 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
A page of links to further relevant and useful Web resources accompanies every awareness module:
|
Month |
Links page |
Module coverage |
|
|
#90 |
Social engineering |
Exploiting the people who use information and IT systems. |
|
|
#89 |
Security standards |
A new module expounding on the benefits of adopting both international best practice security standards and in-house technical standards. |
|
|
#88 |
Wi-fi security |
Securing wireless LANs and other wireless network connections. |
|
|
#87 |
|
|
|
|
#86 |
Human elements of information security - security culture, awareness, policies, procedures, roles & responsibilities and compliance ... |
||
|
#85 |
With the best will in the world, incidents will happen. |
||
|
#84 |
If someone can become your virtual clone, imagine all the mischief they might cause in your name. Imagine too just how difficult it would be to prove that you are the original and they are the clone ... |
||
|
#83 |
Widespread Internet connectivity has revolutionized business but created substantial security issues with LANs, remote network users and WWW |
||
|
#82 |
Find out what’s hot in the world of malware threats and defenses. |
||
|
#81 |
All about the art and science of secret writing, |
||
|
#80 |
If ‘software engineering’ is truly an engineering science, just |
||
|
#79 |
Physical protection for tangible information assets and |
||
|
#78 |
Focuses on social networking, social media, Web 2.0 and other social engineering threats. |
||
|
#77 |
Since commercial relationships with third parties necessarily involve exchanging information, information security risks should be considered. |
||
|
#76 |
Confidentiality issues for individuals, namely privacy and protection of personal information. |
||
|
#75 |
There are numerous information security risks in the typical office/workplace, ranging from physical security to email, IM and other forms of messaging, phones and FAXes. |
||
|
#74 |
How do real-world forensic investigators examine computer systems, networks, cellphones and data for clues? (see also June 2010) |
||
|
#73 |
About those security vulnerabilities built-in to software through programming errors and design flaws. |
||
|
#72 |
Security requires that changes to IT systems, networks etc. plus information handling procedures, are tested and approved. |
||
|
#71 |
From logon to logoff, staff are dependent on networks but do they even consider, let alone fulfill their information security
obligations?. |
||
|
#70 |
Securing industrial control systems and embedded systems is important to protect critical both national and corporate infrastructures. |
||
|
#69 |
Viruses, worms, Trojans, rootkits and so forth represent one of the oldest security threats (updated March 2010) |
||
|
#68 |
Explore IT’s dark side with a look at hackers, crackers And All That. Ethical issues get a mention alongside issues such as full disclosure, cybercriminals, cyberterrorism and more. |
||
|
#67 |
The security issues associated with portable IT devices (“gizmos”) and teleworking have become a serious challenge. |
||
|
#66 |
Find out why it’s not such a bright idea to publish loads of personal information on MySpace or Linkedin (updated November 2009) |
||
|
#65 |
Ethics and morals remain an important means of control in many situations, though employees sometimes need a little guidance ... |
||
|
#64 |
Email does double service as a business and |
||
|
#63 |
Covers the information security aspects of governance and its relationship to both IT governance and corporate governance. |
||
|
#62 |
Find out what’s involved in identifying, evaluating, mitigating and monitoring information security risks in the modern enterprise. |
||
|
#61 |
Integrates user authentication and identity theft, touching on integrity and trust, email security, malware and more. (Updated May 2010) |
||
|
#60 |
To what extent do, or should, we trust the information, data and IT systems, plus the people who use and manage them? What can be done to make them more trustworthy? |
||
|
#59 |
IT auditors assess risks and controls affecting an organization’s information assets. Find out what they actually do thins month and perhaps get ahead of the next audit. |
||
|
#58 |
Hackers are finding ever more devious ways to subvert systems using rootkits and Trojans, while viruses, worms etc. remain significant risks (updated March 2010) |
||
|
#57 |
When all else fails, contingency plans (Plan B) are what we fall back on. The module also covers resilience, business continuity and disaster recovery planning |
||
|
#56 |
Brand new awareness module covering security issues in the typical office (not security for Microsoft Office) (updated August 2009) |
||
|
#55 |
Manipulating people to access information assets without proper authority (updated November 2009) |
||
|
#54 |
Security compliance |
An ever-increasing raft of rules and regulations impinge on information security. Find out why compliance is such an important issue. |
|
|
#53 |
Concerns controls to protect the IT systems and other information assets against physical harm or theft |
||
|
#52 |
Security risks associated with the use of email and indeed other forms of personal messaging (updated August 2010) |
||
|
#51 |
From competitive intelligence through industrial espionage to information warfare, trade secrets are seriously under threat |
||
|
#50 |
Known to most of us as usernames and passwords (updated May 2010) |
||
|
#49 |
Keeping personal information private is more important than ever in these days of identity theft and similar attacks |
||
|
#48 |
Security threats posed by trusted insiders: employees, consultants etc. |
||
|
#47 |
Network security risks from outsiders and insiders including issues with private LANs and remote network users (updated April 2010) |
||
|
#46 |
