Email Alerts
-
Despite economic uncertainty, information security spending remains strong
Check out this expert e-book and learn about the security issues that are receiving increased focus in the UK for 2009 and get tips for addressing these challenges. Get the latest tips and the inside scoop on the impact the economy is having on infor... E-Book
-
2012 Royal Holloway information security thesis series
Read thesis articles from graduates of the information security master of science program at Royal Holloway, University of London. guide
-
Privacy and electronic communications regulations: Guide to EU cookie compliance
Get advice for implementing PECR regulations requiring website owners to request users’ permission to place a tracking cookie. Guide
-
IT in Europe: Information Security Edition e-zine
e-zine
-
2011 Royal Holloway information security thesis series
This series of articles from recent MSc graduates of the Royal Holloway University of London grapples with a variety of information security topics. Royal Holloway 2011
-
Ranking the global cyberthreat, IT infrastructure risks
What's the real threat of global cyberwar, and how vulnerable are IT infrastructures? Feature
-
Disaster recovery and contingency planning security considerations
Security must be included in disaster recovery planning to ensure sensitive data is protected. Feature
-
Vendor risk management and the CISO
The CISO has a key role in reducing the risk of sharing sensitive corporate data with third parties. Feature
-
Smartphone risk: Does your corporate smartphone policy stack up?
Many organisations that allow smartphones to access their networks are woefully under-aware of many of the risks. Feature
-
IT in Europe, Security Edition: Calculating risk and managing threats
Find all articles from Information Security Europe magazine for Spring 2011. Magazine
-
Uneasy feeling: Risk management for emerging types of security threats
Calculating risk is never an exact science, particularly when new threat vectors are constantly emerging. Feature
- See more Essential Knowledge on Information Security Risk Assessment: Methodology and Analysis
-
PCI assessor and CISO: Work together for the best PCI ROC
In a session at the SOURCE Boston conference, a PCI assessor and a CISO explain that there are ways to arrive at a report on compliance they can both appreciate. News | 19 Apr 2012
-
Defining a full security threat
How would you define a security threat? The correct answer could score the funding you need for your next security project. News | 12 Apr 2012
-
SIEM deployment case study shows patience is required
Williams Lea’s SIEM is already helping reduce manual log reviews. But there’s still a lot of work to be done before the SIEM can be fully deployed. News | 30 Mar 2012
-
For website owners, UK cookie law causing confusion, uncertainty
A survey of digital marketing professionals found some companies plan to take no action to comply with UK cookie law before the May 26 deadline. News | 27 Mar 2012
-
Costs of a data breach falling, but cost per record rising
The cost of a data breach in the UK is falling, data from Ponemon Institute shows, but the news isn't all good. News | 26 Mar 2012
-
Cloud maturity model to help SMBs judge security of cloud providers
CAMM, a new cloud maturity model, may be the key to helping organisations, and especially SMBs, evaluate the security of cloud providers. News | 20 Jan 2012
-
Report on UK cybercrime statistics reveals culprits and responders
PwC’s cybercrime statistics reveal who is most likely to commit cybercrime, and who is the best choice to respond in any organisation. News | 06 Dec 2011
-
Private companies can expect more ICO fines, regulator warns
A regulator warned private companies who do not adequately protect data will face ICO fines up to £500,000. News | 20 Oct 2011
-
UK IT spending by industry: Despite cuts, security spending likely stable
While industries slash IT budgets, information security spending will likely hold steady. News | 22 Sep 2011
-
Bank security on top in consumer information security trust survey
More than half of respondents indicated they trusted financial institutions with their personal data, with students being the most trusting overall. News | 16 Sep 2011
- See more News on Information Security Risk Assessment: Methodology and Analysis
-
The new EU data protection regulation: Planning for compliance
The new data protection rule will impact businesses worldwide. Discover quick wins for SMBs and projects for large businesses to move to compliance. Tip
-
Using open source intelligence software for cybersecurity intelligence
Discover the information that may be leaking out of your organisation before hackers use it to launch an attack against your organization. Tip
-
Prep and test your Olympics 2012 security contingency plans
To maintain information security during the 2012 Olympics, security and IT contingency plans must be tested in several key areas. Tip
-
With mobile payments, security teams must move quickly
As employees make payments on their mobile devices, the security team must act quickly to ensure corporate assets remain secure. Tip
-
A compliance strategy for the controversial cookie opt-in regulation
Businesses face many concerns with the PECR cookie law. Compliance expert Alan Calder offers a compliance strategy for the cookie opt-in regulation. Tip
-
Four steps to comply with PECR, ICO cookies regulations
To comply with ICO regulations, you’ll need to clean up website cookies and prepare pop-up permission requests. Alan Calder explains how. Tip
-
Using Burp Suite proxy tool to examine client-side requests
The free Burp Suite proxy tool can be used for good or for bad. Expert Rob Shapland provides usage scenarios for both. Tip
-
Incident reporting and employee surveillance laws in other countries
When an organisation has employees abroad, the security team must understand employee surveillance laws and incident reporting requirements. Tip
-
Security policy and international employment laws for hiring overseas
Before opening an office abroad and hiring employees in other countries, learn how to adapt your security policy to international employment laws. Tip
-
Stop phone tracking and GPS data leakage
GPS-enabled smartphones and other GPS devices may leak confidential or sensitive data, making it easy for attackers to target your employees. Tip
- See more Tips on Information Security Risk Assessment: Methodology and Analysis
-
EU cookie regulations: Advice for firms in the US and other countries
Expert Alan Calder responds to a reader’s question: Must companies outside the EU change their websites to comply with EU cookie regulations? Answer
-
Open source software security issues: How to review OSS for security
A reader asks how to judge the security of open source software products. Expert Michael Cobb lists three areas to check. Ask the Expert
-
Are there Web service security standards or risk assessment checklists?
