Security White Papers
Here is a collection of white papers to help you plan proactive, holistic security programs for your organization.
New Incident Response Best Practices
by John Patzakis
This white paper from Guidance Software explains why patch and proceed is no longer an acceptable incident response procedure.
The New Approach to Windows Security
by Rob Enderle and Jasmine Noel
With average per incident security costs rising and the rate of attack increasing significantly year over year, security management has never been more important or more difficult. This white paper from the Enderle Group why simply using Anti-Virus software is not enough and why organizations should shift purchasing behavior to DEP compliant hardware immediately and move to Windows XP SP-2 as soon as possible.
Integrating Security into the Corporate Culture
by Steve Purser, SecurityDocs.com
This short paper analyzes why organizations should consider spending more time on developing a culture that is both aware and capable of responding to security-related risk and goes on to suggest ways in which this could be achieved. At a major security conference several years ago, I asked a group of security professionals to define risk in such a way that it could be understood by non-specialists and then to suggest different ways of reacting to risks once they had been identified. Interestingly enough, many of those present were able to come up with good examples of risks, but defining risk in practical terms as a concept turned out to be a difficult exercise, even for security professionals.