Computer Software Bugs and Other IT Threats to Critical Infrastructure: A Preliminary Set of Considerations for IT Governance

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Computer Software Bugs and Other IT Threats to Critical Infrastructure: A Preliminary Set of Considerations for IT Governance"

Transcription

1 Computer Software Bugs and Other IT Threats to Critical Infrastructure: A Preliminary Set of Considerations for IT Governance Presentation for the Seventh European Academic Conference on Internal Audit and Corporate Governance by Michael K. Lavine, Ph.D. Johns Hopkins University Information Security Institute and Georges M. Selim, Ph.D. Cass Business School 16 April 2009

2 Background Information Since President Clinton s administration in the 1990s, there have been a number of important initiatives in the USA to use Government and Web Information Systems to share information about IT Security/Information Assurance threats, risks, protection mechanisms and best practices With the growth of E-Commerce and IT systems, emphasis has been made to protect the critical infrastructures (e.g. banking, telecomm, emergency services etc.) of which approximately 90% in the USA is controlled by the private sector

3 Introduction and Background Tremendous growth of E-Commerce systems, networks, mobile devices and Internet connectivity all contributed to increased threats to IT security Various national Government initiatives in critical infrastructure protection and information sharing The focus of this project is on Software Bugs with additional information on viruses, trojans and exploit scripts as major areas of risk to organisations How can this research potentially impact IT governance and risk management?

4 Research Overview Methodology based on a Grounded Theory approach (Glaser and Strauss, 1967) Provides an ability to develop creative approaches to new areas of research This is a popular research methodology in the Information Systems field Data collection and analysis was based on secondary data from official U.S. government data sources supported by the FBI and DHS

5 Common IT Technical Risks Software Bugs Viruses Trojans Exploit Scripts Other Types of Computer Malware Denial of Service Web Site Defacements Plus a Growing Range of Emerging Techniques (i.e. Phishing, Botnets, Crimeware, Scareware)

6 Descriptive Data Summary: Bugs Exploit Scripts Viruses Trojans Freq. Perc. Freq. Perc. Freq. Perc. Freq. Perc. Year , , , , , , , , , Total 6, , , ,

7 Software Bugs Software Bugs are errors in a computer program (i.e. operating systems or application software) which causes the program to not perform as intended. Most software bugs are attributable to the software source code and result in design or compilers processing errors. Normally, computer programmers use a variety of techniques referred to as de-bugging to perform quality assurance and other tests on the software code. Some common types of software bugs are: buffer overflows, race condition errors, memory leaks and stack errors.

8 Software Bugs: Total Bugs Reported by Month Dec-03 Nov-03 Oct-03 Sep-03 Aug-03 Jul-03 Jun-03 May-03 Apr-03 Mar-03 Feb-03 Jan-03 Dec-02 Nov-02 Oct-02 Sep-02 Aug-02 Jul-02 Jun-02 May-02 Apr-02 Mar-02 Feb-02 Jan-02 Dec-01 Nov-01 Oct-01 Sep-01 Aug-01 Jul-01 Jun-01 May-01 Apr-01 Mar-01 Feb-01 Jan-01 Dec-00 Nov-00 Oct-00 Sep-00 Aug-00 Jul-00 Jun-00 May-00 Apr-00 Mar-00 Feb-00 Jan New Bugs Month Updated Bugs Number of Reported Items

9 Critical Software Bugs by Risk Classification: Study Period High Medium Low All Other Total Freq. Percent. Freq. Percent. Freq. Percent. Freq. Percent. Freq. Percent. Q % % % % % Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Total 2, % 2, % 1, % % 6, % Percent of Total 40.50% 31.62% 16.12% 11.76% %

10 Critical Bugs by Vulnerability Type: in Rank Order Vulnerability Type Ranking Buffer Overflow 1 Denial of Service 2 Multiple Vulnerabilities 3 General Security 4 Password 5 Unauthorised Access 6 Remote Access 7 Directory Transversal 8 Race Condition 9 Web Server IIS 10 Root Access Format String 13

11 Exploit Scripts Exploit Scripts are purpose built program scripts or small sets/sequences of commands that attack specific vulnerabilities in computer software (Adapted from Karestand, 2003). Sometimes these can be generated by computer code generators (Thompson, 2002). Currently, common scripting languages include PERL, Visual Basic and Java Script.