As more organisations integrate business-critical functions with Web services, the security of those services becomes of greater importance. But are there Web service security standards whereby businesses can assess that security? Expert Neil O'Conno... Ask the Expert
-
Getting the most out of the gap analysis process
In this expert response, Neil O'Connor explains how to get the most out of the gap analysis process in your organization. Ask the Expert
-
What considerations should be made when outsourcing IT infrastructure?
Expert Peter Wood explains how to investigate a partner's security posture when your IT infrastructure is outsourced. Ask the Expert
-
How can a corporation assess the costs of whole-disk encryption?
Security management pro Mike Rothman explains how an enterprise can estimate the costs of implementing whole-disk encryption. Ask the Expert
-
Protecting consumer data with a fraud and risk assessment policy
In this Q&A, Mike Rothman discusses the risk assessment policies that merchants should practice when handling consumer bank cards. Ask the Expert
-
What types of software can help a company perform a security risk assessment?
Security management expert Mike Rothman unveils what kind of software is on the market to help assist a company in the risk assessment process. Ask the Expert
-
What is the relationship between open port range and overall security risk?
Exposing a large number of well-known ports could be a substantial risk, depending upon their nature. In this expert Q&A, Mike Chapple explains why it may be best to narrow down a port range. Ask the Expert
-
What are the risks associated with outsourcing security services?
In this expert Q&A, security management pro Mike Rothman discusses why outsourcing security services could be a bad idea. Ask the Expert
- See more Expert Advice on Information Security Risk Assessment: Methodology and Analysis
-
Office of Cyber Security and Information Assurance (OCSIA)
The Office of Cyber Security and Information Assurance (OCSIA) is part of the UK Cabinet Office, which sits at the centre of government. Definition
-
Survey roundup: Trends in IT security topics
Surveys on a variety of IT security topics highlighted key trends in Web application vulnerabilities, cloud computing concerns and the motivations behind attacks. Photo Story
-
Risk management in information technology
Get advice on creating a strategy for mitigating information security risk from expert Nick Frost of the Information Security Forum. Video
-
Marcus Ranum on cyberwarfare, infosec careers
At 2009's Information Security Decisions conference, security expert Marcus Ranum sat down to answer some of readers' security questions. Video
-
Building a framework-based compliance program
Richard Mackey of SystemExperts offers expert advice on how to construct a framework that can help enterprises identify their compliance needs. Video
-
2012 Royal Holloway information security thesis series
Read thesis articles from graduates of the information security master of science program at Royal Holloway, University of London. guide
-
The new EU data protection regulation: Planning for compliance
The new data protection rule will impact businesses worldwide. Discover quick wins for SMBs and projects for large businesses to move to compliance. Tip
-
Using open source intelligence software for cybersecurity intelligence
Discover the information that may be leaking out of your organisation before hackers use it to launch an attack against your organization. Tip
-
Prep and test your Olympics 2012 security contingency plans
To maintain information security during the 2012 Olympics, security and IT contingency plans must be tested in several key areas. Tip
-
Office of Cyber Security and Information Assurance (OCSIA)
The Office of Cyber Security and Information Assurance (OCSIA) is part of the UK Cabinet Office, which sits at the centre of government. Definition
-
With mobile payments, security teams must move quickly
As employees make payments on their mobile devices, the security team must act quickly to ensure corporate assets remain secure. Tip
-
PCI assessor and CISO: Work together for the best PCI ROC
In a session at the SOURCE Boston conference, a PCI assessor and a CISO explain that there are ways to arrive at a report on compliance they can both appreciate. News
-
Privacy and electronic communications regulations: Guide to EU cookie compliance
Get advice for implementing PECR regulations requiring website owners to request users’ permission to place a tracking cookie. Guide
-
EU cookie regulations: Advice for firms in the US and other countries
Expert Alan Calder responds to a reader’s question: Must companies outside the EU change their websites to comply with EU cookie regulations? Answer
-
Defining a full security threat
How would you define a security threat? The correct answer could score the funding you need for your next security project. News
- See more All on Information Security Risk Assessment: Methodology and Analysis
About Information Security Risk Assessment: Methodology and Analysis
Get advice and the latest news on enterprise risk management. Browse our resource center to get information on information security risk assessment analysis, methodology, tools, training and tips on how to build a risk assessment policy.