Security CommunityRisk Reduced Per Unit Cost: A Critical Measurement of Security Effectiveness<div><p>The most important security metric is "risk reduced per unit cost." This metric enables you to collect the costs associated with your security environment related to the amount of risk that you have reduced.</p><p>Using quantitative methods like RRUC to explicitly frame security decisions in IT adversarial risk management is still a challenging topic…</p></div>Pete LindstromTue, 21 Aug 2018 15:48:28 -0400 Really? We don't think so.<div><p>I want Independence! A Patch Tea Party! No patchation without reprevaluation!</p> <p>Worms like Wannacry have been a problem that has existed since the ’88 Morris worm.</p> <p>While it seems like a big problem; actually, it is a fringe event (yes, even though there are some high-profile cases). Let’s be clear: Good, smart people are trying their best to make…</p></div>Pete LindstromTue, 23 May 2017 13:16:22 -0400 skills shortage in information security<div><p><span>One constantly hears the very abstract notion of there being a skills shortage within the information security industry but nobody really focuses on why this is. Given the fact that the information security domain touches on virtually every aspect of the business, the key to recruiting information security resources is in identifying those…</span></p></div>Fayaz KhakiMon, 03 Nov 2014 10:51:36 -0500 Staff Most Trusted in CEE When it Comes to IT Security<div><p>This is a bit unexpected. While Poland rarely makes the top lists of source countries for hacking or other online attacks, it has traditionally scored below average in polls of interpersonal trust done by the OECD. And a comprehensive <a href=",3/diagnoza-spoleczna-2013-polak-chce-rozwodu-z-panstwem-jest-zadowolony-ale-samotny,359458.html">2013 study</a> conducted inside Poland argues that poles are losing what little trust they have in each other.</p><p> That…</p></div>CEMA GroupWed, 08 Oct 2014 15:29:57 -0400 migration - three phased approach<div><p><span>However there are also benefits to moving to the cloud, such as agility in deploying products and services, infrastructure cost savings, availability of skilled resources at the cloud provider, etc. When considering a move to the cloud, organisations ought to conduct an appropriate level of due diligence and recognise the fact that migrating to…</span></p></div>Fayaz KhakiWed, 03 Sep 2014 16:17:52 -0400 value of privacy will diminish<div><p>We, the current generation of professionals still remember a time before everything could be done online - before Facebook and Twitter and Snapchat. And it is this generation that is fighting to ingrain information security and privacy in virtually everything that we do and use. This is because we know what it is like not to have our data or…</p></div>Fayaz KhakiMon, 25 Aug 2014 15:08:45 -0400 security used in consumer decision making (borrowing from the food industry)<div><p><span>Is it only a matter of time before implanting chips into humans is the norm? The level of data that can be collected from that could be astronomical. There are advantages to this also, my doctor could predict any potential illness and can help me prevent it through lifestyle change or medication. However the thought of having everything connected,…</span></p></div>Fayaz KhakiFri, 08 Aug 2014 10:12:57 -0400 security: the glass is always half empty – new technologies keep poking holes in it<div><p style="text-align: justify;">Back in 2003, famed American investor Warren Buffet <span style="text-decoration: underline;"><a href="" target="_blank">warned</a></span> that complex financial instruments were "financial weapons of mass destruction." He asserted that they overstate values, can create debt and other spirals that lead to corporate meltdown, and even undermine the economy. Government and banks largely ignored the implied advice of regulation,…</p></div>CEMA GroupMon, 14 Apr 2014 02:10:30 -0400 security and manufacturing: making it work in CEMA<div><p>The security holes in IT systems are not an issue until fraudsters, malware, or hackers sneak through them. The majority of companies report that they have in place some kind of IT security policy and a basic IT security solution (antivirus, firewall, etc.), but this constitutes a rather passive approach to IT security. In terms of some more…</p></div>CEMA GroupTue, 01 Apr 2014 08:03:04 -0400 Software Deployment Plans in APEJ: Survey Results<div><p>As part of our annual Continuum Survey of 1,623 end-user organizations in APEJ, we looked at buyers' investment plans for security solutions. IT security is once again rated as the most important technology investment area. As organizations intensify their adoption of advanced technologies, significant gaps in information-security programs are…</p></div>Naveen HegdeFri, 19 Jul 2013 09:22:04 -0400