Balancing The Information Security Program

The ability to create, transmit, and store information far exceeds the ability to secure it.  The continued assault on information assets is being perpetrated through sophisticated scams devised by organized crime, foreign government espionage groups, employees, contractors and others. The largely accepted view and standard is that the protection of information assets is a technology function and hence in many organizations all “controls”... [Read More...]

Social Engineering Exploits Delivered Via Telephone

Most individuals who use a computer have received erroneous emails claiming they have won some prize, need to verify online banking credentials, are being contacted to accept funds from some far away estate that has no rightful owner, or some other elaborate story.  The list goes on.   The email based scams are referred to as phishing attacks.  These attacks are carried out by criminals who are looking to farm sensitive information from unsuspecting... [Read More...]