Skype in the Enterprise

The following excerpt is a thread from a discussion on Linkedin in the Information Security Community group. This discussion was the impetus for my article Is Skype Secure?  which includes an assessment of Skype Security Risks and an assessment methodology. Question: Anybody using Skype yet at an enterprise level? If so,… Continue reading

Is Server Downtime an Information Security Incident?

The following excerpt is a thread from a discussion on Linkedin in the Information Security Community group. Question: Hi everyone, Information Security is about protecting the confidentiality, integrity, and availability (CIA) of Information Assets. So can someone tell me, at what point does availability become an issue? for instance, is… Continue reading

Separation of Duties in Scrum Software Development

The following excerpt is a thread from a discussion on Linkedin in the CISSP group.  I repost it because I think that it is an important consideration for organizations incorporating agile techniques into their Software Development Life Cycle (SDLC).  Date: October 5, 2010 Question: I am looking for some input… Continue reading