Click on a book cover for more information or to order.
SAVE 20% AND GET FREE SHIPPING when you order these or any book online! Simply enter this code--813DA--when you checkout.
Kroll Releases 2014 Cyber Security Forecast
Kroll today released its third annual Cyber Security Forecast, a prediction of the most significant cyber issues organizations will confront in 2014. The latest forecast highlights seven trends identified by Kroll and suggests that a changing tide in cyber standards, both social and legal, will require organizations to take stronger actions and safeguards to protect against reputational, financial and legal risks.
Leadership and Mentoring
This is an excerpt from The Four Components of a Fast-Paced Organization: Going Beyond Lean Sigma Tools by Robert Baird.
Creativity Life Cycle Models in Project Management
This is an excerpt from Creative, Efficient, and Effective Project Management by Ralph L. Kliem, PMP.
Learning from the Fast Developing Practice of Lean IT
If ERP can become agile, promote standardized work, reduce information waste and errors, and enable data-driven decision making, can it add value to a Lean enterprise? If you practice the four Lean principles well, but don't focus on value streams and their owners, will Lean IT produce sustainable results? Steve Bell, author of Lean IT: Enabling and Sustaining Your Lean Transformation and Run Grow Transform: Integrating Business and Lean IT, answers these big hairy questions and several essential others in this presentation from the Lean IT Summit 2013.
This month's issue of IT Performance Improvement looks sat a different type of virtualization: Virtual teams.
Enterprise Dark Data Is a Hidden Asset
Dark Data is a subset of Big Data: enormous but without formal boundaries as defined by database schemas. In other words, it’s the human generated content in documents, presentations, spreadsheets, notes, and other readable formats that make up the bits and bytes of a corporate file system.
Creativity and Project Management
Perhaps the best phrase that describes the need for creativity on projects is the one offered by Daniel Goleman, notable author on emotional intelligence, when he presented the maxim "I have to do it myself, and I can't do it alone." A project requires the contribution of individuals which includes their knowledge and creativity. A project, however, also requires that the individuals on the team work together to achieve common goals and objectives. More ...
J. LeRoy Ward Wins 2013 PMI Eric Jenett Project Management Excellence Award
Project Management Institute (PMI®) announced that ESI International Executive VP, J. LeRoy Ward, PMP®, PgMP®, CSM, is the winner of the 2013 PMI® Eric Jenett Project Management Excellence Award.
Metrics for Hard Disk Drives and Solid State Devices
Ever run into one of those personalities who, when you ask the time of day, tells you how to build a clock? We're just looking for the time of day. We don't want or need to know how to build a clock. This metaphor applies well to data center storage. Storage vendors and suppliers have been known to claim leadership based on one (and usually only one) dimension of their product. While we can relate to the notion that a vendor needs marketing sound bites, we also know performance benchmarks alone are not the whole story.
Self-Healing Systems and Wireless Networks Management
In this book, Junaid Ahsenali Chaudhry presents a method for identifying and classifying faults using causal reasoning. It employs a similarity matrix in order to match the user activity log and its pattern in a transformed space. He then describes how to embed the self-healing policy, so that if the client has more faults related to the previous one, they can be dealt with at the client side. The book defines supporting systems architectures and includes a case study of an autonomic healing-based self-management engine.
Requirements Engineering for Software and Systems, Second Edition
Vastly updated and expanded, Requirements Engineering for Software and Systems, Second Edition presents new material derived from the experiences of professors who have used the text in their classrooms. In addition to new exercises and updated references in every chapter, in this edition Phillip A. Laplante updates all chapters with the latest applied research and industry practices. It illustrates key ideas associated with requirements engineering using case studies and example systems, including an airline baggage handling system, a point of sale system for a large pet store chain, a control system for a smart home, and a wet well pumping system.
IT Data Center "Green" Myths and Realties
Is "green IT" a convenient or inconvenient truth or a legend? When it comes to green and virtual environments, there are plenty of myths and realities, some of which vary depending on market or industry focus, price band, and other factors. The following are some myths and realities as of today, some of which may be subject to change from reality to myth or from myth to reality as time progresses.