12 Exploit Scripts: Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Frequency Percentage Study Quarter Number of Reported Cases Percentage

13 Viruses Viruses are a common form of malware and were studied early on by many computer science researchers. Karestand (2003, p. 42) quoting earlier researchers, defines a computer virus, as a computer program that is able to replicate by attaching itself to other computer programs in some way. Furthermore, the program the virus attaches to is called a host or victim program.

14 Frequency 6 Percent Q Viruses: Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Study Quarter Number of Reported Items Percentage

15 Trojans Trojans derive their name from the Trojan Horses of ancient times. This type of malware can pretend to be a piece of legitimate (e.g. trusted) software, but develops into a destructive mechanism or function that can be activated. Often this is done by a remote user such as a hacker, criminal organisation or terrorist group.

16 Trojans: Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Frequency Percentage Study Quarter Number of Reported Cases Percentage

17 Research Hypothesis No. 1 H1: There is a defined correlation between the new critical software bugs detailed in the NIPC s CyberNotes newsletters and the general number of new software bugs identified by the U.S. Computer Emergency Response Team/Coordination Centre (CERT/CC) and the U.S. National Institute of Standards and Technology (NIST).

18 Hypothesis No. 1 - Results Software Bugs Correlation Analysis Panel A: Pearson Correlation Coefficients (N=48) CERT/CC BUGS NIST BUGS BUGS p = p = Panel B: Spearman Rank Correlation Coefficients (N=48) CERT/CC BUGS NIST BUGS BUGS p = p = Result: The new critical software bugs are correlated to the CERT/CC Bugs, but there is no association of these same bugs to the NIST software bugs.

19 Research Hypothesis No. 2 H2: There is a defined correlation between the number of critical computer viruses detailed in the NIPC s CyberNotes newsletters and the general number of computer viruses found in the wild.

20 Hypothesis No. 2 - Results Computer Viruses Correlation Analysis Panel A: Pearson Correlation Coefficients (N=48) VIRUSES IN THE WILD VIRUSES p = Panel B: Spearman Rank Correlation Coefficients (N=48) VIRUSES IN THE WILD VIRUSES p = Result: No linear relationship was observed.

21 Possible Considerations for IT Governance 1. Board of Directors concerns and understanding of IT Security? Furthermore, what are their roles and responsibilities in this area? 2. Management has serious concerns about IT Threats and Risks (supported by various Big Four surveys), how does Internal Audit assist in this area from a risk management perspective? 3. Role of Internal Audit in IT Governance activities; more specifically how it relates to IT Security 4. What reporting measures can be developed to improve IT Governance? And can these measures be used in modeling and metric development?

22 Suggestions for Future Research 1. Assess the potential extensions of existing control frameworks to include more information about IT Security Threat reporting 2. Conduct a comparative international study 3. Expand statistical testing and modeling with the use of additional study variables for different threats

23 Questions and Feedback

HOSPIRA (HSP US) HISTORICAL COMMON STOCK PRICE INFORMATION

HOSPIRA (HSP US) HISTORICAL COMMON STOCK PRICE INFORMATION 30-Apr-2004 28.35 29.00 28.20 28.46 28.55 03-May-2004 28.50 28.70 26.80 27.04 27.21 04-May-2004 26.90 26.99 26.00 26.00 26.38 05-May-2004 26.05 26.69 26.00 26.35 26.34 06-May-2004 26.31 26.35 26.05 26.26

More information

Median and Average Sales Prices of New Homes Sold in United States

Median and Average Sales Prices of New Homes Sold in United States Jan 1963 $17,200 (NA) Feb 1963 $17,700 (NA) Mar 1963 $18,200 (NA) Apr 1963 $18,200 (NA) May 1963 $17,500 (NA) Jun 1963 $18,000 (NA) Jul 1963 $18,400 (NA) Aug 1963 $17,800 (NA) Sep 1963 $17,900 (NA) Oct

More information

THE UNIVERSITY OF BOLTON

THE UNIVERSITY OF BOLTON JANUARY Jan 1 6.44 8.24 12.23 2.17 4.06 5.46 Jan 2 6.44 8.24 12.24 2.20 4.07 5.47 Jan 3 6.44 8.24 12.24 2.21 4.08 5.48 Jan 4 6.44 8.24 12.25 2.22 4.09 5.49 Jan 5 6.43 8.23 12.25 2.24 4.10 5.50 Jan 6 6.43

