Feed: Information Security Resources » FEATURE ARTICLE - AggScore: 83.0

By Robert Siciliano, Identity Theft Expert Shipping scams are a common tactic criminals use in which they employ mules to receive goods bought with stolen credit card numbers, who then ship to people who buy them in online auctions. The mules in this process are essentially facilitating selling hot goods and money laundering.

By Christopher Burgess, Senior Security Adviser Clearly communicate that, in fact, there are secrets. Once employees understand that they have a responsibility to protect the enterprise, the chasm between the security professional and the rest of the staff not only shrinks, it disappears. Far too often, security policies arrive as a reaction, as opposed to a proactive management of risk. Through this process, the enterprise will acknowledge security as forethought, not an afterthought.

By Bozidar Spirovski, CISSP, MCSA, MCP Reading through a Windows security log or any other log can be very difficult and time consuming, so a lot of companies have created their own tools to analyze windows event logs. But before you start going commercial, there is a tool that will get you going without any cost. Against all odds, it's a tool made by Microsoft!

By Robert Siciliano, Identity Theft Expert I started looking on e-bay and found plenty of new and used ATMs ranging from $500-2500 but quickly determined I didn’t want to pay $300 for shipping. Next was Craigslist, where I quickly found an ad from a bar north of Boston. They were selling pool tables, Budweiser neon signs and an ATM for $750.

By Anthony M. Freed, Information-Security-Resources.com Managing Editor "First, the President is correct in his appreciation of the need to view cyber security as not just a technical and security issue, but as an economic one as well. In the 21st century - the digital century - economics and security are opposite sides of the same coin. You cannot affect one without impacting the other." ~ Congressional Testimony

By Anthony M. Freed, Information-Security-Resources.com Managing Editor An innovative new investor analytic tool made its public debut today, and it offers an exciting look at what may well be the future of online trading for both market experts and arm-chair analysts alike. Trefis, named for its focus on trends, forecasts, and insights, is revolutionary in its forward-looking approach to stock analysis which, incorporates a more intuitive look at the relationship between a company's product divisions and its stock price.

Coby Royer, Technical Product Manager for Symplified Acquisition and deployment of real solutions is now within grasp of business owners (seemingly) without the need for conventional IT delivery and support. But many questions may go unanswered without engagement of EA, and latent risks (such as compliance and security) may turn into real issues.

BY Mel Duvall, Chief Content Officer at CIOZone In its recently released Global CIO Study, IBM found that 83% of respondents identified business intelligence and analytics as the best way to help enhance their organizations' competitiveness. At the company's Information on Demand conference in Las Vegas, IBM outlined a series of new products and services. It includes tools to analyze the increasing volumes of unstructured data found on Web sites, on social networking sites and in digital files.

By Michael O'Connor, President of IronClad Consulting Kellogg, Brown & Root (KBR) was responsible for the kickback fraud that occurred in the US v. Khan case, and has been the focus of many other cases of procurement fraud within the LOGCAP project. Since combat operations began in 2001, DCAA has referred to criminal investigators 32 cases of suspected fraud that were associated with all wartime-support contracts. Of those, the vast majority were related to the Logistics Civil Augmentation Program.

From The Internet Security Alliance Larry Clinton, president of the Internet Security Alliance (ISA), will testify tomorrow at a U.S. Senate Judiciary Terrorism and Homeland Security Subcommittee hearing titled, Cybersecurity: Preventing Terrorist Attacks and Protecting Privacy in Cyberspace.

By Robert Siciliano, Identity Theft Expert People who generally have to much time on their hands read my posts. Or they simply enjoy my train wreck world view. Anyway there are some fantastic resources that I draw from that help me to break down the complicated issues revolving around how to keep the bad guy from draining your bank account. The following make me look good (not to insult them):

By Rebecca Herold (The Privacy Professor) CIPP, CISSP, CISM, CISA, FLMI Wouldn't it be a good idea to have privacy certifications for the organizations that are part of the large smart grid and for the smart meters to help ensure they are appropriately addressing privacy and providing households with informed decision-making capabilities for how the information collected from their homes through these devices are used?

By Richard Stiennon, Chief Research Analyst, IT-Harvest On October 28th President Obama signed into law the National Defense Authorization Act for Fiscal Year 2010. OK, so more people are needed. Now, let’s talk money. How much money is provided in the 2010 Defense Authorization Act for Cyber Defense? A lot.

By Robert Siciliano, Identity Theft Expert Once a predator uses your Internet connection to go to into the bowels of the web, your Internet Protocol address, which is connected to your ISP billing address, is now considered one that is owned by a criminal. If law enforcement happens to be chatting with that person, who’s using your Internet connection to trade lurid porn, then someone may eventually knock on your door at 3 AM with a battering ram. And in freakish and relatively new twist, hackers can use a virus to crack your network and gain remote control access, and then store illicit porn on your hard drive.

By Danny Lieberman, Security Expert and Founder of Software Associates The question is not lack of process but whether or not security is being used to help enforce business process in the relevant areas of product safety, customer service, employee workplace security and information protection in business-to-business relationships.