CA Security Council on Code Signing
Code signing certificates from publicly trusted Certification Authorities (CAs) fulfill a vital need for authentication of software distributed over the Internet in our interconnected world. The CA Security Council (CASC) is starting an education initiative around code signing. The use of code signing certificates is not as popular as using SSL certificates, but the risk might be greater. To start the initiative off, the group has posted a white paper that provides an overview of code signing, some configuration choices, and best practices.
Project Management Tools
"Tools of the trade" enable individuals in any profession to perform their work more effectively, efficiently, and consistently. The project management profession is like most others in its need for specialized tools. In today’s project management environment, the project management office (PMO) can serve its constituency well by providing support and guidance.
Defining Addressing Social Media Security and Privacy Challenges
Addressing information security and privacy within business organizations has provided numerous additional challenges with recently introduced technologies and comparatively new online habits of individuals. It is important when planning to take advantage of those benefits to also know and understand the associated risks, both to privacy and to network and information security.
The Birth of My First Program
From Projects to Programs: A Project Manager's Journey is a story about a project manager growing into a program manager’s shoes. This excerpt chronicles his first day as a newly-promoted program manager.
For managers and team members alike, leadership skills are a must. The four articles in the August issue of IT Performance Improvement define leadership by exploring its characteristics. Jack Ferraro’s article "Understanding Leadership" starts the issue. Stephen Andriole explains why it is important to be well-liked. Margaret Lee examines the challenges of leading virtual teams. Kerry Wills compares stewardship, ownership, and leadership.
Just Published! Information Security Management Handbook, Sixth Edition, Volume 7
All-in-all, this is a good volume of the Information Security Management Handbook. We are working on the next edition now. If you would like to contribute, please contact me at 917-351-7146 or email@example.com.
The Role of Data Governance in an Organization
Developing an appropriate data strategy that fits the marketplace is one necessary ingredient for business success. Effective data governance reduces uncertainty and helps improve an organization’s performance. An organization’s ability to collect pertinent information and act on signals that others miss provides it a strategic advantage.
Taming the "21st Century's Wild West" of Cyberspace
The world faces unprecedented risks across the Internet in what has become known as "The 21st Century's Wild West," where attacks on computer systems and networks are generally conducted with the complete anonymity and impunity for those perpetrating these acts. Establishing a robust system of monitoring, controls, and sanctions to ensure that the Internet functions as a trusted and heavily defended environment that fosters cooperation, collaboration, and commerce will have a dramatic effect on the stability, viability, and resilience of our interconnected global economy.
A Primer on Metadata: Separating Fact from Fiction
So, the NSA has been collecting metadata on calls. Until now, metadata was "data about data." More, specifically, it is structured information that describes, explains, locates, or otherwise makes it easier to retrieve, use, or manage an in...formation resource. Pretty innocuous, right? Well, not necessarily in the hands of the NSA. "A Primer on Metadata: Separating Fact from Fiction" by Ann Cavoukian, Information and Privacy Commissioner for Ontario, Canada, analyzes both metadate and the NSA claims. It also argues that government needs to ensure security and privacy as well as accountability.
An Ethics for the New (and Old) Surveillance
As the recent revelations about the NSA's Prism and Tempora programs shows, new surveillance technologies and various forms of electronic location monitoring raise important social, political, and cultural questions. This chapter suggests concepts to order the rich variation the topic offers across kinds of tools for collecting personal information and across various contexts regardless of whether they involve national security, work, commerce, family, or friends.
Green Servers and Data Centers
This chapter describes how to green your data centers and servers by choosing green suppliers when you buy in data center services. It explains why you should start now, and discusses planning buildings, power supplies, and servers, storage, and networking.
