Security Metrics and Risk, How valuable is that dashboard report?

Information security risks are hard to quantify because they involve a lot of “what-if” and “it might happen.” Risks are basically Threats multiplied by Vulnerabilities multiplied by Consequences. Information Security departments use number driven performance dashboards to represent information security risks to a company, or to compliance. What exactly are these reports saying? Introducing a little Security [...]

Comments Off on Security Metrics and Risk, How valuable is that dashboard report?

Moving over Keystroke Loggers, now we have Dynamic Time Warping?

Researchers at InversePath announced at the Tenth Annual CanSecWest conference that they were able to detect sniff keyboard strokes and determine which letters were being typed. They were able to detect and deduce the mechanical emissions from a keyboard by pointing a laser on the reflective surface of a laptop. Security Engineer Andrea Barisani and [...]

Comments Off on Moving over Keystroke Loggers, now we have Dynamic Time Warping?

Data Theft and Least Privilege

Security vendor Cyber-Ark recently released a survey that 71 percent of employees globally said they would steal sensitive data if they were fired suddenly. The information stolen from current employers could be sold to competitors as an act of corporate espionage or used as negotiating tools in their current situation. The tool of choice would [...]

Comments Off on Data Theft and Least Privilege