Stories about: ISO

Wealth management firm AMP has rejected established auditing and security frameworks for a procedure list hand-drawn by its own head of security.

If there is a Holy Grail in the information security industry, it surely is the answer to the question, "How secure is secure enough?"

Version 3.0 of BackTrack has been released. BackTrack is a Linux-based distribution dedicated to penetration testing or hacking (depending on how you look at it). It contains more than 300 of the world's most popular open source or freely distributable hacking tools.

Security issues often seem to smolder more than burn, but these six are certainly capable of lighting a fire under IT professionals at a moment's notice. Handle with care.

Neither information technology nor security managers fire people in most organizations. That plain reality seems to escape some in the industry, where offended security administrators declare that disabling the anti-virus program is grounds for demotion or an IT manager finding unlicensed media makes arrangements for someone to make the cardboard box commute.

RSA, the security division of EMC, has completed its annual wireless survey, and the news is mixed. Wireless adoption is moving briskly in the post-WEP era, with advanced encryption gaining ground, yet there have been some minor setbacks. There are also some potential warning flags for still-emerging wireless technologies, such as RFID.

Macquarie Telecom has become the first Australian telecommunications and hosting provider to be certified by SAI Global to ISO 27001 Information Security Management Systems (ISMS).

We all face it - the daily barrage of spam, now infested with zero-day malware attacks, not to mention the risks of malicious insiders, infected laptops coming and going behind our deep packet-inspecting firewalls and intrusion-prevention systems. Some even have to worry about how to prove steps of due care and due diligence towards a growing roster of regulatory compliance pressures.

Boulton Fernando was appointed CSO of IndyMac Bank in the US in July. Here's the aggressive to-do list for his first three months.

It seems like we read about an IT security infraction just about every day. This ought to be somewhat surprising, given the large amounts of emphasis placed on security over the past 25 years as measured by industry research, investments, resources, equipment, training, courses, certifications and books dedicated to the topic.

The Information Technology Infrastructure Library is coming; early adopters say it's a friendly invasion.