Call for Book Chapters--Cryptography: Algorithms and Implementations Using C++
The main objective of this book is not only to describe the state of art cryptographic algorithms, but also to demonstrate how they can be implemented using a programming language; i.e., C++. Generally, books that discuss cryptographic algorithms do not elaborate the implementation issues. Therefore, a gap between the understanding and the implementation remains unattained. The motivation of this book is to seal that leakage and to educate someone in such way that he will be capable of developing and implementing his own designed cryptographic algorithm.
There has been a wide interest in the secure design and implementation of smart grid systems. The SCADA system is on of the most important legacy systems of the smart grid systems. In this excerpt, the authors demonstrate the challenges to secure the current automation systems, such as SCADA systems, with examples.
Before You Take Your Next Trip
I don't know if you've ever read Stratfor's guidance on personal security, such as "Taming Chaos with a Personal Plan," but this new book, Personal Security: A Guide for International Travelers, provides a comprehensive approach to personal security and safety when travelling, or even while at home. To support your pre-trip preparations, this chapter, "Before You Go," maps out expert advice and lessons from real life cases to give you insights into basic planning questions.
Wireless Network Security: An Overview
Wherever wireless networks are deployed, security vulnerability will always exist. Security attacks and vulnerabilities can only be mitigated if best practices, as well as correct policies and standards, are used. This chapter discusses some of the important and best practices that can be implemented for improving mobile and wireless security. Wireless security will continue to be a research topic as long as there are ways to attack or obtain unauthorized access to wireless networks.
Extensible Markup Language Document Management
The emergence of novel applications for the next-generation network highlights the need to overtake the traditional "data silo" model. To fit this need, the Open Mobile Appliance (OMA) defined standard reusable common components called enablers. These brought several advantages, including a uniform management of the increasing amount of user-related data. The last was facilitated by the gradual introduction of the Extensible Markup Language (XML) Document Management (XDM) technology.
Business Driving Cloud Adoption in Everything as a Service Era
The third annual Future of Cloud Computing Survey survey finds several important shifts in why and how cloud computing is being used, obstacles to adoption, where cloud decision-making resides within organizations, and how the vendor landscape is changing. It also serves as a barometer for the industry's progression. Feedback from across the different categories of respondents was consistent, signaling a convergence of vendor and user needs. Further, the survey reveals that business is driving the revolution deriving clear benefits from cloud adoption in the form of continuous innovation and business agility to yield competitive advantage.
CSA Releases Expanded Top 10 Big Data Challenges Report
The Cloud Security Alliance has released an Expanded Top 10 Big Data Challenges report. The report includes an expanded list of challenges from those outlined and presented at CSA Congress last November to addresses three new distinct issues: Modeling, Analysis and Implementation. The full report explores each one of these challenges in depth, including an overview of the various use cases for each challenge.
Big Data Gets Bigger with Business Networks
There’s a new way of doing business being driven by Big Data. Through years of technological innovation, companies have amassed vast volumes of information on their business activities. Now the convergence of major technology shifts like cloud computing, mobility, and social and business networks has sparked a new class of data - texts, tweets, blog posts, web-based videos, and other social postings. And as a new report indicates, companies that effectively harness this information stand poised to achieve unprecedented levels of productivity and profits.
5 Common IT Administrator Mistakes That Lead to Data Loss
Given the complexity and capacity of advanced storage devices and the criticality of organizational data, documentation and best practice implementation are critical when it comes to protecting data. Here are the five most common IT administrator mistakes that can lead to data loss.
GAO Report Addresses Potential Security Risks of Foreign-Manufactured Equipment
This report addresses (1) how network providers and equipment manufacturers help ensure the security of foreign-manufactured equipment used in commercial communications networks, (2) how the federal government is addressing the risks of such equipment, and (3) other approaches for addressing these risks and issues related to these approaches.
Video Series Available for Introduction to Security and Network Forensics
Bill Buchanan, author of Introduction to Security and Network Forensics, has created a series of videos to accompany the textbook. There is a video for each chapter, as well as many of the labs. Still, you really should read the book.
Overview of Data Anonymization
This is an excerpt from The Complete Book of Data Anonymization: From Planning to Implementation by Balaji Raghunathan.
