May you live in interesting times
This is an excellent Article from CSO Online In an Orange State of Mind A CSO ponders his role and yours in shaping our post-9/11 democracy BY ANONYMOUS
View ArticleA Good Investment
Surveyed Execs say SOX is a good investment. Here are the results of a small survey regarding how execs feel about SOX. What I am more curious about is how effective this is actually going to be. For...
View ArticleI don't think this is an isolated incident
Here is an article which cleraly shows how people feel the can conduct their businesses. "If you make a false entry to make a profit in February ... and that is changed in March, I don't see how that's...
View ArticleAn interesting take on Germs and the CEO
Here is a interesting piece on how CEO's are like Germs. ‘‘How is the relationship between germs and antibiotics like that between CEOs and governance reforms?’’ he asks. The answer: ‘‘In both cases,...
View ArticleControl Framework
I have recently been working with a client on their IT security. One of the initial issues we needed to deal with was the scope of our security plan. My client had no idea where to start and knew...
View ArticleBack to basics
I tend to have a cynical point of view about things. I want to get that out of the way up front. I have a hard After reading an article this morning titled "Vendors are responding to security threats...
View ArticleThe customer has a responsibility to help protect information
I am surprised someone has actually said that users have to be responsible for something. "The customer has a responsibility to help protect information as well as the technology companies," said Scott...
View ArticleWho is responsible for phishing scams
Does the responsibility fall on the user or elsewhere? I keep hearing that it is not the responsibility of and too much to expect end-users to analyze URLs and email headers. What do you think. I...
View ArticleComputer Security Act
The Computer Security Act of 1987 states: to require mandatory periodic training for all persons involved in management, use, or operation of Federal computer systems that contain sensitive...
View ArticleIs new legislation going to make a difference?
I read today of another report that hackers retrieved customer data from a LexisNexis Database. This will no doubt cause them to take a look at their security procedures. With what happened to Choice...
View ArticleThe private sector is not the only area struggling with new governance...
The GAO's audit of the SEC provides some interesting information. The GAO is reccommending the SEC put in place am agency wide information security program. I would have thought that should have been...
View ArticleWill 2 factor make a difference?
Bruce Schneier wrote a piece on Two Factor Authentication. It was put beside another opinion piece from RSA Security in this weeks Network World magazine. For those unaware of the concept of Two-Factor...
View ArticleIcarus in the Boardroom
I found this piece in the Washington Post. It poses some interesting questions as to the success or failure of the Sarbanes-Oxley Act. Take a look at Icarus in the Boardroom
View ArticleThe Evil Empire Strikes again.
I came across this article by Scott Bradner, Network World, 05/30/05, which makes comments about Microsoft's motives for getting into the "Anti-" market.
View ArticleWhere does IM fit into your orginazation?
There was a piece here titled "Sarbanes-Oxley trumps IM at some firms". "some companies have disconnected IM systems under the pretense of complying with Sarbanes-Oxley instead of justifying those...
View Article
