When it comes to cyber, information, IT (or whatever you choose to prefix it with) security, where do you draw a compliant and cost-effective line? Where, between gold-plated and the status quo, is good enough?
Are you seriously going to ask your milkman the same security questions as your network hosting partner?
Of course not. But between those extremes, companies have a world of pain working out how much vendor and change assurance is enough…
A list complete with links to the #RSAC Social Security Blogger Award nominees and winners. May also include a subtle mention of Infospectives in there somewhere.
A concentrated source of great #InfoSec insight.
Passwords are back in the news thanks to Ed Snowden and a certain French media outlet. As the 2014 Worst Password List shows, length really does matter. Why not have a read.
It looks entirely possible you will have ‘adequate’ security dictated by your insurers, so it is your job to understand the risk based yardstick they’re using to define that
The why, what, how and what next of security policies. Now with a riposte from Phil Huggins who provoked this post and the linked articles by questioning the value of traditional written document sets