More information

AT&T Global Network Client for Windows Product Support Matrix January 29, 2015

AT&T Global Network Client for Windows Product Support Matrix January 29, 2015 AT&T Global Network Client for Windows Product Support Matrix January 29, 2015 Product Support Matrix Following is the Product Support Matrix for the AT&T Global Network Client. See the AT&T Global Network

More information

NAV HISTORY OF DBH FIRST MUTUAL FUND (DBH1STMF)

NAV HISTORY OF DBH FIRST MUTUAL FUND (DBH1STMF) NAV HISTORY OF DBH FIRST MUTUAL FUND () Date NAV 11-Aug-16 10.68 8.66 0.38% -0.07% 0.45% 3.81% 04-Aug-16 10.64 8.66-0.19% 0.87% -1.05% 3.76% 28-Jul-16 10.66 8.59 0.00% -0.34% 0.34% 3.89% 21-Jul-16 10.66

More information

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS* COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) 2 Fixed Rates Variable Rates FIXED RATES OF THE PAST 25 YEARS AVERAGE RESIDENTIAL MORTGAGE LENDING RATE - 5 YEAR* (Per cent) Year Jan Feb Mar Apr May Jun

More information

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS* COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) 2 Fixed Rates Variable Rates FIXED RATES OF THE PAST 25 YEARS AVERAGE RESIDENTIAL MORTGAGE LENDING RATE - 5 YEAR* (Per cent) Year Jan Feb Mar Apr May Jun

More information

Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138. Exhibit 8

Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138. Exhibit 8 Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138 Exhibit 8 Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 2 of 138 Domain Name: CELLULARVERISON.COM Updated Date: 12-dec-2007

More information

Analysis One Code Desc. Transaction Amount. Fiscal Period

Analysis One Code Desc. Transaction Amount. Fiscal Period Analysis One Code Desc Transaction Amount Fiscal Period 57.63 Oct-12 12.13 Oct-12-38.90 Oct-12-773.00 Oct-12-800.00 Oct-12-187.00 Oct-12-82.00 Oct-12-82.00 Oct-12-110.00 Oct-12-1115.25 Oct-12-71.00 Oct-12-41.00

More information

ANNEXURE 1 STATUS OF 518 DEMAT REQUESTS PENDING WITH NSDL

ANNEXURE 1 STATUS OF 518 DEMAT REQUESTS PENDING WITH NSDL ANNEXURE 1 STATUS OF 518 DEMAT REQUESTS PENDING WITH NSDL Sr. No. Demat Request No.(DRN) DP ID Client ID Date of Demat Request Received Quantity Requested Date of Demat Request Processed No. of days of

More information

Enhanced Vessel Traffic Management System Booking Slots Available and Vessels Booked per Day From 12-JAN-2016 To 30-JUN-2017

Enhanced Vessel Traffic Management System Booking Slots Available and Vessels Booked per Day From 12-JAN-2016 To 30-JUN-2017 From -JAN- To -JUN- -JAN- VIRP Page Period Period Period -JAN- 8 -JAN- 8 9 -JAN- 8 8 -JAN- -JAN- -JAN- 8-JAN- 9-JAN- -JAN- -JAN- -JAN- -JAN- -JAN- -JAN- -JAN- -JAN- 8-JAN- 9-JAN- -JAN- -JAN- -FEB- : days

More information

COE BIDDING RESULTS 2009 Category B Cars >1600 cc

COE BIDDING RESULTS 2009 Category B Cars >1600 cc Quota System A COE BIDDING RESULTS 2009 B Jan-2009 Quota 1,839 1,839 1,100 1,099 274 268 409 411 767 758 Successful bids 1,784 1,832 1,100 1,097 274 260 401 386 763 748 Bids received 2,541 2,109 1,332

More information

S&P Year Rolling Period Total Returns

S&P Year Rolling Period Total Returns S&P 500 10 Year Rolling Period Total Returns Summary: 1926 June 2013 700% 600% 500% 400% 300% 200% 100% 0% 100% Scatter chart of all 931 ten year periods. There were 931 ten year rolling periods from January

More information

Deep Security/Intrusion Defense Firewall - IDS/IPS Coverage Statistics and Comparison

Deep Security/Intrusion Defense Firewall - IDS/IPS Coverage Statistics and Comparison Deep Security/Intrusion Defense Firewall - IDS/IPS Trend Micro, Incorporated A technical brief summarizing vulnerability coverage provided by Deep Security and Intrusion Defense Firewall. The document

