Management, compliance & auditing November 29, 2012 Dan Manolescu Privacy Impact Assessment What is a Privacy Impact Assessment (PIA)? Privacy Impact Assessment is a process to determine the impacts of a program, system, service, scheme, initiative,...
Management, compliance & auditing November 11, 2012 Adrian Stolarski The Most Common Problems in the Implementation of Agile Methodologies in Companies, Part 2 Previously, we took a major problem with which organizations are faced in the implementation of Agile methodologies in companies. It was where the lack of...
Management, compliance & auditing February 28, 2012 Infosec InfoSec Book Excerpt: Security Metrics – Chapter 17 We like to read the latest and greatest security books, andsometimes the author and/or publisher is generous enough to share an extended with us - and you....
Management, compliance & auditing February 17, 2012 Tom Olzak Attack Surface Reduction – Chapter 4 This is Chapter 4 in Tom Olzak‘s book, “Enterprise Security: A practitioner’s guide.” Chapter 3 is available here: Building the Foundation: Architecture...
Management, compliance & auditing February 8, 2012 Aaron Bossert The Compliance Shell Game "What's in a name? that which we call a rose. By any other name would smell as sweet" Shakespeare would probably turn over in his grave knowing that I have...
Management, compliance & auditing January 30, 2012 Tom Olzak Building the Foundation: Architecture Design – Chapter 3 In this chapter, we define the various types of enterprise architectures, how to integrate them into strategic and tactical business objectives, and how to build from business need to system and network design.
Management, compliance & auditing December 12, 2011 Tom Olzak Enterprise Security: A practitioner’s guide – Chapter 1 Chapter 1Security: A working definition Managing Risk Probability of Occurrence Business Impact Threat Sources Human Threats Geographic Threats Natural...
Management, compliance & auditing November 17, 2011 Tom Olzak UEFI and the TPM: Building a foundation for platform trust Table of Contents Trusted Computing Boot Path Security Challenges Boot Path Attack Surface The Trusted Memory Module (TPM) TPM Architecture...
Management, compliance & auditing November 17, 2011 Len Marzigliano Goodbye DIACAP, Hello DIARMF When C&A becomes A&A, will you be ready? Every few months, an elite group of DoD security experts, IT managers, and senior leadership gather to chart...
Management, compliance & auditing June 15, 2011 Kenneth Magee ISO27002 Security Framework – Audit Program Template Several people have asked for an IT Audit Program Template for an audit based on the ISO/IEC 27002:2005(E) security standard. This template, which can be...