ZDNet Definition for: CISO

Additional Resources

Pismo File Mount Audit Package 1.0.0.047 (Windows)

The Pismo File Mount Audit Package is a Windows extension that enables access to contents of ZIP, ISO, CFS, CISO, ISZ, DAA, UIF and PFO private folder files by any application. Supported file formats can be mounted as folders in the file system. Version 1.0.0.047 includes unspecified updates.

Tags: Folder, Audit, Pismo Technic, Pismo File Mount Audit Package, Microsoft Windows, Iso standards, Process Improvement, Operating Systems, Software, Quality, Business Operations

Software downloads 2008-09-05

Romanian authorities arrest cybercrime suspects

Well, eight days, and a joint effort to help prevent phishing and two major arrests related to identity theft, and I feel like we've made a decent attack on the identity theft culture. Score one for the good guys for once. Just a day after reading...

Tags: Arrest, eBay Inc., Romania, Romanian, Phishing, Identity Theft, Cyberthreats, Spam, Viruses And Worms, Security, Spam And Phishing, Nathan McFeters

Blog posts 2008-07-17

Apani user profile - CIGNA

I recently had a chance to communicate with Joe Monday and Steve Thomas, both Directors at CIGNA, about their organization's selection and use of products from Apani Networks. Thanks for taking time out of your busy schedule Joe and Steve. Here's a summary of that conversation. ...

Tags: CIGNA Corp., Apani Networks, CIGNA Information Protection, EpiForce, Security, Servers, Hardware, Dan Kusnetzky

Blog posts 2008-06-13

Dan Geer leaves Verdasys for In-Q-Tel

Dan Geer, a risk-management pioneer who is often described as "the dean of the security deep-thinkers' set," has left Verdasys to join In-Q-Tel as chief information security officer. Geer left will remain on the masthead at Verdasys as Chief Scientist Emeritus.  At In-Q-Tel, he will report directly...

Tags: Information Security, Verdasys Inc., In-Q-Tel, Kerberos, Venture Capital, Security, Finance, Financing Startups, Ryan Naraine

Blog posts 2008-05-28

A brief summary

This is not an excerpt from Brief - those ended last week, and next week we'll start the long and boring slog through the second volume in the series: Business Information Technology: Foundations and Culture. Its purpose, where Brief is addressed to top level executives and Defen is intended for...

Tags: Information Technology, MySQL, Jonathan Schwartz, Open Source, Databases, Strategy, Enterprise Software, Software, Data Management, Management, Paul Murphy

Blog posts 2008-05-09

RSA's Coviello: Let's cook up a thinking security defense system

RSA president Arthur Coviello Jr. says security is hampering innovation and that shouldn't happen. The fix: Security pros need to think different and that means cooking up technology that acts as information security immune system. Coviello, who delivered his keynote at the RSA conference in San Francisco,...

Tags: RSA Security Inc., Regulation, Coviello, Security, Larry Dignan

Blog posts 2008-04-08

eBay Red Team Event - Creating Awareness and Sharing Strategies

I recently attended the eBay Red Team event at the eBay campus in San Jose, CA. and got a chance to sit in on several presentations, meetings, and discussions aimed at creating security awareness and knowledge sharing opportunities for several major decision makers in the information security space.  Numerous companies...

Tags: Team, Event, Knowledge, Industry, eBay Inc., Nate, Team Management, Strategy, Security, Management, Nathan McFeters

Blog posts 2008-03-03

AT

ATGood questions but a couple of points ...Regarding:"Funny thing is, says law prof Tim Wu, AT&T spent six years lobbying for the Digital Millenium Copyright Act, which freed them from the responsibility for monitoring,"The DMCA didn't really "free them for monitoring", it gave them an excuse to. Further ...Most...

Tags: Network technology, Web, Comcast Corp., intellectual property, AT&T Corp.

Discussion threads 2008-01-18

Twittering the news

In what is rapidly (OK, it's happened three times in the last few days), Twitter is taking on a role that I'm sure its inventors never conceived. Last week, Robert Scoble offered to pose questions at the Google OpenSocial press conference. He took questions over Twitter. Mike...

Tags: Web, Hour, PayPal, Twitter, Web 2.0, Channel Management, Security, Internet, Marketing, Dennis Howlett

Blog posts 2007-11-05

Michael Barrett on Web 2.0: This stuff scares the hell out of me

When Michael Barrett (CISO, Paypal) heard the Eric Nolin was putting on Defrag, he called up and said "I'd like to come and talk because this stuff scares the hell out of me." His key messages: a we're doomed to repeat history if we ignore it and b security is...

