infosecreviews

rapid application development | InfoSec Perception

In business continuity planning (BCP) and disaster recovery planning (DRP), its commonplace to urge planners to create initial plans and then test them for ways to improve. This approach is parallel to the current standards of software development and risk management. In the 1960s and 1970s, the standard software development methodology was the system development …

rapid application development | InfoSec Perception Read More »

security policies | InfoSec Perception

Because people execute security policies (or violate them), hiring, managing and (alas) firing are important aspects of information assurance (IA) management. In a recent class discussion of personnel policies and security, the IS342 Management of Information Assurance class reviewed some of the fundamental principles of personnel and security. To start with, we face two fundamental …

security policies | InfoSec Perception Read More »

Francis Cianfrocca | InfoSec Perception

Francis Cianfrocca, a leading expert on Advanced Persistent Threats, continues his overview of the issues following his first article on the topic in the InfoSec Perception blog. What follows is Mr Cianfrocca’s work with minor edits from M. E. Kabay. Advanced persistent threats (APTs) attack with privilege escalation and operate through application accesses that, to …

Francis Cianfrocca | InfoSec Perception Read More »

SCADA | InfoSec Perception

Francis Cianfrocca, a leading expert on Advanced Persistent Threats, continues his overview of the issues following his first article on the topic in the InfoSec Perception blog. What follows is Mr Cianfrocca’s work with minor edits from M. E. Kabay. Advanced persistent threats (APTs) attack with privilege escalation and operate through application accesses that, to …

SCADA | InfoSec Perception Read More »

Book Reviews: Information Security Books and Product Reviews – Virtual Shadows

Book Title: Virtual Shadows Subtitle: Your Privacy in the Information Society Author: Karen Lawrence Öqvist Publisher: The British Computer Society (BCS) Date of Publishing: 20 December 2008 ISBN(13): 9781906124090 Price (UK&US price – full price, not discounted price): £14.99,   $24.99 URL of Amazon UK web page: Virtual Shadows: Your Privacy in the Information Society URL …

Book Reviews: Information Security Books and Product Reviews – Virtual Shadows Read More »

Book Reviews: Information Security Books and Product Reviews – Chained Exploits

Book Title: Chained ExploitsSubtitle: Advanced Hacking Attacks from Start to FinishAuthor(s): Andrew Whitaker, Keatron Evans, Jack B. Voth Publisher: Pearsons Education Inc Date of Publishing: February 2009ISBN(13): 9780321498816 Price (UK&US price – full price, not discounted price): £36.99,  $49.99 URL of Amazon UK web page: Chained Exploits: Advanced Hacking Attacks from Start to Finish URL of …

Book Reviews: Information Security Books and Product Reviews – Chained Exploits Read More »

Book Reviews: Information Security Books and Product Reviews – Official (ISC)2® Guide to the ISSMP® CBK®

Book Title: Official (ISC)2® Guide to the ISSMP® CBK® Editor: Harold F. Tipton Contributor(s): James Litchko, Craig Steven Wright, Cheryl Hennell, Maura van der Linden and Keith D. Willett Publisher: Auerbach Publications Date of Publishing: 28 April 2011 ISBN(13): 9781420094435 Price (UK&US price – full price, not discounted price): £49.99,   $69.95 URL of Amazon UK …

Book Reviews: Information Security Books and Product Reviews – Official (ISC)2® Guide to the ISSMP® CBK® Read More »