Corporate Information Security – Is Our Information More Secure Since September 11th?

The morning of September 11th, 2001 started like any other for employees of the law firm Turner & Owen, located on the 21st floor of One Liberty Plaza directly across the street from the North World Trade Center Tower. Then everyone heard a huge explosion and their building shook as if in an earthquake. Debris rained from the sky.Not knowing what was happening, they immediately left the building in an orderly fashion–thanks to systematic practice of evacuation drills–taking whatever files they could on the way out. File cabinets and computer systems all had to be left behind. In the disaster that ensued, One Liberty Plaza was wrecked and leaning with the top ten floors twisted–the offices of Turner & Owen were decimated.Although Turner & Owen IT staff made regular backup tapes of their computer systems, those tapes had been sent to a division of the company located in the South World Trade Center Tower and they were completely lost when the South Tower was destroyed. Knowing they had to recover their case databases or likely go out of business, Frank Turner and Ed Owen risked their lives and crawled through the structurally-unstable One Liberty Plaza and retrieved two file servers with their most critical records. With this information, the law firm of Owen & Turner was able to resume work less than two weeks later.Many other companies were never able to recover the information lost in this disaster.What Has Changed?One might think that years after such a devastating loss of lives, property and information there would be dramatic differences and improvements in the way businesses strive to protect their employees, assets, and data. However, changes have been more gradual than many had expected. “Some organizations that should have received a wakeup call seemed to have ignored the message,” says one information security professional who prefers to remain anonymous.A look at some of the trends that have been developing over the years since September 11th reveals signs of change for the better–although the need for more information security advancement is abundantly clear.Federal TrendsThe most noticeable changes in information security since September 11th, 2001 happened at the federal government level. An assortment of Executive Orders, acts, strategies and new departments, divisions, and directorates has focused on protecting America’s infrastructure with a heavy emphasis on information protection.Just one month after 9/11, President Bush signed Executive Order 13231 “Critical Infrastructure Protection in the Information Age” which established the President’s Critical Infrastructure Protection Board (PCIPB). In July 2002, President Bush released the National Strategy for Homeland Security that called for the creation of the Department of Homeland Security (DHS), which would lead initiatives to prevent, detect, and respond to attacks of chemical, biological, radiological, and nuclear (CBRN) weapons. The Homeland Security Act, signed into law in November 2002, made the DHS a reality.In February 2003, Tom Ridge, Secretary of Homeland Security released two strategies: “The National Strategy to Secure Cyberspace,” which was designed to “engage and empower Americans to secure the portions of cyberspace that they own, operate, control, or with which they interact” and the “The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets” which “outlines the guiding principles that will underpin our efforts to secure the infrastructures and assets vital to our national security, governance, public health and safety, economy and public confidence”.Additionally, under the Department of Homeland Security’s Information Analysis and Infrastructure Protection (IAIP) Directorate, the Critical Infrastructure Assurance Office (CIAO), and the National Cyber Security Division (NCSD) were created. One of the top priorities of the NCSD was to create a consolidated Cyber Security Tracking, Analysis and Response Center following through on a key recommendation of the National Strategy to Secure Cyberspace.With all this activity in the federal government related to securing infrastructures including key information systems, one might think there would be a noticeable impact on information security practices in the private sector. But response to the National Strategy to Secure Cyberspace in particular has been tepid, with criticisms centering on its lack of regulations, incentives, funding and enforcement. The sentiment among information security professionals seems to be that without strong information security laws and leadership at the federal level, practices to protect our nation’s critical information, in the private sector at least, will not significantly change for the better.Industry TrendsOne trend that appears to be gaining ground in the private sector, though, is the increased emphasis on the need to share security-related information among other companies and organizations yet do it in an anonymous way. To do this, an organization can participate in one of dozen or so industry-specific Information Sharing and Analysis Centers (ISACs). ISACs gather alerts and perform analyses and notification of both physical and cyber threats, vulnerabilities, and warnings. They alert public and private sectors of security information necessary to protect critical information technology infrastructures, businesses, and individuals. ISAC members also have access to information and analysis relating to information provided by other members and obtained from other sources, such as US Government, law enforcement agencies, technology providers and security