Dig Security together —— 阅读、挖掘、评论,安全共进步。


Join
Login
Submit Story

Categories

View All
Alert
- Applications security
- Bugtraq
- Exploit from milw0rm
- Exploit from packetstorm
- SANS Handler's Diary
- Virus
- WHID
Attack Vector
- ActiveX
- Botnet
- Data loss
- DDoS
- Emerging Threat
- Iframe
- Insider
- Phishing
- Privacy
- Web defacement
- XSS
Cyber-War
Material
- Ebook
- Podcast
- Security Cartoon
- Tools
Olympics
People
- Why
- zhaol
Sector-Specific
- Banking, Finance & Insurance
- E-commerce & Retail
- Educational Institutions
- Energy, Power & Utilities
- Enterprises
- Government
- Telecommunications
Security Giant
- Cisco
- Google
- IBM
- Microsoft
- NSFOCUS
- Symantec
Security Industry
- Cloud
- Conference
- Jobs
- News
- startup
- web2.0
Security Services
- Incident Response
- ISMS
- IT Audit
- Regulatory Compliance
- Risk Management
- Security Awareness
- Threat Management
- Vulnerability Management
Standard
- BS 25999
- BS 31100
- CMMi
- COBIT
- ISO 20000
- ISO 27001
- ISO 38500

Tag Cloud
Risk Management


1
digs
Calculating the true cost of data breaches
submitted by wanghongyang 642 days ago (via watchyourend.com)
Research carried out with 21 companies in the UK has revealed that the average cost of a data security breach in 2007 was £1.4 ($2.75 US) million. That equates to around £47 ($92 US) for every single record stolen or exposed.
 
0 Comments - More Info - Bury   Topic: Risk Management
1
digs
Offshore Data Security Assessment Primer Addendum
submitted by wanghongyang 646 days ago (via thereformed.org)
A sort of analytical self-response to several points in his InformationWeek article, "How To Assess Offshore Data Security", Adam Ely, known formerly as Dr. Altomo of gH and a contributor to theReformed, makes further relative points of calculation in the basic model of assessment he laid out before in his previous article.
 
0 Comments - More Info - Bury   Topic: Risk Management
1
digs
How to Choose a Pentesting Company
submitted by wanghongyang 644 days ago (via governmentsecurity.org)
Written by a pentester, and by a pentestee. What you should watch out for and what you should ask for up front when selecting a pentesting company.
 
0 Comments - More Info - Bury   Topic: Risk Management
1
digs
Managing Risk in Information Technology
submitted by wanghongyang 631 days ago (via governmentsecurity.org)
As information technology increasingly falls within the scope of corporate governance, so management must increasingly focus on the management of risk to the achievement of its business objectives.
 
0 Comments - More Info - Bury   Topic: Risk Management
1
digs
Information Security in Outsourcing Management
submitted by wanghongyang 618 days ago (via blog.rickzhong.com)
What are the information security risks in outsourced business operations and what are the measures to keep these risks in bay?
 
0 Comments - More Info - Bury   Topic: Risk Management
1
digs
"Malwares Resistance" Assessment
submitted by wanghongyang 615 days ago (via extremesecurity.blogspot.com)
We all have heard of a "Vulnerability Assessment" or a "Network Security Assessment", but what's about a "Malwares Resistance Assessment”? Check it out here: http://extremesecurity.blogspot.com/2008/07/malwares-resistance-assessment.html
 
0 Comments - More Info - Bury   Topic: Risk Management
1
digs
How to secure SOA
submitted by wanghongyang 608 days ago (via searchfinancialsecurity.techtarget.com)
Service-oriented architecture (SOA) is gaining interest at financial institutions; however, there are security concerns.
 
0 Comments - More Info - Bury   Topic: Risk Management
1
digs
IT governance, risk & compliance (IT GRC) 2008 Annual Report
submitted by wanghongyang 608 days ago (via compliancehome.com)
2008 Annual Report: IT Governance, Risk and Compliance - Improving Business Results and Mitigating Financial Risk
 
0 Comments - More Info - Bury   Topic: Risk Management
1
digs
松下2010年之前统一监管全球25万台内部电脑
submitted by wanghongyang 607 days ago (via infosec.org.cn)
松下电器产业将于2010年度之前建立由总部统一监管全球约25万台公司内部电脑的体制。同时,将对国内外下属公司的约30万名员工实施严格的信息管理制度。这在日本企业的信息安全对策中属于最大规模,目的是防止机密数据等泄露,提高竞争力。
 
0 Comments - More Info - Bury   Topic: Risk Management
1
digs
How to plan a Penetration Test
submitted by wanghongyang 603 days ago (via passcisa.blogspot.com)
Penetration Tests is very important as it leads to the modification/adoption of policies related to Information System. Vulnerabilities detection may lead to a stronger system.Proper planning of Penetration testing is even more important.
 
0 Comments - More Info - Bury   Topic: Risk Management






©2008 2sec.org - All content for this site is under a Creative Commons license
About us  |  Contact us  |  FAQ  |  Feedback  |  Links  |  京ICP备07018489号