Tags: Web, WEP, Michael, Channel Management, Web 2.0, Network Security, Wi-Fi, Wireless, Security, Marketing, Internet, Networking, Phil Windley

Blog posts 2007-11-05

The Microsoft (monthly) patch cycle conundrum

In a zero-day world when Windows exploits are circulating for months before Microsoft can get patches ready, should Redmond consider a change in its monthly patch cycle? The results of a poll in Larry Dignans first take on this issue (42% prefer "as needed" patches from Redmond) was a...

Tags: Browsers, Cisco, Data theft, Exploit code, Hackers, Microsoft, Oracle, Patch Watch, Pen testing, Punditocracy, Vulnerability research, Zero-day attacks

Blog posts 2007-02-15

Survive a security audit: Brush up on these information security standards

Review key standards related to information security management in this sample chapter from How to Cheat at Managing Information Security. Covered standards, with which every security manager or CISO should be familiar, include: ISO 27001/BS 7799- the primary standard covering information security management ...

Tags: Information Security, Audit, Security Audit, Standards, Syngress, Security

Book chapters 2006-10-11

Best practices for schools to avoid identity theft

After a string of security breaches at universities, identity theft has become a huge issue for IT administrators. In a recent issue of School CIO, two experts offer tips on protecting schools from identity theft. Larry Wong, information technology security officer for the 140,000-student Montgomery County Public Schools in...

Tags: identity theft, Larry Wong

Blog posts 2006-09-29

Measuring Computer Security

Metricon 1.0 took place in Vancouver earlier this month. I wasn't able to be there in person, but I've been reviewing the material that the conference produced. The premise of the conference is pretty simple: we need better metrics for computer security. Andrew...

Tags: Andrew Jaquith, Tim Geer

Blog posts 2006-08-18

Security Spending Nose Dive?

Security Spending Nose Dive?Spending Nosedive - not necessarilyDon't forget, also, that, as certain high revenue security technologies mature (as we've seen with many endpoint solutions like AV and desktop firewall, and are beginning to see even in Network IPS) the buying decisions begin moving to appropriate operations teams, and the...

Tags: security, nose-dive

Discussion threads 2006-06-22

Security Spending Nose Dive?

The latest Merrill Lynch CISO Survey is out and it highlights some note worthy trends. Oddly, the survey indicates that security spending expectations have dropped off dramatically in just the last three months. Respondents expect their IT security spending over the next 18 months to increase only...

Tags: security

Blog posts 2006-06-21

Xacta FISMA Accelerator

If you're a federal CISO who needs a game plan for quickly correcting a poor FISMA report card, Telos has the answer. It's Xacta FISMA Accelerator, a new solution for jump-starting your FISMA compliance efforts. Developed by Xacta Corporation, the leading provider of information assurance and C&A solutions to the...

Tags: Telos Corp., FISMA

White papers 2005-08-01

Death of a Credit Card Processor?

Not since CFS RailRoad let their CIO, CISO, and CSO go has there been such a dramatic repercussion from a security incident. That case was a result of not taking industry best practise protection against a widely predicted threat: MSBlaster attacking the RPC DCOM vulnerability in Windows. A quick recap....

Tags: credit card

Blog posts 2005-07-21

Cisco and Microsoft's tricky partnership

Cisco and Microsoft's tricky partnershipAs Microsoft rolls along...... they do appear to generate a certain amount of road kill. Not that they're hunting, but these days any feature customers want probably already has a supplier.The telephony discussion is interesting:Microsoft is also threatening Cisco's IP phone business. It has already...

Tags: VOIP, TELECOMMUNICATIONS, Telecom & Utilities, Network technology, partnership, Cisco Systems Inc., telephony, Microsoft Corp., IP telephony, software, IP, phone, laugh, Cisco IP

Discussion threads 2005-06-30

Temple University Offers a Lesson in Information Security

Until September 2002, computer security at Temple University in Philadelphia was limited to securing mainframes and providing disaster recovery. However, as information security threats increasingly focused on the Internet and networked systems, and as federal laws were passed requiring greater network security for public and private organizations, the University -...

Tags: Information Security, Temple University, Network Security, Computer, Security, Networking

Case studies