Information Security Risk Assessment: Methodology and Analysis

Email Alerts

Register now to receive SearchSecurity.co.uk-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Aligning network security with business priorities

    Too often, network security administrators have their security budget requests nixed by executives because they weren't able to align their requests with business priorities. In this tip, learn how to make sure your security and business priorities m... 

  • Information security management hype: Debunking best practices

    The phrase "best practices" gets tossed around frequently in the security industry, but what does it really mean? Are enterprises actually implementing these best practices in information security, or are they just a bunch of security hype? 

  • The basics of enterprise GRC project management

    Implementing an enterprise GRC project requires not only the right technology and training, it also requires cooperation with the executives and employees whose systems and daily work functions may change as a result of the implementation. In this ti... 

  • How to integrate the security of both physical and virtual machines

    According to a recent Gartner Inc. research report, 60% of virtual machines will be less secure than their physical counterparts through 2009. Michael Cobb explores the challenges of securing a mixed infrastructure of physical and virtual machines. 

  • Data threats: Insiders vs. outsiders

    According to Verizon's 2008 Data Breach Investigations Report, outsider activity is much more likely to be the cause of a data breach than insider activity. Does that mean security managers are spending too much time worrying about insiders? Security... 

  • Database patch denial: How 'critical' are Oracle's CPUs?

    A recent survey found that a considerable number of users are outright rejecting Oracle's Critical Patch Updates, perhaps suggesting database administrators feel comfortable with their security defenses or find Oracle's patches to be more of a nuisan... 

  • Windows registry forensics guide: Investigating hacker activities

    The Windows registry can be used as a helpful tool for professionals looking to investigate employee activity or track the whereabouts of important corporate files. In this tip, contributor Ed Skoudis explains how investigators and administrators can... 

  • Why you shouldn't wager the house on risk management models

    Risk models can provide a way to communicate with management but don't fall into the trap of thinking that risk scores are a silver bullet for security. As Mike Rothman explains, risk management metrics are helpful at budget time, but be wary of putt... 

  • Physical security of the IT network

    Fifty feet outside of an office building may be a manhole that hides all the fiber that connects you to the outside world. Should you worry about it? Mike Chapple has some advice. 

  • Misconceptions about information security outsourcing

    With ever-evolving attack methods, demanding regulatory requirements and the constant threat of data leaks, it's no wonder security management can be a tough job. CISOs could certainly use a little help, and according to contributor Khaild Kark, one ...