Book Review—Applied Oracle Security
David Knox, Scott Gaetjen, Hamza Jahangir, Tyler Muth, Patrick Sack, Richard Wark and Bryan Wise | Reviewed by Horst Karin, Ph.D., CISA, CISSP, ITIL
The strength of this book is its comprehensive knowledge, which is presented in an easy-to-understand style with useful supporting background information.
Book Review—Hacking Exposed: Malware and Rootkits
Michael Davis, Sean M. Bodmer and Aaron LeMasters | Reviewed by Vishnu Kanhere, Ph.D., CISA, CISM, AICWA, CFE, FCA, IRCA, ISO 9001:2000 QMS Prov. Auditor
This is a must-read reference book for those responsible for security and is a useful addition to the business library.
A Young Professional’s Guide to Career Success Using Soft Skills
Mark Kandra, CISA, PMP, SSBB, ITIL, Tim Sewell, CISA, CEH, CISSP, and Jotham Nyamari, CISA
This article examines the importance of soft skills in career success, identifies a number of key soft skills areas and discusses ways to improve those skills.
Auditing Security Risks in Virtual IT Systems
Abhik Chaudhuri, MCA, PMP, SH (Basie) von Solms, and Dipanwita Chaudhuri, ACA (ICAI), MIIA
This article discusses virtual IT systems and the inherent risks that need to be audited for proper risk mitigation.
Chain Exploitation—Social Networks Malware
Aditya K. Sood and Richard Enbody, Ph.D.
This article discusses malware infection strategies used by attackers to infect social networking web sites and addresses security from the user perspective.
Five Questions With...
Feinman is chief executive officer of Identity Finder and a security and privacy expert based in New York, New York, USA. He has more than 15 years of experience in the industry and is an internationally published author and media personality.
Gan Subramaniam, CISA, CISM, CCNA, CCSA, CIA, CISSP, ISO 27001 LA, SSCP
Organisations that do not have proper records retention policies, in particular those that process information on behalf of their clients, have landed in trouble.
A Fundamental Question
By Steven J. Ross, CISA, CISSP, MBCP
Do corporations have the right to secure their information? Put another way, do governments have the right to compel corporations to divulge information if governments see national (or local) safety at stake?