Articles on Risk Management

• Malware What is an Exploit Kit?
  Exploit kits are toolkits that automate exploitation of client-side vulnerabilities, targeting browsers and plugins like Adobe Reader, Java, and Flash. Key characteristics include ease of use by...
• Social Networking Information Security in the World of Social Media
• Cloud Security Risks to Consider When Adopting Cloud Services
  Cloud risks stem from three characteristics: agility (rapidly-changing environments make consistent controls hard), sharing (compromise to one component affects neighbors), and outsourcing (loss of...
• Risk Management Risk Management: Objectivist and Subjectivist Approaches
  Objectivists rely purely on historical data to predict risk; subjectivists complement data with judgment about context. A coin flipped by a magician might warrant different probability assessments...
• Cloud Getting Started with Cloud Security and Risks - Favorite Frameworks
  Key cloud security frameworks: NIST defines cloud computing terminology (SaaS/PaaS/IaaS, deployment models), Cloud Security Alliance provides comprehensive security guidance across governance and...
• Cloud Cloud Security Attestation Beyond SAS 70
  SAS 70 was designed for financial systems, not security certification—it only confirms controls the provider paid auditors to evaluate. Better options include SysTrust (prescriptive control set), ISO...