Welcome to Collaborative Strategy Guild Where insights are transformed into actions at the intersection of collaboration, information management, security, and business strategy.
|
 This year InformationWeek asked SecurityCurve to help them with their annual Federal Cybersecurity Survey. It was a great research project and we learned a lot. If you’re interested in the findings there’s a brief article at InfoWeek:
What are the most dangerous cyberthreats? And how are agencies responding? InformationWeek launched our 2012 Federal Government Cybersecurity Survey to find out. Our poll of 106 federal IT pros involved in IT security for their organizations was conducted in March. We asked respondents to rank the threats they face and their readiness to deal with them. We inquired about cybersecurity spending… Continue reading: 2012 Federal Government Cybersecurity Survey
IaaS gives you plenty of rope. It’s up to you not to hang yourself. For example consider how IaaS allows you to rapidly create and deploy new virtual machines within the production environment. Without proper care and feeding, this can quickly result in VM sprawl. If a VM remains dormant for a long time and sits out many rounds of updates and patches, what happens when it finally reawakens?
For the rest of Ed’s latest column at TechNewsWorld, please click here.
Does Your IaaS Environment Have Sleeper Cells?
Raised cubicle walls, safe rooms for credit card data, different colored badges for different agents – it all seemed a bit draconian. Yet, many contact center managers are struggling with some of the stringent requirements for PCI DSS when they first run across them. It may not be a police state, but most contact center professionals need some help and advice. The security professionals often responsible for PCI DSS projects do not always understand the operations of the contact center, what’s important and what’s not. And the same goes for contact center managers dealing with PCI DSS auditors.
In an attempt to get the two sides together, SearchCRM.com News Director Barney… Continue reading: Debating PCI DSS Compliance in the Contact Center and the ‘Police State’: Two Perspectives
This year Ed and I have been asked to run the Application Security Tracks at the IANS Information Security Forums. In advance the first Forum, to be held on March 20-21 in Washington, DC we put together a podcast and a Q&A on application security and the topics we plan to cover. If you’re planning to attend any of the IANS Information Security Forums, or if you’re just interested in Application Security, please take a look and listen:
IANS Research Member Preview
Building an Optimized Application Security Program
IANS Research Podcast
Application Security Track: Forum Podcast with Diana Kelley and Ed Moyle
As the second law of thermodynamics tells us, all things trend toward chaos and this is no less true with a virtual environment. Sprawl can have a real security impact, and it takes discipline and planning to control sprawl — discipline and planning that won’t occur without someone from the security team actively monitoring the problem and formulating strategies for how to address the issue.
VVirtualization has been one of the most rapidly and widely adopted technologies in recent memory. It’s huge, and it’s here to stay.
And as security professionals know, setting up a virtual environment securely isn’t easy. Significant effort goes into tasks like evaluating off-premise service providers, ensuring regulatory… Continue reading: Post Virtualization Security
|
|
