http://michaelpodszywalow.ulitzer.com/ Latest News from Michael Podszywalow en Copyright 2012 Ulitzer.com Ulitzer.com Thu, 17 May 2012 16:51:47 EDT http://backend.userland.com/rss 360 http://michaelpodszywalow.ulitzer.com/node/2075095 You’ve spent months fixing the red items on an internal audit report and just passed a regulatory exam. You’ve performed a network vulnerability assessment and network pen test within the last year and have fixes in place. You’ve tightened up your information security policy and recently invested in a security information and event management (SIEM) solution. You’re secure, right? Put yourself in the shoes of a criminal. He knows that most security programs focus on regulatory compliance. He knows that IT departments have limited budgets. He also knows that you must defend against an almost unlimited number of attack vectors, while he just has to find one way in. How do you protect against a sophisticated, motivated criminal? A professional spy who has targeted your company’s trade secrets? A skilled insider with a specific purpose in mind? These types of people know that information comes in many forms, not just electronic, and they are trained to exploit any vulnerability. An effective information security program must incorporate more than just traditional pen tests and vulnerability assessments. <p><a href="http://michaelpodszywalow.ulitzer.com/node/2075095" target="_blank">read more</a></p> Thu, 24 Nov 2011 15:00:00 EST http://michaelpodszywalow.ulitzer.com/node/2075095 http://michaelpodszywalow.ulitzer.com/node/2075095#feedback