Press
Ps(i)² in German magazines:
<kes> – 03/09 Zeitschrift für Informationssicherheit
“Business-Case Information Security”
The article discusses models and possibilities for economic analysis on information security. Investments must be justified and security investments are no exception. But how to reach that goal?
The following models are discussed: cost-benefit analysis, pareto principle according to the German BSI, Total Cost of Ownership (TCO), Total Benefit of Ownership (TBO), Total Economic Impact (TEI), Return on Security Investment (ROSI), Return On Information Security Investment (ROISI), software-benefit portfolio and decision matrixes.
http://www.kes.de
http://www.bsi.de
<kes> – 01/09 Zeitschrift für Informationssicherheit <kes> – 01/09
“Sholder Surfing and Espionage at Business Trains”
With up to 190 mph German trains racing on the ICE high-speed tracks through forests, tunnels and over bridges. No place to use modern communication technology. That was yesterday. Today advertisements tell us: “Travel time is working time.”
The German high speed train ICE is the mobile office for thousands of business travelers. Normally they work in highly protected company buildings behind closed doors with strong access controls. The article shows the risks to their information in their the mobile office called ICE.
http://www.kes.de
http://www.bsi.de
Computerzeitung 10.11.2008
“Vulnerability Management”
Software should work. Security follows function and profit. The result is a plenty of vulnerabilities. Every week, hundreds of new vulnerabilities become disclosed and software vendors take months to provide security updates. Companies with a valuable assets should implement a high level vulnerability management.
HAKIN9 – Abwehrmethoden 05/08
“Evolution of IT-Security”
The term “IT” security implicitly involves a restriction on the technical aspects of modern communication systems and employees getting out of focus. Most IT security personnel and root-users don’t matter.
What is the basic requirements, to focus on social aspects in order to do a significant leap forward? How to use all company knowledge to make the evolutionary step from IT security to information security.
HAKIN9 – Abwehrmethoden 05/08
“How IPS hampers IT security”
Ten years ago, no problem! You could only see what was on a laptop screen when you sat in an exact vertical viewing angle to it. Great times from the perspective of IT security. But then came all sorts of technical achievements such as IPS and sholder surfing became a problem for laptop users.
HAKIN9 – Abwehrmethoden 04/08
“Ritualize IT security”
Rituals provide extensive opportunities to enhance the IT security level. Like this you will make IT security more present, without provoking a defensive attitude of the employees.
The article discusses a three-step approach to use rituals to reach security goals. On this way IT security goals can be communicated much better.
Based on two examples the article demonstrates how the proposed approach can be implemented in practice.