The Top 5 Brilliant Things the Cloud Can Deliver (If You Get Your Security Right)
Everyone has an opinion about the 'Cloud' and its effect on business - some believe it is dark and scary and fraught with unnecessary risk, while others would argue its silver lined and the path to greater business performance and cost savings. The truth is that the Cloud undeniably has the potential to open up a whole new dimension of opportunities to businesses, but only if data security is properly addressed.
In the Virtual Era, Who Needs Insurance?
Even if the idea of another insurance policy is not appealing there is evidence that cyber liability insurance could become a prerequisite in the tendering process making it a necessity in the supply chain. Businesses will not want to trade with organisations that might lose or damage their data unless there is insurance in place to compensate. Therefore, even if you still think insurance is a waste of money, your customers and suppliers may disagree.
Get the Most from the Cloud (without the Hidden Costs)
One of the most popular new technologies today is the cloud. In order to understand not just the benefits of cloud, but also the challenges organizations are experiencing through their deployment, Symantec launched a global survey of more than 3,000 businesses. The results show several common costs that businesses may be overlooking in their haste to take advantage of the cloud's benefits.
Virtualization Overview: Focus on the Business Benefits
According to news.cnet.com, Larry Ellison said, "the computer industry is more fashion-driven than women’s fashion." He was referring to cloud computing, but his comment equally applies to virtualization. Virtualization has a definite business payoff, which we will identify. But virtualization is not the right fix for every problem, and there are many examples of virtualization with little or no business payoff. This is an excerpt from Data Center Storage: Cost-Effective Strategies, Implementation, and Management by Hubbert Smith.
Symantec Internet Security Threat Report Reveals Increase in Cyberespionage
Symantec’s Internet Security Threat Report, Volume 18 (ISTR) today revealed a 42 percent surge during 2012 in targeted attacks compared to the prior year. Designed to steal intellectual property, these targeted cyberespionage attacks are increasingly hitting the manufacturing sector as well as small businesses, which are the target of 31 percent of these attacks. Small businesses are attractive targets themselves and a way in to ultimately reach larger companies via "watering hole" techniques. In addition, consumers remain vulnerable to ransomware and mobile threats, particularly on the Android platform.
Android and the Secure Enterprise
Like it or not, Android is in the enterprise to stay, insecurities and all. This chapter from Android Security: Attacks and Defenses introduces you to the mobile device landscape and demonstrates why Android security matters. Authors Anmol Misra (Cisco Systems) and Abhishek Dubey (Webroot Software) analyze the evolution of mobile security threats, from basic phones to smartphones, including ones running the Android platform. They then introduce Android history, releases, and marketplaces for Android applications.
Securing Your Enterprise Data in a BYOD World
What happens if a device with access to corporate data is lost or stolen, or if an employee leaves? There are, says Trevor Goldberg, a number of security features that should be considered as mandatory when allowing an employee to have mobile access to systems, services and data that are ordinarily very secure when accessed within a corporate environment. Mobile is very different and has a whole set of new challenges for security.
Unit and Ubiquitous Internet of Things
Although the Internet of Things (IoT) will play a key role in the development of next generation information, network, and communication technologies, many are still unclear about what makes IoT different from similar concepts. Answering fundamental questions about IoT architectures and models, this book introduces essential IoT concepts from the perspectives of mapping and interaction between the physical world and the cyber world. It addresses key issues such as strategy and education, particularly around unit and ubiquitous IoT technologies.
Records Management in Microsoft SharePoint
To address records management challenges, many organizations are looking to Microsoft SharePoint. With its powerful recordkeeping capabilities, organizations can manage their records using the same platform used for everyday collaboration and document management. But as with all sensitive content within SharePoint, it's important not to overlook the security implications of storing records in SharePoint.
Draw Lines in the Sand to Jumpstart Virtual Teams
This article explores some of the usual challenges virtual teams face when it comes to carving out clear boundaries, the challenges that emerge in the absence of such boundaries, and some possible remedies. You can also jumpstart the creation of your own virtual team charter with a downloadable checklist of questions.
