Archive for the 'security' Category
Like many others organizations, I’m pleased to announce that Hitachi Data Systems has joined the Cloud Security Alliance (CSA) as a full corporate member. We are quite excited about the CSA scope of work, and in particular, we anticipate getting involved in Version 3.0 of the “Security Guidance for Critical Areas of Focus in Cloud [...]
For Security professionals, especially those of us based in the U.S., the guidance from the National Institutes of Standards and Technology provides a wealth of information. Of particular interest are the documents from the 800 Series Special Publications and the NIST Interagency or Internal Reports (NISTIRs) from the Computer Security Resource Center (CSRC) of the [...]
The Computer Security Institute (CSI), an educational membership organization for information security professionals, released the 15th edition of its annual CSI Computer Crime and Security Survey this month (December 2010). Until 2007, these surveys were a collaborative effort between the CSI and the Federal Bureau of Investigations (FBI), and it was available publicly. The current [...]
When it comes to standardizing security guidelines, practices, technologies, and protocols, there are a plethora of standards development organizations or SDOs operating in this space. Some are accredited and recognized as sources of formal standards, while others produce industry, government, and de facto standards.
The Government of Singapore held its annual security conference, called GovWare 2010, during the last week of September. This event reminded me of the early days of the RSA Conference when it was much smaller and not so hyped or chaotic. The event was small enough that the organizers could entice the participants into the [...]
As data privacy and confidentiality requirements continue to increase, more and more organizations are turning to, or considering use of encryption in conjunction with storage. This has been especially true for tape-based storage, but an increasing number of sites are also looking to disk-based encryption for basic protections. Implied in all but the simplest of [...]
At the risk of being called a certification snob, I’d like to weigh in on the Cloud Security Alliance’s (CSA) Certificate of Cloud Security Knowledge (CCSK), which was announced in late July of 2010 (The CCSK examination became available on September 1, 2010 and will ultimately cost $295; however, there is a promotional period that [...]