FOSE 2011 Report: Continuous Monitoring – More than technical controls.
Author: TalaTek; Published: Aug 2, 2011; Category: Compliance, Continuous Monitoring, Data Security, Federal law, Risk Management, Security; Tags: Compliance, Continuous Monitoring, Data Security, Federal law, Risk Management; No Comments
TalaTek began delivering FISMA continuous monitoring risk management services to its clients in 2008. At that time, this was something very few paid much attention to, and for the most part compliance efforts ended by signing the certification document. Customers were not interested in Continuous Monitoring services beyond that and instead waited for the annual or tri-annual anniversary to start the process all over again. More Info»
The White House wants DHS to play a larger role in cybersecurity.
Author: TalaTek; Published: Jun 5, 2011; Category: Cloud Computing, Compliance, Continuous Monitoring, Cybercrime, Cybersecurity, Data Security, Federal law, Security; Tags: Compliance, Cybercrime, Cybersecurity, Data Security, DHS, Federal law, Risk Management; No Comments
The administration is serious.
In one of the first signs of how seriously the current administration takes cybercrime, on May 12 the White House sent its cybersecurity legislation to Capitol Hill, asking for changes in the law. Specifically, the White House wants the Department of Homeland Security (DHS) to have more authority – and responsibilities – in overseeing both private-sector and government networks. Additionally, the White House asked for a national data-breach law, one that would supersede the current state-by-state laws. More Info»
Sandbox Technology Can Make Browsing Safer.
Author: TalaTek; Published: Mar 24, 2011; Category: Cloud Computing, Continuous Monitoring, Risk Management, Security; Tags: Browsers, Continuous Monitoring, Risk Management; No Comments
The Emerging IT Conference, presented by the National Capital Area Chapter of ISACA on March 15, 2011, showcased a variety of topics presented by speakers with extensive experience applying technology initiatives in the public and private sectors. Topics included “Managing Data in an Information-Centric Environment,” “Smart Cities” using technology to improve the quality of life, “Mobiles, Tablets, Cloud and Education,” and “Emerging Issues and Approaches in Cybercrime and Digital Evidence.” More Info»
It was inevitable: the WikiLeaks fallout has led to a White House-ordered review of classified data security.
Author: TalaTek; Published: Dec 1, 2010; Category: Compliance, Data Security, Risk Management, Security, Uncategorized, WikiLeaks; Tags: Compliance, Data loss prevention, Data Security, Risk Management, WikiLeaks; No Comments
In a Nov 30, 2010 Federal Computer Week story, it was announced that the White House has instructed federal agencies to immediately evaluate their security practices. The objective: to determine if they have adequate restrictions in place on employees’ access to classified data and their ability to copy classified documents onto mobile devices. More Info»
Defense in Depth: The Way to Stronger Security.
Author: Baan Alsinawi; Published: Jul 22, 2010; Category: Compliance, Data Security, Risk Management, Security; Tags: Data Security, Risk Management; No Comments
Layered protection through security design, policies and processes
As regulatory compliance and audits increase in frequency and complexity, organizations are motivated to address security now rather than later. Many an IT professional has begun to fret about the latest network or application incident, whether the last security fix broke something, and which assets have been left unattended in the complex world of today’s mobile environments. More Info»