associations, such as CERT.Encouraged by President Clinton’s Presidential Decision Directive (PDD) 63 on critical infrastructure protection, ISACs first started forming a couple of years before 9/11; the Bush administration has continued to support the formation of ISACs to cooperate with the PCIPB and DHS.ISACs exist for most major industries including the IT-ISAC for information technology, the FS-ISAC for financial institutions as well as the World Wide ISAC for all industries worldwide. The membership of ISACs have grown rapidly in the last couple of years as many organizations recognize that participation in an ISAC helps fulfill their due care obligations to protect critical information.A major lesson learned from 9/11 is that business continuity and disaster recovery (BC/DR) plans need to be robust and tested often. “Business continuity planning has gone from being a discretionary item that keeps auditors happy to something that boards of directors must seriously consider,” said Richard Luongo, Director of PricewaterhouseCoopers’ Global Risk Management Solutions, shortly after the attacks. BC/DR has proven its return on investment and most organizations have focused great attention on ensuring that their business and information is recoverable in the event of a disaster.There also has been a growing emphasis on risk management solutions and how they can be applied to ROI and budgeting requirements for businesses. More conference sessions, books, articles, and products on risk management exist than ever before. While some of the growth in this area can be attributed to legislation like HIPAA, GLBA, Sarbanes Oxley, Basel II, etc., 9/11 did a lot to make people start thinking about threats and vulnerabilities as components of risk and what must be done to manage that risk.Technology TrendsMost companies realized the need to monitor their networks 24×7 prior to 9/11, but afterwards it became a top priority if such a capability wasn’t already in place. More and more companies are implementing intrusion detection systems (IDS) including network intrusion detection systems (NIDS) and host intrusion detection systems (HIDS) solutions. According to a 2003 Global Security Survey by Deloitte Touche Tohmatsu, 85 percent of respondents have deployed intrusion detection systems. Since these systems can entail large expenses of equipment and software purchases, consulting fees and staff time, some companies are turning to managed security service providers (MSSPs) to manage their network monitoring. Some MSSPs also offer their clients advance notice of threats that the MSSP may have identified while monitoring other networks.Largely due to rampaging worms and viruses such as Slammer, patch management, change management and configuration management technology solutions have been raised in precedence within corporate risk management initiatives. A slew of applications and tools exist to address the needs of patch, change, and configuration management, but the challenge is to find the right combination of tools that will do the job in any given environment.Information security staffs don’t have time to sift through the growing multitude of threat warnings and vulnerability alerts that crop up for all possible platform combinations every day. So another information security technology trend that has developed is intelligent threat analysis–a service that provides threat and vulnerability alerts customized to a client’s specific environment.What Still Needs to ChangeThe information security changes in government, industry, and technology are notable, but where do we still need to improve in these areas?If our government is serious about protecting critical information it will have to pass some sensible laws, contend information security experts. “Make companies liable for insecurities, and you’ll be surprised how quickly things get more secure,” says Bruce Schneier, Founder and CTO of Counterpane Internet Security, Inc.Information security managers need to do a better job of conveying how a company needs to protect its information to their CEOs and boards of directors. Siebel Systems CIO Mark Sunday says that although corporate boards are more aware of security issues than ever, they still don’t fully understand them–and most boards don’t like to fund things they don’t understand. “As aware as CEOs and boards have become of security issues, spending in that area hasn’t gone up in proportion and certainly not to the levels people expected,” Sunday said.Advanced information security technology exists that isn’t widely known or used by the mainstream. “Our technology is too signature-based,” says Jim Reavis, editor of CSOinformer and information security industry analyst. “We’re only prepared to fight the last battle. We need to get more predictive. We need to use more behavioral technology.”ConclusionIn a survey conducted jointly by the Internet Security Alliance (ISAlliance), the National Association of Manufacturers (NAM) and RedSiren Technologies Inc. one year after September 11th, 2001, 40 percent of respondents reported that information security was considered more important than prior to September 11th. Yet almost one-third said their companies were still not adequately equipped to deal with an attack on their computer networks. The survey concluded that “many organizations need to revise how security risks, threats and costs are identified, measured and managed.”Is our information more secure two years after September 11th? Unfortunately, not by a lot. While some trends since 9/11 demonstrate progress in the field of information protection, opportunities for better information security practices clearly remain.

