FREE Resource Overflowing With Great Info Sec & Privacy Articles Just Published

Long time dear friends and colleagues of mine, Tom and Justin Peltier, just published their “2007 Year in Review.”
It is a great, FREE, resource to add to your information security, privacy and compliance files.
Here are the folks who contributed, along with the articles they wrote:


Table of Contents
PELTIER EFFECT YEAR IN REVIEW
Foreword – Marcus Ranum
Chapter 1 – PELTIER EFFECT: BUSINESS OF SECURITY
Foreword – Roy Stephan 1
Sometimes We Forget‚ĶLeave TJ Maxx Alone!!! Lessons We Learn When We Present Our Solutions to an Audience – Ariel Coro 2
How Encryption Strategies Can Support Business Growth Initiatives – Jeff Sauntry 4
Testing the Protection of Business Assets, Not the Infrastructure – Alec Bass 7
Nothing for Nothing- John Blackley 9
Ten Ways to Waste Your Training Money – Clement Dupuis, CD 11
Are You Earning What You‚Äôre Worth? – Kevin Beaver 13
Becoming a Thought Leader- Rich O’Hanley 15
Chapter 2 – PELTIER EFFECT: STANDARDS AND CERTIFICATION
Foreword – William Murray 18
PCI DSS: PROS, CONS, INCENTIVES ‚Äì DEVELOPING A SECURITY STRATEGY – Tom Lamog 19
Herding the Compliance Cats – Anne Kuhns 21
Now That I‚Äôm Compliant, How Do I Stay That Way? Elements of a Compliance Monitoring Program – Patrick D. Howard 23
Selecting Information Security Management Standard for Certification – Sigurjon Thor Arnason 26
Information Security Certification: Our Professional Dilemma – Darlene Nelson and James A. Nelson 28
Leveling the Regulatory Security Playing Field – Torsten Larson 30
What’s New with ISO 27001 – Changes in the ISO 27000 Family of Standards – Ray Kaplan 32
Chapter 3 – PELTIER EFFECT: THE YEAR THAT WAS
Foreword – Tom Peltier, Justin Peltier, Brad Smith 35
Intellectual Property Developments in 2007 – M. E. Kabay, PhD 36
How Absurd is This Business After All? Laughing at the 2007 Infosec Landscape – John Ceraolo 40
2007 ‚Äì The Year Timing Attacks Made a Comeback – Haroon Meer 43
Chapter 4 – PELTIER EFFECT: WHAT’s NEXT?
Foreword – Max Caceres 45
Security and Virtualization – John G. O‚ÄôLeary 46
Transparent Security ‚Äì How Cracking WEP Will Make Network-Based Security Invisible to Users – Andy Logan 50
Vulnerability Management at the Crossroads – Iv√°n Arce 52
Computer Security Meets Alcohol Breath Testing – Eric Van Buskirk, JD 58
Tomorrow Everything May Be Insecure – Aaron Earle 61
Chapter 5 – PELTIER EFFECT: THE LIFE OF A SECURITY PRACTITIONER
Foreword – Ray Kaplan 63
Creating the Information Security Village – Kimberly Pease 64
Building Your Own Personal Rootkit – Charles Johnson and Gary Dreamer 66
It’sTtime to Harden Up Those Security Officer Soft Skils – Todd Fitzgerald 68
Career Progression from Security Into Enterprise Management – Michael J. Corby 71
A Day in the Life of an Information Security Officer – Robert Childs 74
We Never Learn – Brad Smith 76
You‚Äôre Doing What? Who Are We Going To Get To Help Us? – John Melo 78
War and Peace In Cyberspace Profiles In Cyber Courage #2: Tom and Justin Peltier – Richard Power and Dario Forte 80
Chapter 6 – PELTIER EFFECT: INCIDENT RESPONSE AND FORENSICS
Foreword – Thomas Rude 85
Forensics for a Rainy Day – Justin Peltier 86
Holistic Investigations: A Must For Today’s Incidents – Lawrence D. Dietz, Esq. 88
Managing a Crisis, A Joke or Reality? – Herve Schmidt 90
The State Of The Art in Digital Investigations: Log And Remote Forensics: Guaranteeing the Right Balance Between Technology and Compliance Needs. – Dario Forte 92
Chapter 7 – PELTIER EFFECT: SECURITY AROUND THE WORLD
The Security Challenge of Outsourcing to the BRIC Countries – Robert Janssen 95
Protecting Data In A Very Off-Shore Paradise – Jack Durner 97
Everything You Want To Know About China Internet – A Brief Summary of the CNNIC Statistical Survey Report on the Internet Development in China – Shijian Wu 99
Information Security in Australia 2007: Boom or Bust? – Jodie Siganto 105
Chapter 8 – PELTIER EFFECT: THREATS
Foreword – John McCormick 108
Data Leakage: The Insidious Threat – Faith M. Heikkila 109
The Rootkit Epidemic – E. Eugene Schultz, Ph.D 112
Local Government ‚Äì The Changing Information Security Threat Environment – Al Brusewitz 116
Growing Business Risks of Social Networking Sites – Rebecca Herold 118
Chapter 9 – PELTIER EFFECT: CONTROLS
Foreword – Terri Curran 121
The Emperor’s New Clothes and the Future of Operational Risk Measurement – John Sherwood 122
Risk Assessment Methodology for Small Business (RASB) – Nanette S. Poulios 124
Domain Modelling: The Powerful Force for Policy, Risk Management, Ownership and Reporting – David Lynas 130
Risk Analysis Versus Risk Assessment – Thomas R. Peltier 134
Going Against the Gradient – Dave Aitel 137
Tips and Techniques on How to Generate and Remember Passwords – Joseph W. Popinski Ph.D 138
Convergences – Peter Stephenson, PhD 140
References 143

Tags: , , , , , , , , ,

Leave a Reply