InformationSecurity concerns itself with the technical aspects of SecurityManagement. The migration of material (and links) from SecurityManagement is not yet complete. -- dl

''This is not the normal definition. InformationSecurity is about the security of information (and as such is really what's discussed on the SecurityManagement page. (inserts reminder to self to do a little gnoming later)''
----

'''Resources'''

'''People to watch in InformationSecurity industry'''
* BruceSchneier
* Jothy Rosenberg 

a WebServicesSecurity guru, founder of GeoTrust? and author of "Securing Web Services with WS-Security" (ISBN 0672326515).

Some of his articles include:
* "Visibility and health of WebServices the missing element" at 
**http://www.line56.com/print/default.asp?ArticleID=4987
* John Pescatore

a GartnerInc VP with expertise in matters related to SecurityManagement.

Some of his views include:

* "Enterprises need to include security costs in Platform decisions"  
**http://www.internetnews.com/ent-news/article.php/3351501
''Industry trends and developments''
* ''Comparative study of IT security criteria 2001 '' 
** http://www.initiatived21.de/druck/news/publikationen2002/doc/22_1053502416.pdf
* ''Paid Hackers'' 
** http://www.nwanews.com/story.php?paper=adg&section=Business&storyid=101108
* ''Phishing (see section in SocialEngineering) becoming big time at end 2004''  
** http://www.reuters.com/newsArticle.jhtml?type=technologyNews&storyID=7372770

''GoogleH''''''acking becoming important battleground in early 05''  
*http://www.computerworld.com/printthis/2005/0,4814,100051,00.html

''Standards related to Information security''
* ''Comparative study of IT security criteria 2001 '' 
** http://www.initiatived21.de/druck/news/publikationen2002/doc/22_1053502416.pdf
* ''NIST Computer Security Resource Center''. 
** http://csrc.nist.gov/

''Evolving interface between Information security and IT Audit''  -- Source: DonTurnblade
* ''Undesputed Roles''
** ''Information Security''
*** ''Identity Management''
*** ''Incident Response''
*** ''Technology hardening standards''
** ''IT Audit''
*** ''Escallation can skip directly to top brass.''
*** ''IT Governance standards''
* ''Examples of VP level relationship between IT Audit and Information Security''
** ''Information Security is a unit inside IT Audit''
*** ''Earnst & Young''
** ''Informaiton Security is a peer unit beside IT Audit''
*** ''Many leading mortgage lender companies''
** ''Information Security is the parent unit of IT Audit''
*** ''Verisign''


----
See also InfoSec, WebApplicationSecurity, NetworkSecurity

----
CategorySecurity CategoryEnterpriseComputingConcerns