Information Assurance News and Commentary

7/22/08 - Disk Encryption Hacked, Awareness most Critical Security Layer
An update from the Ministry of Defence reports that "One laptop is lost every two days by the Ministry of Defence (MoD) with 659 reported stolen and 89 lost by the department in the past four years." Full disk encryption has been considered a saving grace for the issue of lost laptops and other portable storage devices. Now consider the impact of the recent cold boot attack that enables a "means to circumvent disk encryption simply by powering off a target machine." Implementing technical layers of defense are an important component in any IA program but pail in comparison to effective information security awareness training and properly implemented information security policies and procedures.
Read the complete story here.

6/6/2008 - New whitepaper added:
Malware - Attack and Prevention: An overview of organizational exposures, weaknesses in existing perimeter defenses, its effects, and mitigating recommendations that aren't always obvious but fairly easily implemented.

6/4-5/2008 - NetSecureIA attends NYS Cyber Security Conference:
An outstanding event, the 11th annual NYS Cyber Security Conference, where information security focused professionals and organizations converged to provide an incredible series of informative, provocative, and relevant IA presentations. From the NYS Cyber Security website: "The 11th Annual New York State Cyber Security Conference was held June 4 and 5 at the Empire State Plaza in Albany, New York and once again was a tremendous success. Over 1,000 participants took part in the two-day event, which featured 13 different tracks and 49 sessions focused on a broad range of cyber security topics. Highlights included a hacking demo by Dr. Sanjay Goel, Associate Professor in the School of Business at the University at Albany, SUNY, and a fascinating keynote by Patrick Gray of Cisco Systems."