... or malware, as the security geeks would have it |
||
|
#45 |
New topic: confidentiality, integrity and availability issues relating to database design/management |
||
|
#44 |
IPR issues include software licenses and piracy, trademarks, patents, |
||
|
#43 |
Exploiting gullible employees (updated November 2009) |
||
|
#42 |
Security roles and responsibilities are far more than just a SOX issue |
||
|
#41 |
Responding promptly and efficiently to information security incidents requires preparation and procedures (updated June 2010) |
||
|
#40 |
An updated module covering information security for road warriors and home workers (updated December 2008) |
||
|
#39 |
Stealing - or rather cloning - someone’s identity (updated May 2010) |
||
|
#38 |
Resilience and DR are vital controls to maintain availability of critical IT systems and services (updated February 2008) |
||
|
#37 |
Information security issues associated with the use of electronic mail (updated August 2009) |
||
|
#36 |
Covers integration of information security activities into the Software Development Life Cycle from cradle-to-grave (updated Jan 2010) |
||
|
#35 |
Shhhh, can you keep a secret? Confidentiality |
||
|
#34 March |
Malicious software (updated March 2010) |
||
|
#33 |
Software often fails to meet the requirements, including (all too often) information security (updated June 2009) |
||
|
#32 |
Information security aspects of relationships with third parties such as suppliers, business partners and customers (updated October 2009) |
||
|
#31 |
Tricking and manipulating employees (updated November 2009) |
||
|
#30 |
How should information security be integrated into the systems development lifecycle? (updated May 2006) |
||
|
#29 |
IT Ops keep things running smoothly in IT but how do they secure the IT infrastructure in fact? (updated July 2008) |
||
|
#28 |
About logging on and checking claimed identities (updated May 2010) |
||
|
#27 |
Managing and controlling system configurations, |
||
|
#26 & 26+ |
Bonus module on crisis management inspired by the emergency services’ exemplary response to the London bombing this month |
||
|
Hackers or rather crackers are the bĂȘte noire of information security but is the threat real? (updated January 2009) |
|||
|
#25 |
Information security issues associated with electronic mail |
||
|
#24 |
Methods for analyzing/assessing, monitoring, minimizing and reporting security risks (updated July 2008) |
||
|
#23 |
Management oversight, direction & control with an emphasis on information, IT, risk and SOX (see also November 2006 module) |
||
|
#22 |
Viruses, worms, Trojans And All That (updated March 2010) |
||
|
#21 |
How should a best-practice information security function be structured? What does the Information Security Manager actually do? |
||
|
#20 |
Independent audits characterize risks affecting an organization’s information assets and recommend control improvements |
||
|
#19 |
Infosec laws, regs & standards |
Laws, regulations and standards defining obligations and best practice for IT and information security (updated November 2007) |
|
|
#18 |
Security and services for the computer suite: physical access controls, UPS, air conditioning etc. (updated October 2007) |
||
|
#17 |
Procedures to deal effectively with information security breaches (updated June 2010) |
||
|
#16 |
Specifically covers accountability & responsibility for IT and information security (updated November 2006) |
||
|
#15 |
Hoodwinking employees can be a much easier route in than |
||
|
#14 |
Special issue in response to the rapid spread of |
||
|
#13 |
Planning for the unpredictable, preparing the organization to recover efficiently from disasters (updated February 2008) |
||
|
#12 |
Protection of personal data and privacy, including legal issues such as Data Protection and HIPAA (updated September 2009) |
||
|
#11 |
Securing the design and use of electronic mail and other |
||
|
#10 |
Information security controls to tackle IT-related fraud, embezzlement and misrepresentation (updated May 2008) |
||
|
#9 |
Identity theft, hacking, eCommerce ... so much to cover, we’re spoilt for choice (updated April 2010) |
||
|
#8 |
Software licensing and piracy, trademarks, patents, nondisclosure agreements etc. (updated January 2007) |
||
|
#7 |
Accountability and responsibility for information assets, information security classification (updated November 2006) |
||
|
#6 |
Security issues with portable PCs, PDAs, wireless LANs, VPNs, dial-up etc. for road warriors and home workers (updated December 2008) |
||
|
#5 |
Integrity (completeness and accuracy) of data and systems, plus personal integrity (updated May 2008) |
||
|
#4 |
Contingency planning, denial of service attacks and software quality assurance (updated February 2008) |
||
|
#3 |
Covers access control, secrecy, privacy, encryption and identity theft (updated in many other modules) |
||
|
#2 |
Malicious software, or rather viruses etc. written and released by malicious programmers (updated March 2010) |
||
|
#1 June 2003 |
This website and the NoticeBored service was launched with two pages of basic information security links and security awareness links |
A 
]  |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Additional hyperlink suggestions for our links collection are always welcome provided they are both relevant and useful to our customers, which means they must relate directly to information security. We’re not interested and won’t post SEO links so don’t waste our bandwidth and test our patience with SEO spam.
IsecT Ltd. is not even remotely responsible for the content of third party websites accessed via the hyperlinks in our links collection. We do not necessarily agree with everything they say, though sometimes we do, and occasionally they don’t go nearly far enough. Caveat lector.
Copyright © 2010 IsecT Ltd.