The Amazing Smartphone: No Guts, No Glory
The CTIA has developed an infographic on the evolution of the smartphone. They note that, "While we’re clearly enjoying all of the benefits that smartphones offer, do you know how much the networks, hardware and content have evolved? This has also impacted how consumers and businesses use mobile devices."
The BYOD Revolution
It’s not a question of if. It’s not even a question of when. It’s a question of will you be ready? It's not too late. This is an excerpt from Bring Your Own Devices (BYOD) Survival Guide by Jessica Keyes.
Digital Usage Policies and the ‘New’ Desktop
What happens if users misunderstand, forget or ignore the policy or are simply socially-engineered into installing risky applications? Can your organization rely any longer on mere usage policies to form a reliable part of their compliance stance? In any event, can applications be efficiently managed if IT staff lack reliable tools to perform simple discovery and control on a continuous basis?
We Have to Scale the Human Generated Big Data Mountain 'Because It’s There'
First they were just molehills that grew into mounds. Now they are mountains of Big Data, and what used to be a nuisance on the enterprise’s lawn is now a goldmine. But, its size is enormous and we have to explore it all to realize its value. Using email as an example, this article examines the Big Data task ahead of us and explores some strategies to get us to the top.
How a Simple Storyboard Helps Command Attention and Get Results (Virtually)
You're in the process of designing your presentation and creating your meeting agenda. Since you will be leading the meeting from a conference room with several of the senior leaders, with others participating from various locations, you know that a critical success factor will be keeping everyone absorbed, engaged and enthusiastically participating in a productive dialogue. In the article, Nancy Settle-Murphy and Sheryl Lindsell-Roberts offer practical approaches for presenting important recommendations that grab and keep peoples' attention, wherever they are.
Check out Nancy's new book, Leading Effective Virtual Teams: Overcoming Time and Distance to Achieve Exceptional Results
Defining Enterprise and Transformation Challenges
This is an excerpt from Enterprise Dynamics Sourcebook edited by Kenneth C. Hoffman, Christopher G. Glazner, William J. Bunting, Leonard A. Wojcik, and Anne Cady.
How to Control Windows Store Apps in Windows 8
With the release of Windows 8, Microsoft introduced the Windows 8 App Store. Getting an application published in the store involves a testing and accreditation process,which provides an element of security around the applications. But given that the store is accessible to corporate users, the functionality of those applications may not be desirable for a corporate desktop. By implementing granular, flexible management of Windows 8 Store Apps across Windows 8 and Windows Server 2012 rollouts, you can ensure that only authorized applications can be installed and executed by users in an enterprise environment.
Virtualization Needs Physical Consideration
Why do people seem all too happy to do things in the virtual world they would never dream of doing in the real world? Organizations are happy to hand over bunches of keys that open every sensitive file and expose the softer underbelly of the network. Why do they do that? This article, written by Andrew Avanessian, Avecto’s VP of Professional Services, explores this and offers a virtual solution to the physical problems.
Effective Physical Security of a Mobile Device
This article explores the idea that it is impossible to provide effective physical security of a mobile device while using today’s technology and training practices. IT discusses current mobile security technologies, and their limitations, and presents potential new future to solve the problems. Finally, it proposes a solution that utilizes many different aspects of security measures to provide the best protection.
How Cisco's Revenue Shift from Products to Services Is Transforming Its Relationship with Its Partners
Cisco's revenue is more and more being driven by services, not products. How does a services model benefit Cisco’s channel partners who specialize in selling and installing infrastructure? Advanced Services is one way. This arrangement is becoming more and more crucial to channel partners’ business as firms move toward the Cloud and away from buying networking hardware. This article considers how Cisco's revenue shift is affecting its relationship with its channel partners.
Building Trust Calls for Different Approaches Across Different Cultures
This article, the first of a series, focuses on how different attributes, behaviors and attitudes are seen as trustworthy (or not) by a handful of cultures. Although it's true that all people deserve to be treated as individuals, virtual team leaders can accelerate the process of building trust across their teams by understanding certain patterns of behaviors within cultures.
