Before the era of cybercrime, hacking for social, political, or religious causes (so-called hacktivism), and terrorist threats to our infrastructure and monetary systems, the hacker started as an explorer and traveler on the data superhighway. Today, we can still categorize some hackers as explorers. In fact, the title “hacker” carried the pejorative meaning only recently.
Read moreAccording to Donn Parker in Fighting Computer Crime, the weakest link in security is the human. Hackers see the opportunity in having people facilitate the attack. We call this “hacking the human.”
Read moreThe majority of information security education emphasizes the definition and application of best practices. First, a network or system administrator needs to understand the proper application and configuration of network and security devices: routers, switches, firewalls, intrusion detection/prevention systems, and honeypots. A good start with strong IT policies facilitates the implementation.
Read moreIn spite of your best efforts to prevent compromise and downtime, they will occur. Thus, you must not only plan to prevent problems, you must also plan to handle failures when they occur. This type of planning is known as incident management.
Read moreIn order to protect your assets, you must first know what they are, where they are, and how they are tracked and managed. Are they secured? Who has access to them? Who tracks and manages them? Do you have functional procedures in place to respond and recover from a security breach quickly? Do you have a process improvement cycle to prevent re-occurrence?
Read more