Security Metrics: Replacing Fear, Uncertainty, and Doubt
The long awaited international standard on Information Security Measurement, ISO/IEC27004:2009, is now available.
It’s a must have –
Buy the hard copy here
or the download here
Key Features and Benefits:
• Provides guidance on the development, implementation use of metrics to measure the effectiveness of an ISO 27001-compliant ISMS, controls or groups of [...]
Image via WikipediaAccording to SF Chronicle article by Deborah Gage (May 8, 2009, c2) consumer reports magazine’s annual “State of the Net” survey finds that cybercrimes has held steady since 2004, with one out of five consumers becoming victims in last two years at a cost to economy of $8 billion. Consumer report can be [...]
According to BBC news article by Maggie Shiels (Feb 11, 2009) the world’s biggest software maker has warned companies to expect an increase in “insider” security attacks by disgruntled, laid-off workers. Microsoft said so-called “malicious insider” breaches were on the rise and would worsen in the present downturn.
Below are the high points:
• With 1.5 million [...]
In April 20007, California state IT council adopted the information security program guide which help organizations to comply with SB 1386. The council advised the use of information security standard ISO 27002 framework to comply and meet the needs of SB 1386.
[Table = 13]
Which businesses are affected by SB 1386 law?
o If you have a [...]
To become a successful business in today’s market, optimized information security controls may be the panacea for unmet security needs. One way to achieve optimized information security control is to perform ISO assessment and assess the organization security posture based on ISO 27002 code of practice and map each control with Capability Maturity Model Integration [...]
Cyber warfare poses a serious threat to critical infrastructure of a country. It has been a major challenge for DoD officials, cyber attackers have already stolen tera byte of data from their infrastructure.
Most of the security expert and FBI agree that cyber attacks pose biggest threat to US vital infrastructure. “Cybergeddon” our daily economy [...]
