2013-03-29
Role of Auditors
Being in a financial organization, makes audits, integrated in the DNA of every IT professional. The audits varies from internal, external, regulatory, statutory, to what not. So, are these of any value?
Personally, I have a lot of respect for the audit function. Especially the IT Security audit. However, I prefer working with auditors who know their jobs, and try and look for real risk, and are not just mechanical bots trained to match documents to their check-lists.
Here is one article that is in-sync to my thoughts.
Personally, I have a lot of respect for the audit function. Especially the IT Security audit. However, I prefer working with auditors who know their jobs, and try and look for real risk, and are not just mechanical bots trained to match documents to their check-lists.
Here is one article that is in-sync to my thoughts.
Spamhaus' website hit by a 300Gbps DDoS
2013-03-06
2013-03-05
Evernote hacked! Change Password Now
50 million + users impacted.
An interesting article - Should websites be required to publicly disclose their password storage strategy?
Following hack, Evernote speeds move to two-factor authentication
An interesting article - Should websites be required to publicly disclose their password storage strategy?
Following hack, Evernote speeds move to two-factor authentication
2013-03-01
Bank of America Loses Confidential (?) Data
BOA had some 14 GB of data stored on a public server, which was misconfigured, and anyone could log on to it. With salary details, source code, and what not.
Subscribe to:
Posts (Atom)