security lifescycle

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Some interesting documents have been published recently. This article points out a couple of them. Both have been added to my reading pile. - Risk assessment guides launched
    Tags: ( risk-management metrics )
  2. Jack offers some alternatives to saying "No." Very good ideas and we (not the royal we) should use them.
    Uncommon Sense Security: Don't say "No"
    Tags: ( communication )
  3. Want to know more about Johnny Long. Here you go.
    Sunbelt Blog: Johnny Long's story
    Tags: ( hackersforcharity )
  4. Chris works through an interesting exercise in quantifying loss. He then offers some thoughts on communicating loss. I need to read it again, but it strikes me as very useful. For those FAIR fans out there, it is very applicable to using FAIR.
    The Risk Is Right. << Risktical Ramblings
    Tags: ( risk-management )
  5. Lori has once again nailed it.
    The IT Security Flowchart
    Tags: ( general )
  6. This breaks things down very succinctly. As Rich says, that doesn't mean it's easy.
    Securosis Blog | The Pragmatic Data (Information-Centric) Security Cycle
    Tags: ( security-lifecycle )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.