From Network Security Blog…
Be compliant through security
Martin McKeay suggests that it is possible to be compliant and yet still insecure, and points us to an article from CSO Online that outlines the steps toward compliance through security.
From TaoSecurity…
Security vs IT at Computerworld
Richard Bejtlich discusses the sometimes contentious and sibling-like relationship that can exist between corporate security and IT departments. In the comments section, readers share their tales of conflict, and suggest solutions.
From Emergent Chaos…
Blaming the Victim, Yet Again
Mordaxus points us to a study that examines users’ habitual ignorance of the context of pop-up dialogue boxes. “My opinion is that this is blaming the victim. Users are presented with such a variety of elements that it’s hard to know what’s real and what’s not. Worse, there are so many worthless dialogs that pop up during normal operation that we’re all trained to play whack-a-mole with them.”