Credit Counseling Agencies – How a Credit Counseling Agency Can Lower Your Monthly Payments

When you’re trying to pay down your debt sometimes going to the right high caliber outside agency will actually lower your debt and lower your monthly payments. Nowadays many people go to a credit counseling service for this help. A credit counseling agency can help you if you have a large amount of outstanding debts.But you must do a thorough check on any agency you are considering because unfortunately a lot of unscrupulous agencies have sprung up whose sole business purpose is to take advantage of people in need. There are a number of ways to find legitimate credit counseling agencies.The first thing would be to go on the Internet to the National Foundation For Credit. Pick one of their member agencies. They’re certified by the NFCC and they’re non-profit. Being a non-profit credit counseling agency does not necessarily guarantee that they are legitimate, but it’s a good place to begin. When you get in touch with a credit counseling agency they’ll make an appointment for you to bring in lists of your income (if any), assets, and expenses along with any letters you have from all the people you owe money to.The goal of a legitimate agency is to negotiate lower interest rates as well as lower you monthly payments. The goal of a bogus agency is to separate you from your money. Legitimate credit counseling agencies might be able to negotiate lump sum payoffs that are less than the total that you owe. Keep in mind that if you go this route it will be noted on your credit report – and that will lower your credit score.However, at this point in time your credit is probably challenged anyway. So doing this can make life easier for you and ultimately put you back on the road to a better credit rating.How It WorksYou’ll pay the credit counseling agency a small monthly setup fee and perhaps an additional fee for each account that you owe money to. In return they will contact your creditors and negotiate lower monthly payments. For example, if you’re paying off five bills and they charge $5 each, that comes to $25 per day. You would give a check to the agency and they will pay these creditors.The Advantages of Using A Credit Counseling AgencyYour major advantage is that they can often negotiate lower interest rates and lower fees than you’d be able to on your own. That doesn’t mean that you should blindly accept their advice. Look carefully at the plan they are proposing. See if it makes sense. If their plan doesn’t look like it will save you money or help you to pay off your debt sooner don’t feel pressured to do it.Also, because there are so many bogus credit counseling agencies, most people do considerably more research into a company’s background before they sign an agreement with the one they want to represent them.

Ten Critical Questions You Must Ask When Searching For A Legitimate Network Marketing Business