More information

Vulnerability Assessment & Compliance

Vulnerability Assessment & Compliance www.pwc.com Vulnerability Assessment & Compliance August 3 rd, 2011 Building trust through Information security* Citizen-Centric egovernment state Consultantion workshop Agenda VAPT What and Why Threats

More information

Deep Security Intrusion Detection & Prevention (IDS/IPS) Coverage Statistics and Comparison

Deep Security Intrusion Detection & Prevention (IDS/IPS) Coverage Statistics and Comparison Deep Security Intrusion Detection & Prevention (IDS/IPS) Trend Micro, Incorporated A technical brief summarizing vulnerability coverage provided by Deep Security. The document also outlines a comparison

More information

A!Team!Cymru!EIS!Report:!Growing!Exploitation!of!Small! OfCice!Routers!Creating!Serious!Risks!

A!Team!Cymru!EIS!Report:!Growing!Exploitation!of!Small! OfCice!Routers!Creating!Serious!Risks! ATeamCymruEISReport:GrowingExploitationofSmall OfCiceRoutersCreatingSeriousRisks PoweredbyTeamCymru sthreatintelligencegroup Page 1of 14www.team-cymru.com www.team-cymru.com Threat'Intelligence'Group EXECUTIVE

More information

Ashley Institute of Training Schedule of VET Tuition Fees 2015

Ashley Institute of Training Schedule of VET Tuition Fees 2015 Ashley Institute of Training Schedule of VET Fees Year of Study Group ID:DECE15G1 Total Course Fees $ 12,000 29-Aug- 17-Oct- 50 14-Sep- 0.167 blended various $2,000 CHC02 Best practice 24-Oct- 12-Dec-

More information

Computing & Telecommunications Services Monthly Report March 2015

Computing & Telecommunications Services Monthly Report March 2015 March 215 Monthly Report Computing & Telecommunications Services Monthly Report March 215 CaTS Help Desk (937) 775-4827 1-888-775-4827 25 Library Annex helpdesk@wright.edu www.wright.edu/cats/ Last Modified

More information

2015-16 BCOE Payroll Calendar. Monday Tuesday Wednesday Thursday Friday Jun 29 30 Jul 1 2 3. Full Force Calc

2015-16 BCOE Payroll Calendar. Monday Tuesday Wednesday Thursday Friday Jun 29 30 Jul 1 2 3. Full Force Calc July 2015 CM Period 1501075 July 2015 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 August 2015 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26

More information

Current counter-measures and responses by CERTs

Current counter-measures and responses by CERTs Current counter-measures and responses by CERTs Jeong, Hyun Cheol hcjung@kisa.or.kr April. 2007 Contents I. Malware Trends in Korea II. Malware from compromised Web sites III. Case Study : Malware countermeasure

More information

Using big data analytics to identify malicious content: a case study on spam emails

Using big data analytics to identify malicious content: a case study on spam emails Using big data analytics to identify malicious content: a case study on spam emails Mamoun Alazab & Roderic Broadhurst Mamoun.alazab@anu.edu.au http://cybercrime.anu.edu.au 2 Outline Background Cybercrime

More information

Dragonfly: Energy Companies Under Sabotage Threat Symantec Security Response

Dragonfly: Energy Companies Under Sabotage Threat Symantec Security Response Dragonfly: Energy Companies Under Sabotage Threat Symantec Security Response Dragonfly: Western Energy Companies Under Sabotage Threat 1 What is Dragonfly? Ongoing cyberespionage campaign Targeting the

More information

CENTERPOINT ENERGY TEXARKANA SERVICE AREA GAS SUPPLY RATE (GSR) JULY 2015. Small Commercial Service (SCS-1) GSR

CENTERPOINT ENERGY TEXARKANA SERVICE AREA GAS SUPPLY RATE (GSR) JULY 2015. Small Commercial Service (SCS-1) GSR JULY 2015 Area (RS-1) GSR GSR (LCS-1) Texarkana Incorporated July-15 $0.50690/Ccf $0.45450/Ccf $0.00000/Ccf $2.85090/MMBtu $17.52070/MMBtu Texarkana Unincorporated July-15 $0.56370/Ccf $0.26110/Ccf $1.66900/Ccf

More information

Summary of the State of Security

Summary of the State of Security Summary of the State of Security Tram Jewett, CISA CliftonLarsonAllen LLP Virginia GFOA Annual Spring Conference, 2016 1 1 Summary of the State of Security Tram Jewett, MS., CISA, 11 years IT audit and

More information

Internet Security Topics

Internet Security Topics Internet Security Topics JPCERT/CC Japan Computer Emergency Response Team Coordination Center Yurie Ito, Director Technical Operation 1 Today s Agenda 1. Incident Trends Purpose/motivation, methods 2.

