We often get to hear that Email accounts are hacked and someone else has logged in email addresses and sent out mails to the address list. No this certainly is a case where one gets worried about the misuse of email account. But then who is responsible? Certainly we ourselves as we either do not …
1 Executive Summary Information Security Risk Management has gained momentum across the industry verticals. The CXOs across the industry segment are now focusing more and more on the ways and means of containing the troika of threat, vulnerabilities and risks to acceptable levels. Various vendors have introduced tools and various service providers have come up …
Information Security, even when is ushered rings bells in everyone’s mind. It is often taken in negative senses and is seen as a Show Stopper. But is it so? Why can’t we take a step forward to understand the term of Information Security and create a Business friendly definition of the same? What …
Personal computers being used by the users at their home are the worst affected machines when there is a virus or worm outbreak. These machines are not the actual targets. Infact these machines are the escape goats for the malicious users for using them for a bigger and more severe attack on the target. The …
Information Security today is Governed by Regulations, Standards, Guidelines and Industry Best Practices. They provide for frameworks, methodologies and approaches to attain Information Security baselines. Compliance to any of them is just meeting these baselines, but there is more to be done over and above the compliance. Compliance achievement is something that holds importance with …
PCI-DSS compliance can be achieved with effective and efficient mapping of control requirements with either the ISO 27001 or the COBIT framework as already established and accepted across the world and industry segments. But whatever framework we follow for PCI-DSS Compliance, following steps must be followed in order to ensure that the compliance is being …
With PCI-DSS fast approaching its deadline for the compliance adherence, most of the organizations are putting their act together to meet the compliance requirements. But there lies a challenge to look for the right approach therein. The consultants/implementers/maintainers are often dwindling about what approach to take in this area. Various vendors are pitching for their …
As already raised the bar of suspicion in the previous two articles, now thething to think is – what needs to be done to clear the air of suspicion?What is the possible way out to clear the ambiguity in the Process ofOutsourcing? Well though there are various ways to deal with the situation,and one can …
Loss of Control By far and the foremost inherent risk of outsourcing is the “Loss of Control” on the outsource process. While outsourcing the IT Security processes, this at times can prove to be the worst nightmare for the organization’s management. The most common of the concerns, triggered by the decision to outsource lies with …
Outsourcing of IT Services is the trend of today, and why not it helps an organization in focusing towards its core business where the strength lies. Why should an organization spend the time, effort and other resources where it does not specialize and which is not its core area of operations. The first and foremost …
