Threat 2.0 - a Secure Response
The Web has developed into a great and, in some cases, an essential tool for research, education and communication, but staff members' online activities can - and sometimes do - present security threats to their organisations, the IT infrastructures and any business-critical information held in vulnerable data repositories.
Ely, England (PRWEB) October 27, 2008 -- The Web has developed into a great and, in some cases, an essential tool for research, education and communication, but staff members' online activities can - and sometimes do - present security threats to their organisations, the IT infrastructures and any business-critical information held in vulnerable data repositories.
'Web 2.0' is an increasingly widely-used term. Individuals and businesses appear to use the terms interchangeably, without necessarily understanding whether they have the same or different meanings. At the same time, what are called Web 2.0 technologies are becoming pervasive; social networking sites are achieving stratospheric financial valuations and the related risks - what we call "Threat 2.0" - are dangerously misunderstood.
IT Governance have recently launched a Best Practice Report: Web 2.0: Trends, benefits and risks. This best practice report identifies all the ways in which providers and users of Web 2.0 technologies can act, to ensure that they comply with the growing range of applicable legislation, while protecting themselves from the very real exposure that all organisations have to Threat 2.0.
IT Governance have also recently published Application Security in the ISO27001 Environment. This book demonstrates how to secure software applications within a best practice ISO/IEC 27001 environment and supports implementation of the PCI DSS Payment Application Security Standard.
"This book can be seen as result of a fruitful encounter between a CISO and a software developer. On the one hand, the book introduces the major concepts of management of information security, according to the ISO27001 approach, and then details which security requirements apply to the application's domain. On the other hand, the book presents how major application threats such as SQL injection and cross site scripting can be addressed by ISO requisites, in a language familiar to every developer. In sum, this book explains ISO in a programmer's language and describes applications challenges to security managers." Paulo Coelho, CISSP ISO27001 Consultant & Lead Auditor
As a special promotion of both of these products, IT Governance has created a unique offer until 31st October 2008. When you purchase the Best Practice Report: Web 2.0: Trends, benefits and risks you will also get Application Security in the ISO27001 Environment for FREE.
FOR FURTHER INFORMATION
Lisa Badcock
Marketing Executive
+44 (0) 845 070 1750
lbadcock @ itgovernance.co.uk
NOTES TO EDITORS
IT Governance Ltd is the one-stop shop for books, tools, training and consultancy for Governance, Risk Management and Compliance. It is a leading authority on data security and IT governance for business and the public sector. IT Governance is 'non-geek', approaching IT issues from a non-technology background and talking to management in its own language. Its customer base spans Europe, the Americas, the Middle East and Asia. More information is available at www.itgovernance.co.uk.
###
|
