NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY 09/09/04 Today's focus: Computer Security Day: useful fun
Dear [EMAIL PROTECTED], In this issue: * Mark your calendar for Computer Security Day * Links related to Security * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Xerox Want to learn the key steps to building a document output strategy that will enhance productivity and reduce costs for your organization? Start by downloading Xerox's white paper, Optimizing Document Output ROI. See how Xerox's solutions can help you manage devices, reduce costs and even boost productivity. http://www.fattail.com/redir/redirect.asp?CID=80880 _______________________________________________________________ NETWORK WORLD SPECIAL REPORTS NOW AVAILABLE Focused reports on compelling industry topics, Network World Special Reports are available online at Network World Fusion. Network World Special Reports on IP Telephony Security, the State of Wireless LANs, trends in the networked world and more are currently available. Download any or all of our Special Reports at: http://www.fattail.com/redir/redirect.asp?CID=79676 _______________________________________________________________ Today's focus: Computer Security Day: useful fun By M. E. Kabay Prevention always suffers from a fundamental feedback problem: the more successful we are in preventing disasters or attacks, the less reinforcement there is for our recommendations. Consider for example the popularity of flossing. At least flossing is based on some sound scientific research. Unfortunately, to many of our colleagues, information security practices remind them of the old joke about a fellow standing on a street corner waving a raw potato around his head every 30 seconds. "Why are you doing that?" asks a passerby. "To keep the dinosaurs away," replies the potato-waver. "But there are no dinosaurs any more," retorts the passerby. "See? It works!" says the spudster triumphantly. So in the absence of rigorous data about annualized loss expectancies, we are stuck trying to keep security interesting or at least tolerable for the people we are trying to protect. One of the measures we can exploit (in a positive sense) is Computer Security Day (CSD). According to Chris O'Connor, IBM's Director of Security Strategy: * CSD was started in 1988 when the Washington, D.C., chapter of ��the Association for Computing Machinery's Special Interest Group ��on Security, Audit, and Control decided to raise awareness of ��computer security. * Nov. 30 was chosen for CSD so that attention on computer ��security would remain high during the holiday season - when ��people are typically more focused on the busy shopping season ��than thwarting security threats. * This year's CSD theme is "personalizing security" by asking ��businesses and individuals to get personally involved in ��creating a more secure global computing environment. * Every year more than 1,000 organizations in more than 50 ��countries officially participate in CSD. * CSD is sponsored by the Association of Computing Machinery, ��IBM and Security Awareness, and is supported by a host of other ��organizations. I concur with supporters of CSD that we need to raise awareness of protecting not only business users but also the general computer-using public against accidents and deliberate attacks. O'Conner continues with suggestions of how readers can get involved: 1. Ask yourself, "What are we doing on Nov. 30?" If your organization doesn't have a security-awareness program, it's a good day to start one. If you have one, perhaps it's time to reinvigorate it by doing an audit of system weaknesses, reminding employees to change their passwords, and revisiting your organization's security policies. 2. Get political. Write your mayor and ask that Nov. 30 be declared "Computer Security Day" in your home town. Ask your senator or representative if they are publicly supporting Computer Security Day to draw political attention to an issue that costs businesses billions of dollars a year. 3. Think globally, act locally. Form a local grass-roots effort to promote Computer Security Day. Gather your brightest security gurus and volunteers to speak to seniors, students, community organizations and other groups about how to spot viruses and spyware and keep their computers safe and up to date. 4. Get your customers involved - let them know security is part of your company's culture. If it's appropriate, print security messages on receipts at the cash register or online transaction confirmation e-mail messages, flash messages across kiosk screens, or use screensavers to showcase your company's commitment to computer security. 5. Make security part of your company's water-cooler talk. You can order posters for the break room from the official CSD 2004 Web site ( <http://www.computersecurityday.org/> ) providing simple, yet often forgotten tips about security. I will finish with yet another invitation to download a copy of my free booklet on Cybersafety from: <http://www2.norwich.edu/mkabay/cyberwatch/cybersafety.pdf> You'll find it full of simple explanations of security issues for non-technical people and practical suggestions on protecting families against Internet-mediated harm. You can give free copies to teachers and students in your local schools, to computer users in senior centers, to youth clubs, to groups in churches / mosques / synagogues / temples, to people in social clubs like the Rotary / Elks / Knights of Columbus and so on. If this column moves you to get involved in CSD, drop me a line after the event to let me know how it went. Enjoy yourselves! _______________________________________________________________ To contact: M. E. Kabay M. E. Kabay, Ph.D., CISSP, is Associate Professor in the Division of Business and Management at Norwich University in Northfield, Vt. Mich can be reached by e-mail <mailto:[EMAIL PROTECTED]> and his Web site <http://www2.norwich.edu/mkabay/index.htm>. A Master's degree in the management of information assurance in 18 months of study online from a real university - see <http://www3.norwich.edu/msia> _______________________________________________________________ This newsletter is sponsored by Xerox Want to learn the key steps to building a document output strategy that will enhance productivity and reduce costs for your organization? Start by downloading Xerox's white paper, Optimizing Document Output ROI. See how Xerox's solutions can help you manage devices, reduce costs and even boost productivity. http://www.fattail.com/redir/redirect.asp?CID=80880 _______________________________________________________________ ARCHIVE LINKS Archive of the Security newsletter: http://www.nwfusion.com/newsletters/sec/index.html Breaking security news: http://www.nwfusion.com/topics/security.html _______________________________________________________________ FEATURED READER RESOURCE NETWORK WORLD SPECIAL REPORTS NOW AVAILABLE Focused reports on compelling industry topics, Network World Special Reports are available online at Network World Fusion. Network World Special Reports on IP Telephony Security, the State of Wireless LANs, trends in the networked world and more are currently available. Download any or all of our Special Reports at: <http://www.nwfusion.com/vendorview/specialreports.html> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED] ------------------------ Yahoo! Groups Sponsor --------------------~--> $9.95 domain names from Yahoo!. Register anything. http://us.click.yahoo.com/J8kdrA/y20IAA/yQLSAA/BCfwlB/TM --------------------------------------------------------------------~-> <a href=http://English-12948197573.SpamPoison.com>Fight Spam! Click Here!</a> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/kumpulan/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