More information

Consumer ID Theft Total Costs

Consumer ID Theft Total Costs Billions Consumer and Business Identity Theft Statistics Business identity (ID) theft is a growing crime and is a growing concern for state filing offices. Similar to consumer ID theft, after initially

More information

BUGAT TROJAN JOINS THE MOBILE REVOLUTION

BUGAT TROJAN JOINS THE MOBILE REVOLUTION BUGAT TROJAN JOINS THE MOBILE REVOLUTION June 2013 RSA researchers analyzing Bugat Trojan attacks have recently learned that Bugat s developers managed to develop and deploy mobile malware designed to

More information

Managing Information Systems Seventh Canadian Edition. Laudon, Laudon and Brabston. CHAPTER 8 Securing Information Systems

Managing Information Systems Seventh Canadian Edition. Laudon, Laudon and Brabston. CHAPTER 8 Securing Information Systems Managing Information Systems Seventh Canadian Edition Laudon, Laudon and Brabston CHAPTER 8 Securing Information Systems Copyright 2015 Pearson Canada Inc. 8-1 System Vulnerability and Abuse Security:

More information

NTREIS MLS Area Housing Activity Report Compiled for North Texas Real Estate Information System. Current Month Summary for: July 2016

NTREIS MLS Area Housing Activity Report Compiled for North Texas Real Estate Information System. Current Month Summary for: July 2016 Use PDF Bookmarks for direct link to report tables. NTREIS MLS Area Housing Activity Report Compiled for North Texas Real Estate Information System Current Month Summary for: July 2016 Property Type Sales

More information

P/T 2B: 2 nd Half of Term (8 weeks) Start: 25-AUG-2014 End: 19-OCT-2014 Start: 20-OCT-2014 End: 14-DEC-2014

P/T 2B: 2 nd Half of Term (8 weeks) Start: 25-AUG-2014 End: 19-OCT-2014 Start: 20-OCT-2014 End: 14-DEC-2014 2014-2015 SPECIAL TERM ACADEMIC CALENDAR FOR SCRANTON EDUCATION ONLINE (SEOL), MBA ONLINE, HUMAN RESOURCES ONLINE, NURSE ANESTHESIA and ERP PROGRAMS SPECIAL FALL 2014 TERM Key: P/T = Part of Term P/T Description

More information

P/T 2B: 2 nd Half of Term (8 weeks) Start: 26-AUG-2013 End: 20-OCT-2013 Start: 21-OCT-2013 End: 15-DEC-2013

P/T 2B: 2 nd Half of Term (8 weeks) Start: 26-AUG-2013 End: 20-OCT-2013 Start: 21-OCT-2013 End: 15-DEC-2013 2013-2014 SPECIAL TERM ACADEMIC CALENDAR FOR SCRANTON EDUCATION ONLINE (SEOL), MBA ONLINE, HUMAN RESOURCES ONLINE, NURSE ANESTHESIA and ERP PROGRAMS SPECIAL FALL 2013 TERM Key: P/T = Part of Term P/T Description

More information

Detailed guidance for employers

Detailed guidance for employers April 2015 3 Detailed guidance for employers Appendix A: Pay reference periods This document accompanies: Detailed guidance no. 3 Assessing the workforce Pay reference period calendars where the definition

More information

Deep Security Vulnerability Protection Summary

Deep Security Vulnerability Protection Summary Deep Security Vulnerability Protection Summary Trend Micro, Incorporated This documents outlines the process behind rules creation and answers common questions about vulnerability coverage for Deep Security

More information

Measuring and Monitoring Customer Experience

Measuring and Monitoring Customer Experience Measuring and Monitoring Experience Tom Exeter Sales, Marketing & Experience Executive Sport & Physical Activity, Commercial Services, University of Leeds Background to our organisation. The department