So you’ve decided to start a home based business, but you are not sure if the network marketing company you want to join is right for you. Everything you have heard about them is “TOPS”. But you’re getting all of your information from the company’s independent associates and the up-line. Every time you get on a conference call, the information they provide sounds great. The presenter say everyone is making tons of money, going on trips all the time, driving expensive cars, and living in mansions. Who wouldn’t want to be part of all that success? They talk about the company, the product, and the opportunity. And then, it’s decision time. All of the excitement gets your adrenalin pumping and you’re ready to jump in. But you decide to be cautious, and do a little research on your own. After you arrive home, and its just you and the mirror, you have second thoughts. “Can I really do this business?”, you ask yourself. “What happens if I can’t get anyone to join?” “Is this one of the legitimate home based business opportunities? Or is this another MLM company that feeds off of people like me?” All of sudden, you are not confident as as you were on the opportunity call. Don’t feel bad because you’re not alone.Tens of thousands of North Americans decide to start a home based business every year. And many of them opt for a network marketing opportunity. But the facts remain the same, whether it is a traditional business venture, or an MLM opportunity, most new home based businesses aren’t successful. Why? Its a combination of poor or no research, bad business planning, and unrealistic income expectations.When a person enters the network marketing arena, it usually goes something like this. A friend invites them to an opportunity meeting or to listen in on a opportunity call. When they do so, They usually get caught up in all the hype, and before they can say “What am I getting myself into?”, they have brought into a business, and joined a company they really know nothing about. It happens all to frequently; from hotel conference rooms to private homes, to conference calls, thousands of people join business opportunities every week.Most of these new business owners never get their business off the ground. And if they do, most never turn a profit. Why? The main reason is that most people aren’t ready to start their own business. They weren’t looking to start a new business in the first place; usually someone else convinced them to do so.But there are some people who are ready, and are looking to get started with a business opportunity. And you may be one of them. If so, you probably already have the passion and the drive to make it happen.You probably have the investment money to get it started. And you probably have the money to sustain yourself and your family while you build your business. You are ready. You have researched a number of MLM and network marketing companies that peak your business interest. And now its time to put them to the test. Here are ten questions you must ask before going into business with a MLM or network marketing company:1. Is the company solid? Financially, and Ethically.A. How long have they been in business and what is their financial situation? There are hundreds, if not thousands of new business opportunities that have popped up in the last ten years. It is a good rule of thumb that if a business has been around for 5 years, they should be making a profit.B. Are there a lot of complaints with the BBB, or your State Attorney General’s office? If a company has more than a few complaints, that should trigger a yellow (caution) flag.2. Is there a real need in the marketplace for their service or products?A. What percentage of people need the product or service? If your product or service is only needed by a small percentage of people, then you will have a difficult time marketing it.B. What percentage of people want the product or service? If everyone wants it, or could use it, but very few know its available, then you might have a gold mine. Still, you will have to get the word out; and that’s where the company will be counting on you. There must be a balance between ‘needs’ and ‘wants’, or supply and demand, for a product to be successful in the marketplace.3. Does their product or service support itself without offering the business opportunity?A. In other words, is the product affordable or is it overpriced? Many companies offer inflated prices on their products or services, making it difficult to sell. Often times this leads the associates selling the business opportunity, instead of offering the products. Beware of companies that offer extremely low commissions when you make a sale on the product side, but give huge bonuses when you recruit someone into the business.B. Is the product or service exclusive to network marketing or can you get it anywhere? If a potential customer can get your product just about anywhere, it will be that much harder for you to make a profit and you will need to be able to convince your potential customer that what you have is better than the rest.4. Do they have a real internet presence?A. Can your prospects purchase the product from you online? This is a must in 21st century network marketing. Building a client base will still require human interaction, but when your customer is ready f to make another purchase, this is the easiest, and safest, way to provide them with immediate access to your product(s).B. Is the company new to the internet? Do they have a proven track record? This is important to your success when it comes time to make the sale, or recruit an associate. A good company will always have an IT department with web developers that keep the content current.5. Can you recruit online?A. Can you manage your down-line online? It is vital to your business to be able to track your sales to the penny. Many companies only provide BPV, or product volume, etc. But you want to have daily access to gauge your sales volume in dollars and cents. This also pertains to your down-line. You should have the potential to send broadcast messages and thing of this sort. It will be a very important for communication with your organization.6. After the initial investment, how much money can you expect to invest before you see a check? One of the advantages in going into business with a MLM or network marketing company is supposed to be the low initial investment. Combined with the potential for quick income, these to items are essential in building a successful business. Its called ROI (Return on Investment). The faster you receive it, the greater potential you have of growing you business. The bottom line is if you don’t see yourself drawing a commission within 90 days of starting you business, then another caution flag should go up.7. How fast and how often do they pay commissions?A. Are checks distributed once a month, once a week, or once a day? Many years ago, MLM companies only cut checks at the end of the month. Today, that’s hardly acceptable. Today, money moves a lot quicker then it use to. And it has to in network marketing. Getting your commissions to you as quickly as possible is vital so that you will have money to sustain your business.B. Are checks direct deposited? Point blank; this is a must.8. Is there a real potential for override income?A. If you are at least one level above your recruit, are you entitled to override income? Some companies expect you and your organization to produce a certain amount of volume, or meet certain monthly quotas, before you can receive override income from your downline. Generally, a good rule is to find a company that offers over-rides; if you recruit someone and they are at least one level below you, you should be entitled to overrides from them and their organization.9. Is there potential for real residual income?A. If your customer continues to buy the product or service, do you get monthly commissions? Residual income means you get paid, as long as the customer you introduced to the company, continues to purchase the service or products. This is a no-brainer and real way to build wealth in network marketing.10. Is there real training?A. When you join a MLM company, more than likely, they will encourage you to make your list by going after your warm market. Your warm market is your relatives, friends, neighbors, and co-workers. They will encourage you to have a home meeting, bring your guests to the weekly hotel meeting, or invite them on a conference call. That is all good for generating a quick return on your investment while you are learning the business. But what happens if and when the list drys up? What happens if the person who recruited you drops out of the business? Are your up-line folks accessible? Are there company sponsored training and events?B. Is there training that teaches you how to really tap into 21st century internet marketing? Today the internet is the engine that drives network marketing. Billions of dollars are earned in network marketing utilizing the world wide web. When you decide on your business, make sure that your recruiter has a plan that will position you so that you will be noticed on-line. Make sure that it includes training that will teach you how to target your market and drive traffic to your website. This is the single most important lesson that you will have to learn to ensure you are successful with your new business.So here you have it. The ten questions that must be asked to determine if the company your are interested in offers a legitimate home based business opportunity. You want a company that will assist you in laying the foundation for real success. If that company provides good, concrete answers to these questions, then it’s a good bet that going into business with them will be beneficial. Researching to find the right company and network marketing business to join could very well be the most rewarding time you will invest in your future.

