted: 14 Oct 2008 | Published: 01 Oct 2008

JOURNAL ARTICLE: Chris Nickerson is your worst nightmare. He's the guy you never see coming, the one who can slip into your data center, install malware on any server he chooses and ease out without so much as a shadow on your security cameras.

Posted: 14 Oct 2008 | Published: 01 Oct 2008

JOURNAL ARTICLE: Unravel the ins and outs of how your organization should deploy encryption.

Posted: 14 Oct 2008 | Published: 01 Oct 2008

JOURNAL ARTICLE: Read this interview to learn more about Bill Jiminez, systems architect at the University of the Pacific, and how he has to balance security with the desire of faculty and students for openness.

Posted: 15 Sep 2008 | Published: 01 Sep 2008

JOURNAL ARTICLE: This article discusses the role of ethics in information security certifications offered by ISACA, GIAC, (ISC)2 and ASIS and what efforts have been made in ethics programs.

Posted: 15 Sep 2008 | Published: 01 Sep 2008

JOURNAL ARTICLE: Read what writer Jay Heiser has to say about passwords and the security model that requires people to remember multiple passwords and logins, which has to change.

Posted: 15 Sep 2008 | Published: 01 Sep 2008

JOURNAL ARTICLE: Read a system administrator's reaction to an earlier Face-Off column in Bug Finding: Ethical and Necessary. Plus, a principal security analyst discusses Upfront Data Protection.

Posted: 15 Sep 2008 | Published: 01 Sep 2008

JOURNAL ARTICLE: Read this article to learn more about how governance, risk and compliance tools over-promise, and how organizations need to streamline and break away from their siloed approaches.

Posted: 11 Sep 2008 | Published: 01 Sep 2008

JOURNAL ARTICLE: Three organizations reveal how they use a combination of frameworks such as COBIT or ISO 27001 along with GRC tools to satisfy overlapping industry and federal regulatory demands.

Posted: 11 Sep 2008 | Published: 01 Sep 2008

JOURNAL ARTICLE: Read about the security features in SQL Server 2008 in this article. By far the most significant change over its predecessors is its granular data security features: encryption, key management and meta data security enhancements.

Posted: 11 Sep 2008 | Published: 01 Sep 2008

JOURNAL ARTICLE: This article shares the challenges and rewards that four organizations have experienced with NAC implementation.

Posted: 11 Sep 2008 | Published: 01 Sep 2008

WEBCAST: This webcast looks at five common pitfalls, drawn from lessons learned by four organizations that have deployed NAC.

Posted: 09 Sep 2008 | Premiered: Available On Demand

JOURNAL ARTICLE: Feature-rich suites are putting a face on integration and interoperability.

Posted: 04 Sep 2008 | Published: 01 May 2008

JOURNAL ARTICLE: Poor change control can send your organization's security tumbling. Follow these 5 steps for a strong change management program.

Posted: 04 Sep 2008 | Published: 01 May 2008

JOURNAL ARTICLE: Research ups awareness on backdoors that present attackers with a cheaper means of malware distribution and system access.

Posted: 04 Sep 2008 | Published: 01 May 2008

JOURNAL ARTICLE: Security and privacy teams must work together to protect personal information in the digital age.

Posted: 04 Sep 2008 | Published: 01 May 2008

JOURNAL ARTICLE: Securing corporate networks against insider attacks is a difficult challenge to be sure. But how do you prevent such attacks on 1.5 million ATMs worldwide?

Posted: 04 Sep 2008 | Published: 01 May 2008

JOURNAL ARTICLE: Outsourcing an application means your organization relinquishes some control; don't, however, loosen your grip on security.

Posted: 04 Sep 2008 | Published: 01 May 2008

JOURNAL ARTICLE: The standard way to take control of someone else's computer is by exploiting a vulnerability in a software program on it. This was true in the 1960s when buffer overflows were first exploited to attack computers.

Posted: 04 Sep 2008 | Published: 01 May 2008

JOURNAL ARTICLE: We look at three GRC products and the distinct ways these tools can help organizations navigate the complicated regulatory game.

Posted: 03 Sep 2008 | Published: 01 Jun 2008

JOURNAL ARTICLE: Nothing circumvents pricey defense-in-depth faster than people; educating workers about security is essential.

Posted: 03 Sep 2008 | Published: 01 Jun 2008

JOURNAL ARTICLE: Compliance and security are business issues that require business solutions.

Posted: 03 Sep 2008 | Published: 01 Jun 2008