More information

P/T 2B: 2 nd Half of Term (8 weeks) Start: 24-AUG-2015 End: 18-OCT-2015 Start: 19-OCT-2015 End: 13-DEC-2015

P/T 2B: 2 nd Half of Term (8 weeks) Start: 24-AUG-2015 End: 18-OCT-2015 Start: 19-OCT-2015 End: 13-DEC-2015 2015-2016 SPECIAL TERM ACADEMIC CALENDAR For Scranton Education Online (SEOL), Masters of Business Administration Online, Masters of Accountancy Online, Health Administration Online, Health Informatics

More information

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft) 1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction

More information

AgriLife Information Technology IT General Session January 2010

AgriLife Information Technology IT General Session January 2010 AgriLife Information Technology IT General Session January 2010 Agenda Topics Year in Review Enterprise IT Services Update FirstCall Overview and Next Steps Sophos Antivirus Initiative Update Information/

More information

E-Commerce Security and Fraud Protection CHAPTER 9

E-Commerce Security and Fraud Protection CHAPTER 9 E-Commerce Security and Fraud Protection CHAPTER 9 LEARNING OBJECTIVES 1. Understand the importance and scope of security of information systems for EC. 2. Describe the major concepts and terminology of

More information

PHISHING IN SEASON TAX TIME MALWARE, PHISHING AND FRAUD

PHISHING IN SEASON TAX TIME MALWARE, PHISHING AND FRAUD PHISHING IN SEASON TAX TIME MALWARE, PHISHING AND FRAUD April 2013 As cybercriminals will have it, phishing attacks are quite the seasonal trend. It seems that every April, after showing a slight decline

More information

DATES OF PUBLICATION FOR ISSUES OF THE JOURNAL RHODORA (Volume 1-116)

DATES OF PUBLICATION FOR ISSUES OF THE JOURNAL RHODORA (Volume 1-116) DATES OF PUBLICATION FOR ISSUES OF THE JOURNAL RHODORA (Volume 1-116) Prepared by JAMES L. REVEAL and KANCHI N. GANDHI Some dates of publication were not reported in the journal. These are marked with

More information

BERACHAH CHURCH MEDIA CATALOG 2016

BERACHAH CHURCH MEDIA CATALOG 2016 BERACHAH CHURCH MEDIA CATALOG 2016 MP3 AUDIO Please order by Series and number Limit: 2 discs per month Series #100 INVESTITURE SERVICE 1 1 28 Mar 2004 Series #101 MEMORIAL SERVICES 1 1 Col. Thieme 23

More information

Addiction and Prevention Services State Quality Committee

Addiction and Prevention Services State Quality Committee This report shows the detail of how many claims were processed by ValueOptions each month, the timeframe for processing and the percentage of claims processed that denied. AGGREGATE ANALYSIS REPORT Final

More information

Trimble Navigation Limited (NasdaqGS:TRMB) > Public Ownership > Officials' Trading

Trimble Navigation Limited (NasdaqGS:TRMB) > Public Ownership > Officials' Trading Trimble Navigation Limited (NasdaqGS:TRMB) > Public Ownership > Officials' Trading Individual Trades Holder Name Trade Date Range Transacted Shares Transaction Value (USD) Transaction Type Price Range

More information

Spine Warranted Environment Specification

Spine Warranted Environment Specification Spine Warranted Environment Specification 2015 Richard Trusson June 2015 1 Copyright 2015, Health and Social Care Information Centre. Contents Introduction 3 Scope 3 Intended Audience 4 Approach 4 Changes

More information

Government proposals to reform vocational qualifications for 16-19 year olds in England

Government proposals to reform vocational qualifications for 16-19 year olds in England Government proposals to reform vocational qualifications for 16-19 year olds in England A consultation published by the Department for Education (DfE) on 7 th March 2013 What reforms does the consultation

More information

2016 Examina on dates

2016 Examina on dates Please note the following informa on: The following exams are available throughout the year: Please click on the exam for which you wish to see the dates. When you have finished, you can select to return

More information

Certification Programs

Certification Programs Certification Programs 2014 The SBS Institute serves community banks by providing educational programs that will certify a banker has the knowledge and skills to protect against todays information security

More information

TERMS OF REFERENCE HUMAN RESOURCES AND GOVERNANCE COMMITTEE. The purpose of the Human Resources and Governance Committee (the Committee ) is to