5 Empowering Tracks From Female Icons To Make You Feel Inspired

Sometimes we all need a little lift. Whether you’ve had a recent knock to your confidence, have been going through stress in your personal or professional life, or have always struggled with your self-esteem, music is an essential tool for lifting your spirits and making you feel better about yourself.

According to a study by Heriot-Watt University, the type of music you listen to not only influences your mood, but also your personality, with indie and rock/heavy metal fans reporting the lowest levels of self-esteem, while fans of jazz, blues, opera, classical, pop, rap and soul all reported high levels of self-confidence.

So if you’re having a ‘down day’, why not boost your spirits by listening to some powerful, uplifting tracks? Here are five perfect confidence boosters.

Britney Spears – Toxic

Britney’s own struggles with her mental health and conservatorship have made her an inspiration for many people across the world.

This classic song is timelessly sensual, and the heavy beats throughout make it impossible not to dance to. A welcome blast of nostalgia, this tune has filled dance floors across the globe with fans old and new.

The video features Britney as a female spy playing the sexy flight attendant, seducing her passenger before she makes her escape on a motorbike and breaks into a high-security facility guarded by a laser security system.

This track and video is a guaranteed way to feel invincible, and deserves a place on your playlist no matter your mood.

Kelis – Milkshake

A cheesy classic that is guaranteed to make you feel all warm and gooey inside, Kelis pumps up the heat in this 00’s RnB track. Underpinned by intricate drum beats and electric elements, Kelis’ self-confidence is infectious, and it’s hard not to find yourself smiling at the lyrics.

This track is a great way to get into a flirtatious mindset, making it a great choice before going on a date or heading out for the evening.

And if you’re staying in? It’s a great mood lift. But beware! You may find yourself craving a sweet treat.

Eve (ft. Gwen Stefani) – Let Me Blow Your Mind

This RnB classic will capture your attention with its assertive rhythm and powerful vocals from 00’s icons Eve and Gwen Stefani. Featuring a laid-back – yet self-assured – beat, and catchy guitar riff, this is a great track for driving, and its empowering feel is sure to help you feel motivated.

Got a job interview lined up, or thinking of asking for a raise? This anthemic number is a quick way to feel positive and more assertive.

The video features Eve and Gwen Stefani crashing an exclusive event on quad bikes, causing a stir among the privileged attendants, and shoving the performer off stage to perform their own music, before finally being arrested and taken to the station in a police van.

This ‘baddie’ track helps you to tap into the hidden ‘bold’ side of your personality, and lifts your mood while keeping you feeling calm and cool.

Fergie – MILF$

If you have kids, it can be difficult to feel sexy. When you’re running around cleaning the house, changing nappies, or up to your elbows in dishwater, you can easily forget your sensual side – leaving you feeling frumpy and lacking in confidence and motivation.

Thankfully, Fergie’s comeback track is a quick remedy to your low mood and lethargy.

Featuring attractive mothers dressed in curve-hugging latex and silky lingerie going about their daily life in a dreamy, colourful suburbia, this track is a quick way to transform your self-esteem and transport you to a world where you are not just a mother, but a goddess too.

Why not shake off the day and tap into your feminine energy with Fergie, your sexiest PJs, and a bottle of your favourite wine?

Marina And The Diamonds – How To Be A Heartbreaker

Low confidence after a breakup? You’re not alone. Having your heart broken can leave you feeling depressed, undesirable, and unmotivated. So flip the tables on your ex and become a heartbreaker with Marina’s catchy club classic.

This empowering dance track will make you want to move your body and get in touch with your bad girl side, with its heavy beat and pounding rhythms.

Plus, if your libido has suffered as a result of your low mood, take a sneaky peek at the video – it will get your blood pumping with its steamy shower shots and smoking hot male models.