NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY 11/30/04 Today's focus: Security on a budget
Dear [EMAIL PROTECTED], In this issue: * 'Security on a Budget' lecture available online * Links related to Security * Featured reader resource _______________________________________________________________ This newsletter is sponsored By BMC Software Linking IT Priorities to Business Objectives, an IDC whitepaper. Get insights from IDC on aligning business goals and IT priorities. IDC offers practical, actionable information on how Business Service Management can help you reduce operating costs, improve service levels, respond faster to business needs and protect delivery of business-critical. Click here to download this whitepaper now. http://www.fattail.com/redir/redirect.asp?CID=88770 _______________________________________________________________ THE 2005 IT ROADMAP: Future Vision - Attend the Technology Tour Event of the Year! Where is IT headed? Which technologies are the new must-haves? Which look good now but are dangerous risks? Find out first and see solutions free at this exclusive reserve-now-or-you're-on the-outside-looking-in event! http://www.fattail.com/redir/redirect.asp?CID=89279 _______________________________________________________________ Today's focus: Security on a budget By M. E. Kabay Two years ago Network World Germany asked me to present a lecture entitled "Security on a Budget" to a conference it organized. I was teaching undergraduate courses on the day of the conference, so I couldn't be in Germany then, but I did arrange to lecture via Vermont Interactive Television. My "IS340 Intro to IA" students piled into a van with me and we drove a few miles up Interstate 89 to Waterbury, Vt., where we sat in a pleasant studio with several cameras and microphones. In a jiffy, we were connected to the organizers and audience in Germany. They could see and hear us; we could see and hear them. In my lecture and the accompanying paper, I went over the basics of information assurance and reminded participants that if poor security practices allow damage to our systems, we may be subject to criminal or civil legal proceedings. Indeed, if our negligence allows third parties to be harmed via our compromised systems, there may be even more severe legal problems. Another issue emerging in e-commerce is that good security can finally be seen as part of a market development strategy. Consumers have expressed widespread concerns over privacy and the safety of their data; companies with strong security can leverage their investment to increase the pool of willing buyers and to increase their market share. We no longer have to look at security purely as loss avoidance; in today's marketplace good security becomes a competitive advantage that can contribute directly to revenue figures and the bottom line. As all security experts today agree, security, like quality, is a process, not a static result. With the constant change in technology in today's world, it is inevitable that there will be new threats and vulnerabilities all the time. However, security need not be a terribly expensive, complicated process. On the contrary, there are some major benefits available from relatively inexpensive measures such as improving corporate culture and implementing defense in depth using relatively simple techniques. The Vermont Interactive Television crew kindly gave me a videotape of the event. Some months ago, in discussion with our instructional-technology staff at Norwich University, I asked if the sound track could be converted to a digital format; they quickly gave me an 8M-byte MP3 file. I have placed the original PowerPoint file, the MP3 file and a PDF file with a review article on my Web site. Simply visit the home page for a pointer in the "New to the site" section: <http://www2.norwich.edu/mkabay> If you do listen to the MP3 file, you might want to skip the first 7.5 minutes unless you speak German; however, after that you will hear my high-pitched, over-inflected voice merrily lecturing in English for the next 40 minutes or so. Feel free to use the materials freely for non-commercial use - but, as usual, please don't post them anywhere else on the Web (it's too hard to correct errors in multiple copies). Remember that you don't have to ask for my permission to use my stuff for internal use; I copyright it precisely so I can give it away for non-commercial applications. I hope you will enjoy the lecture and that you can use it in your internal training for new employees or for executive-level new hires who need a grounding in the basics of information assurance management. RELATED EDITORIAL LINKS No patching panacea Network World, 11/29/04 http://www.nwfusion.com/news/2004/112904patch.html _______________________________________________________________ To contact: M. E. Kabay M. E. Kabay, Ph.D., CISSP, is Associate Professor in the Division of Business and Management at Norwich University in Northfield, Vt. Mich can be reached by e-mail <mailto:[EMAIL PROTECTED]> and his Web site <http://www2.norwich.edu/mkabay/index.htm>. A Master's degree in the management of information assurance in 18 months of study online from a real university - see <http://www3.norwich.edu/msia> _______________________________________________________________ This newsletter is sponsored by GoRemote IDC Whitepaper: Assessing the Benefits of Managed Remote Access Although many companies have historically chosen to build out remote access solutions in-house, the cost of infrastructure; complexity of design and management in multiple access technology environments; and the growing diversity of remote workers, usage patterns, and device types make this approach much less desirable for the modern business environment. Register now to receive recommendations from IDC on how to assess the benefits of managed remote access. http://www.fattail.com/redir/redirect.asp?CID=88731 _______________________________________________________________ ARCHIVE LINKS Archive of the Security newsletter: http://www.nwfusion.com/newsletters/sec/index.html Breaking security news: http://www.nwfusion.com/topics/security.html _______________________________________________________________ Stop playing guessing games with IT efficiency Benefit from a set of best practices that provide IT with a comprehensive checklist for optimizing in the face of change. Tune in today. http://www.fattail.com/redir/redirect.asp?CID=89280 _______________________________________________________________ FEATURED READER RESOURCE DOWNLOAD INDUSTRY WHITE PAPERS NOW NW Fusion's White Paper Library is your source for the latest industry white papers. Recent additions to the library include white papers on securing remote access, VOIP and productivity, domain name system best practices, WLAN security, IT documentation and much more. Click here to download: <http://www.nwfusion.com/vendorview/whitepapers.html> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