TERMS OF REFERENCE HUMAN RESOURCES AND GOVERNANCE COMMITTEE. The purpose of the Human Resources and Governance Committee (the Committee ) is to I. PURPOSE The purpose of the Human Resources and Governance Committee (the Committee ) is to A. assist the Board in fulfilling its obligations relating to human resource and compensation matters and to

More information

US Inflation Rate Consumer Price Index

US Inflation Rate Consumer Price Index 1960 1962 1964 1966 1968 1970 1972 1974 1976 1978 1980 1982 1984 1986 1988 1990 1992 1994 1996 1998 2000 2002 2004 2006 2008 2010 2012 2014 US Inflation Rate Consumer Price Index 14.0% 13.0% 12.0% 11.0%

More information

CAFIS REPORT 2015.10

CAFIS REPORT 2015.10 CAFIS REPORT 2015.10 INDEX Message CAFIS Inbound 03-06 07-08 CAFIS Arch 09-10 CAFIS Brain 11-12 CAFIS Global 13-14 What We Do 15-16 About CAFIS 17-18 Services for Member Stores 19-34 Services for Card

More information

Domain Name Abuse Detection. Liming Wang

Domain Name Abuse Detection. Liming Wang Domain Name Abuse Detection Liming Wang Outline 1 Domain Name Abuse Work Overview 2 Anti-phishing Research Work 3 Chinese Domain Similarity Detection 4 Other Abuse detection ti 5 System Information 2 Why?

More information

22.Apr Artificial Insemination for Cattle, Irene. 04.Mar Pregnancy Diagnosis for Cattle, Irene 05.Mar Calf Rearing Management (Cattle), Irene

22.Apr Artificial Insemination for Cattle, Irene. 04.Mar Pregnancy Diagnosis for Cattle, Irene 05.Mar Calf Rearing Management (Cattle), Irene 01.Mar Artificial Insemination for Cattle, Irene 02.Mar Artificial Insemination for Cattle, Irene 03.Mar Artificial Insemination for Cattle, Irene 04.Mar Pregnancy Diagnosis for Cattle, Irene 05.Mar Calf

More information

2015 Examination dates

2015 Examination dates Please note the following information: The following exams are available throughout the year: BULATS Paper-based: Please click on the exam for which you wish to see the dates. When you have finished, you

More information

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance Evolving Threats and Attacks: A Cloud Service Provider s viewpoint John Howie Senior Director Online Services Security and Compliance Introduction Microsoft s Cloud Infrastructure Evolution of Threats

More information

CITADEL TROJAN OUTGROWING ITS ZEUS ORIGINS

CITADEL TROJAN OUTGROWING ITS ZEUS ORIGINS CITADEL TROJAN OUTGROWING ITS ZEUS ORIGINS May 2012 As of April 30th, 2012 the Citadel Trojan was at its fourth upgrade with Version 1.3.4.0 already in the hands of its customers. Citadel s features, bug

More information

CHILDREN AND YOUNG PEOPLE'S PLAN: PLANNING AND PERFORMANCE MANAGEMENT STRATEGY

CHILDREN AND YOUNG PEOPLE'S PLAN: PLANNING AND PERFORMANCE MANAGEMENT STRATEGY CHILDREN AND YOUNG PEOPLE'S PARTNERSHIP BOARD CHILDREN AND YOUNG PEOPLE'S PLAN: PLANNING AND PERFORMANCE MANAGEMENT STRATEGY 1 Introduction 1.1 The purposes of this strategy are to set out: i) the arrangements

More information

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord Building The Human Firewall Andy Sawyer, CISM, C CISO Director of Security Locke Lord Confidentiality, Integrity, Availability Benchmarks of Cybersecurity: Confidentiality Information is protected against

More information

BROMSGROVE DISTRICT COUNCIL PERFORMANCE MANAGEMENT BOARD 16 DECEMBER 2008 PERFORMANCE MANAGEMENT BOARD PROPOSED PROGRAMME 2008/09

BROMSGROVE DISTRICT COUNCIL PERFORMANCE MANAGEMENT BOARD 16 DECEMBER 2008 PERFORMANCE MANAGEMENT BOARD PROPOSED PROGRAMME 2008/09 BROMSGROVE DISTRICT COUNCIL PERFORMANCE MANAGEMENT BOARD 16 DECEMBER 2008 PERFORMANCE MANAGEMENT BOARD PROPOSED PROGRAMME 2008/09 Responsible Member Responsible Head of Service Councillor - James Duddy,

