DISC InfoSec blog

information security eBooks download sites
Studiesinn InfoSec eBook
Information-Security eBookee
Strategic-Information-Security
The-New-School-of-Information-Security
Insider’s Guide to Security Clearances
Information Threats
Information Security Risk Analysis by Thomas R. Peltier
Information Security Risk Analysis, 2 Ed. by Thomas R. Peltier
Information Security Risk Analysis By Tom Peltier shows you how to use cost-effective risk analysis techniques to identify and quantify the threats–both accidental and purposeful–that your organization [...]

RSA Conference 2011 Keynote – Securing the Enterprise in a Changing World – Bill Veghte

An applications transformation has begun, creating both challenges and opportunities: with users (consumers) demanding everything as a service, anywhere, how can enterprises secure critical corporate infrastructure assets and information? Building security into applications, assessing risk– even before coding begins, and [...]

“Security measures that just force the bad guys to change tactics and targets are a waste of money,” said Bruce Schneier, “It would be better to put that money into investigations and intelligence.”
The security boss of Amsterdam’s Schiphol Airport is calling for an end to endless investment in new technology to improve airline security.
Marijn Ornstein [...]

InfraGard is a FBI partner site – which is a public-private partnership devoted to sharing information about threats to US physical and Internet infrastructure.
Discussion of two important principles of information security:
Separation of Duties and the concept of least privilege and the Impact on System Administration.

Principles of Information Security

By JAMES GLANZ and JOHN MARKOFF
The Obama administration is leading a global effort to deploy “shadow” Internet and mobile phone systems that dissidents can use to undermine repressive governments that seek to silence them by censoring or shutting down telecommunications networks.
The effort includes secretive projects to create independent cellphone networks inside foreign countries, as [...]

CMS Security Handbook: The Comprehensive Guide for WordPress, Joomla, Drupal, and Plone
Open Source Software certainly does have the potential to be more secure than its closed source counterpart. But make no mistake, simply being open source is no guarantee of security.
Learn how to [...]

Employee security awareness, firewalls, data leakage protection, and collaboration are all key components of a healthy information security ecosystem, according to a panel at the MIT Sloan CIO Symposium held Wednesday.
The moderator, Owen McCusker of Sonalysts, asked the panel to describe what companies can do to create a healthy information security ecosystem.
Michael Daly, director [...]

by Consumer Reports
Threats to Your Personal Finances and Six ways to Stay Safer
Banking from a public computer
Keylogging malware that can capture account numbers, passwords, and other vital data is a risk that has been linked to use of open Wi-Fi connections and public computers such as those in hotel lobbies.
Using unfamiliar ATMs
Thieves [...]

Today’s economy is about protecting the information assets which is essential to existence of an organization. After a major incident or a security breach it is unthinkable to say it is not going to affect your bottom line. Most of the organization has to comply with various standards and regulations and a breach [...]

In movies the hacker tries to hack into a Department of Defense computer by speed-typing passwords. We all know reality is nothing like this and we see it as the joke that it is.
But business management don’t see the inherent risks as affecting business bottom line but a hindrance to another new project; they don’t [...]