Check out Nancy's new book, Leading Effective Virtual Teams: Overcoming Time and Distance to Achieve Exceptional Results
2013 Predictions Countdown from Infosecurity Europe
It’s the time of year again when IT security experts predict what the next year will bring. Here are some predictions and trends that Infosecurity Europe exhibitors expect to see in 2013.
Seven Top Tips to Get Your Windows Migration Right by Removing Admin Rights
A migration is the perfect time to remove admin rights. For users, they’ll be experiencing change anyway while getting used to the new operating system, so are unlikely to even notice that they’ve had their admin rights removed. As an organization, you need to clearly define and prioritize the objectives of the roll out. Here are seven tips to help as you prepare to migrate to a new operating system without admin accounts, and keep it that way.
Dividing Data after a Merger or Acquisition
There are many problems and challenges facing an organization that is about to merge with another organization or sell a subsidiary. Divesting yourself of a part of your company is rather like carrying out an elaborate surgical transplant - the correct parts of the existing entity have to be identified, isolated, and then meticulously extracted to ensure that nothing extraneous is inadvertently transferred from the source to the destination. This article examines the problem of how to migrate and separate your data during a merger, acquisition or sale without harming the patient.
8 Great Year-Round (Free!) Gifts Everyone on Your Team is Guaranteed to Love
So with all this talk of giving, Nancy Settle-Murphy got to thinking: How can we offer meaningful gifts to those we work with, especially those who are far away? And not just for holidays or birthdays or when we've achieved certain milestones - but on a regular basis, as a routine part of how we work together. How can we invoke this spirit of giving in such a way that it becomes second-nature? Here are some gift ideas that will strike a chord with team members near and far. They require very little extra time, and for the most part, they don't cost you a dime.
Check out Nancy's new book, Leading Effective Virtual Teams: Overcoming Time and Distance to Achieve Exceptional Results
Generation Tech: Young, Gifted but a Long Way from Bad
Young employees take more risks with software. This doesn't have to be a problem. From the point of view of traditional, centralized IT, BYOD and consumer software are inherently difficult to assimilate. Admins are instinctively wary and with good reason. In conventional IT, the users are the source of most problems, starting with the misuse of software. But here's an intriguing thought; far from being negative and risky, perhaps the way Generation Y adopts new applications could have long-term benefits if a way can be found to accommodate the behaviour.
Tapping the Quiet Power of Introverts in a Virtual World
In this article, Nancy Settle-Murphy explores ways that virtual team leaders can learn how to take advantage of the quiet power and special strengths of the introverts on their teams, instead of trying to make their introverts conform to the "extrovert ideal.
Social Networking: #Friend or #Foe
Social media can be a powerful business tool, but hackers are finding increasingly sophisticated ways to exploit our online relationships. This article by Joanne Rogers of CS Risk Management examines the many potential benefits and risks, and discusses what should be the key considerations for your enterprise when utilizing social media.
Privacy Compliance Laws: Why the European Commission Has Finally Got It Right
The debate about privacy compliance has always been a heated one. Add to the mix new European Commission legislation and you have a recipe for not only a lively debate but also a controversy about the interference in privacy of a European bureaucracy. This article concentrates on examining the stances that have been taken, their validity and, more importantly, what an enterprise needs to do as it turns from merely talking shop to setting and implementing concrete policies on privacy.
Introduction to the Smart Grid
Our current grid system is quickly becoming obsolete. One solution to this problem is smart grid. Smart grids will be able to efficiently handle our increasing energy demands and reduce the environmental impact by incorporating renewable resources. This chapter discusses what smart grids are and the technology they use, and provides case studies of early implementations.
Privacy Professor Tips of the Month
Rebecca Herold, author of several Auerbach books and co-editor of the Encyclopedia of Information Assurance, publishes a monthly newsletter of "Privacy Professor Tips of the Month." Here's a link to all of the monthly Privacy Professor Tips to date.