First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

IT security

Hyperventilating about cyber – Part 2

Is the level of concern about cyber merited? Should organizations and individuals be as worried about the possibility and consequences of a breach as they are advised by the consultants, information security pundits, and in news reports?

 

, , , ,

Hyperventilating about cyber – Part I

It’s hard to see a survey these days that doesn’t include cyber as one of the top risks faced by organizations around the world. But should it be?

 

, , ,

NIST’s recommended password policy evolves

As imperfect a means of authentication as they are, “memorized secrets” like passwords, pass phrases and PINs are common, and indeed are the primary means of authentication for most computer systems. In June, the National Institute of Standards and Technology issued a new publication on digital identity management that, in part, recommends changes to password policy that has become standard in many organizations—policy requiring passwords with special characters.

 

, , , , , , , ,

Are all those log-in passwords worth your time?

I’m sure this news will come as a relief to many computer and Internet users out there: a recent study by a researcher at Microsoft has found that many IT security measures—those things we love to hate like having to change passwords every three months or having individual passwords for a dozen different work accounts—simply don’t provide good value for the time and effort they involve, not to mention the bad habits they often cause!

 

, , , , , , , , , ,

The cost of security breaches in Canada

  There’s a new report from TELUS in partnership with the Rotman School of Management that helps quantify the cost of IT security breaches to Canadian companies. The report, based on a survey of more than 600 IT security professionals in Canada found that:   IT security breaches cost the average organization an estimated $834,000 in […]

 

,