Strange but true, Yesterday I happen to identify a new virus / spyware / grayware that is interestingly a mysterious stuff. I suddenly suspected something fishy on my machine and the initial diagonosis using Trend Micro revealed Nothing. I restarted my machine and there while the processes were being started saw a new process – …
Information Security Breach can be referred to as the compromise with Confidentiality of Data / Information with an Unauthorized and Unwarranted access. However a breach might not always result in Data Theft, but as the Information Guardian, the Information Security Team of an organization must vigilantly secure access to the Information Assets hosting/processing critical information including …
We often get to hear that Email accounts are hacked and someone else has logged in email addresses and sent out mails to the address list. No this certainly is a case where one gets worried about the misuse of email account. But then who is responsible? Certainly we ourselves as we either do not …
1 Executive Summary Information Security Risk Management has gained momentum across the industry verticals. The CXOs across the industry segment are now focusing more and more on the ways and means of containing the troika of threat, vulnerabilities and risks to acceptable levels. Various vendors have introduced tools and various service providers have come up …
Information Security, even when is ushered rings bells in everyone’s mind. It is often taken in negative senses and is seen as a Show Stopper. But is it so? Why can’t we take a step forward to understand the term of Information Security and create a Business friendly definition of the same? What …
Personal computers being used by the users at their home are the worst affected machines when there is a virus or worm outbreak. These machines are not the actual targets. Infact these machines are the escape goats for the malicious users for using them for a bigger and more severe attack on the target. The …
Information Security today is Governed by Regulations, Standards, Guidelines and Industry Best Practices. They provide for frameworks, methodologies and approaches to attain Information Security baselines. Compliance to any of them is just meeting these baselines, but there is more to be done over and above the compliance. Compliance achievement is something that holds importance with …
PCI-DSS compliance can be achieved with effective and efficient mapping of control requirements with either the ISO 27001 or the COBIT framework as already established and accepted across the world and industry segments. But whatever framework we follow for PCI-DSS Compliance, following steps must be followed in order to ensure that the compliance is being …
With PCI-DSS fast approaching its deadline for the compliance adherence, most of the organizations are putting their act together to meet the compliance requirements. But there lies a challenge to look for the right approach therein. The consultants/implementers/maintainers are often dwindling about what approach to take in this area. Various vendors are pitching for their …
As already raised the bar of suspicion in the previous two articles, now thething to think is – what needs to be done to clear the air of suspicion?What is the possible way out to clear the ambiguity in the Process ofOutsourcing? Well though there are various ways to deal with the situation,and one can …
