According to a recent survey , if you are a security professional counting on a Security Information and Event Management (SIEM) solution to protect your critical assets from nefarious hackers, state-sponsored exploits or the inadvertent missteps of an eager new employee, you may not be as enthusiastic...
Posted to
Security Web
by
Renee Bradshaw
on
Apr 9, 2013
Filed under:
Filed under: Insider Attack, Change Control, Data Protection, malicious insider, Data Security, File Integrity Monitoring, malware, hacking, insider threat, IT Security, Vulnerability, Security Management, Renee Bradshaw, SIEM, Change Guardian, Hack, Data Loss, Security Information and Event Management, IT Security, Security Intelligence, IT Staffing, IT Environment, insider threats, Security Information, Change Management, Security Web, hacktivism
The European Union (EU) has always held personal rights and privacy in high regard, and in January it added 119 pages of proposed tough new regulations and penalties for businesses and government agencies that handle personal data. Every member of the EU has signed on to the European Convention of Human...
Posted to
Security Web
by
David Shephard
on
Mar 9, 2012
Filed under:
Filed under: Data Breach, NetIQ, Data Protection, Privacy, Data Security, ICO, Social Media, HR, Sentinel, Identity Manager, Tuscany, Italy, Net Studio, EU, European Convention of Human Rights, Directive 95/46/EC, European Union, DPO, Access Manager, Garante per la Protezione dei Dati Personali, E-Privacy Directive, Francesco Pizzetti, Human Resources, European Commission, City of Siena, Duane Morris Alert, Directive 2002/58, Commission nationale de l'informatique et des libertés, CNIL, United Kingdom, UK, Information Commissioner Office, David Shephard, Security Web
During a recent webinar, “ Control Access Rights: The Case for User Provisioning ”, our featured speaker, Andras Cser, Principal Analyst at Forrester Research , spoke about trends he is seeing in the Identity & Access Management (IAM) market, and specifically about the challenges and...
Posted to
All Things Admin
by
Renee Bradshaw
on
May 4, 2011
Filed under:
Filed under: Active Directory, AD Administration, NetIQ, Compliance, Active Directory Administration, user provisioning, reduce administrative priviledge, ITPA, IT Process Automation, Security, Active Directory Management, Data Protection, Information Security, Identity Management, Identity and Access Management, staffing, HR, Provisioning, threat, IAM, privilege delegation, Identity Administration, Human Resources, IT Departments, Access Rights, Andras Cser, Risk, Insider Threat, Breach, IT Security, Renee Bradshaw, Security Web
At last weeks InfoSecurity Europe 2011 , NetIQ's very own Joern Dierks was interviewed by John Doody. This is a transcript of that interview and includes links to useful resources and organizations as well the video recording of the interview : John : Hello, From Infosecurity Europe 2011 from Earls...
Posted to
Security Web
by
David Shephard
on
Apr 25, 2011
Filed under:
Filed under: Security, IT process automation, Data Breach, Insider Attack, NetIQ, Cloud Computing, Change Control, Compliance, Data Protection, Risk Management, cloud security, Data Security, Security Policy, insider threat, IT Security, ISO 27000, Cloud, Service Level Agreements, SLAs, Information Security, InfoSecurity, InfoSec11, InfoSecurity Europe, IT Audit, InfoSec, Auditors, David Shephard, Security Web
Joe Tasker , former General Counsel of ITAA and VP of Government Affairs at Compaq , had attended a webinar that went over the newly published draft NIST Guidelines on Security and Privacy in Public Cloud Computing , and asked me what I thought. Lucky for me I just completed two blog posts for SC Magazine...
Posted to
Security Web
by
Michael F. Angelo
on
Feb 10, 2011
Filed under:
Filed under: Security, Encryption, Cloud Computing, SC Magazine, Data Protection, Privacy, NIST, Michael F. Angelo, Cloud, DoS Attack, Identity Theft, Personally Identifiable Information, Electronic Discovery, Public, Stolen Credit Cards, hibernated cloud, Public Cloud, Hibernation, Guidelines, BotNet, Spam, Service Level Agreements, SLAs, PII, Elastic Cloud, Joe Tasker, Compaq, Security Web
The next time you’re tempted to “borrow” your co-worker’s subscriber log-in information for Hoover’s , consider the plight of Goldman Sachs. In early May, the company was slapped with $3 million lawsuit by Ipreo Holdings LLC , a New York-based provider of software and market...
Posted to
Security Web
by
Renee Bradshaw
on
May 18, 2010
Filed under:
Filed under: Data Breach, Compliance, Data Breach Notification Act, CSI, Data Protection, Verizon Breach Report, Data Security, Database Activity Monitoring, Renee Bradshaw, Security Web
It doesn't matter what mandate is your current headache-du-jour - PCI , HIPAA (ok, someone must be worried about it), NERC CIP , SOX or some other acronym , the fact is security of critical data should be the overarching theme. It's all about the data. A few days ago, George Hulme of InformationWeek...
Posted to
Security Web
by
Geoff Webb
on
Apr 26, 2010
Filed under:
Filed under: Security, Data Breach, Information Week, Geoff Webb, Data Protection, PCI, Data Security, George Hulme, HIPPA: NERC CIP, SOX, SB-1186, Security Web
For a long time, security teams have been forced to play catch-up to a bewildering number of threats, and an equally bewildering number of technical responses. I recently wrote an article for InfoSecurity Magazine addressing where I think this has left the security industry - swamped with too many things...
Posted to
Security Web
by
Geoff Webb
on
Apr 9, 2010
Filed under:
Filed under: Forrester Research, Data Breach, PCI DSS, Geoff Webb, Compliance, Data Protection, Data Security, John Kindervag, File Integrity Monitoring, FIM, Security Web
The risk of financial sanctions and damaged reputations means that data security is rising up the agenda for regulated firms. James Thomas reports: Laptops left on trains, misplaced CDs… a host of high profile information leakages have brought the issue of data security well and truly into the...
Posted to
Security Web
by
David Shephard
on
Mar 30, 2010
Filed under:
Filed under: IT process automation, Compliance, Data Protection, Mike Maddison, Compliance Monthly, Privacy, Deloitte, Regulations, Data Security, James Thomas, ICO, Financial Services Authority, Information Commissioner's Office, FSA, DPA, Data Protection Act, Ernst and Young, Seamus Reilly, Security Policy, Beverley Flynn, David Shephard, Security Web, Stevens and Bolton
On the heels of RSA, security is at the top of everyone’s mind. While many were distracted by all the talk of clouds, we need to keep our eye on the ball. Securing critical information is task #1, regardless of where that information is stored. In his weekly newsletter (sent at the end of last...
Next week I'll be speaking at the CSO Executive Seminar on Data Protection and Encryption in Washington, D.C. My presentation will focus on doing more with less in a time when security and compliance teams are stretched thin due to staff and budget cuts. I will touch on aligning security investments...
Posted to
Security Web
by
NetIQ
on
Feb 2, 2010
Filed under:
Filed under: Security, IT process automation, Encryption, Washington D.C., ITPA, Data Protection, Seminar, CSO Conference, Matt Mosley, Security Web