More information

Protect Yourself in the Cloud Age

Protect Yourself in the Cloud Age Protect Yourself in the Cloud Age Matthew Wu Consultant Hong Kong Computer Emergency Response Team Coordination Centre About HKCERT HKCERT ( 香 港 電 腦 保 安 事 故 協 調 中 心 ) Established in 2001 Funding & Operation

More information

The dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more

The dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more The dramatic growth in mobile device malware continues to escalate at an ever-accelerating pace. These threats continue to become more sophisticated while the barrier to entry remains low. As specific

More information

Penetration Testing Service. By Comsec Information Security Consulting

Penetration Testing Service. By Comsec Information Security Consulting Penetration Testing Service By Consulting February, 2007 Background The number of hacking and intrusion incidents is increasing year by year as technology rolls out. Equally, there is no hiding place your

More information

Cost effective methods of test environment management. Prabhu Meruga Director - Solution Engineering 16 th July SCQAA Irvine, CA

Cost effective methods of test environment management. Prabhu Meruga Director - Solution Engineering 16 th July SCQAA Irvine, CA Cost effective methods of test environment management Prabhu Meruga Director - Solution Engineering 16 th July SCQAA Irvine, CA 2013 Agenda Basic complexity Dynamic needs for test environments Traditional

More information

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html

More information

Agenda. John Veldhuis, Sophos The playing field Threats Mobile Device Management. Pagina 2

Agenda. John Veldhuis, Sophos The playing field Threats Mobile Device Management. Pagina 2 Mobile Security Agenda John Veldhuis, Sophos The playing field Threats Mobile Device Management Pagina 2 The Changing Mobile World Powerful devices Access everywhere Mixed ownership User in charge Powerful

More information

Annexure B: Planning, Budgeting and Performance Management Programme

Annexure B: Planning, Budgeting and Performance Management Programme Annexure B:, Budgeting Programme The following are key activities that need take place in more detail than Time frame Nature Period referred Start Finish 2012/09/01 /08/31 /or September /09/01 /09/26 August

More information

Zscaler Cloud Web Gateway Test

Zscaler Cloud Web Gateway Test Zscaler Cloud Web Gateway Test A test commissioned by Zscaler, Inc. and performed by AV-TEST GmbH. Date of the report: April15 th, 2016 Executive Summary In March 2016, AV-TEST performed a review of the

More information

Semiconductor Equipment Security: Virus Protection Guidelines

Semiconductor Equipment Security: Virus Protection Guidelines Semiconductor Equipment Security: Virus Protection Guidelines Harvey Wohlwend 512.356.7536 harvey.wohlwend ismi.sematech.org SEMATECH, the SEMATECH logo, AMRC, Advanced Materials Research Center, ATDF,

More information

ACTIVE MICROSOFT CERTIFICATIONS:

ACTIVE MICROSOFT CERTIFICATIONS: Last Activity Recorded : May 30, 2014 Microsoft Certification ID : 375009 SUSANNE SCHNEIDER KAISERSTRASSE 53 REUTLINGEN, 72764 DE SUSANNE.SCHNEIDER@KIT-KOM.DE *Charter- Certification that was achieved

More information

Speech and Language Therapy Service DRAFT

Speech and Language Therapy Service DRAFT Speech and Language Therapy Service DRAFT Key Achievements Staff training and consultation proving successful and a system for modelling speech and language support being developed Information Pack for

More information

Moon and Planet Visibility Diagrams

Moon and Planet Visibility Diagrams 6 and Planet Visibility Diagrams Magnitudes -8-6 -4-2 2 4 6 8 Phases of the South at midnight South at dusk South at dawn South at midnight Week commencing 1 Jan 4 J Jan - 4 6 8 1 1 14 16 18 2 24 26 28

More information

Moon and Planet Visibility Diagrams

Moon and Planet Visibility Diagrams 5 and Planet Visibility Diagrams Magnitudes -8-6 -4-2 2 4 6 8 Phases of the South at midnight South at dusk South at dawn South at midnight Week commencing 1 Jan 4 J Jan - -4 8 Jan 4 - -4 15 Jan 4 J Jan

More information

In accordance with risk management best practices, below describes the standard process for enterprise risk management (ERM), including:

In accordance with risk management best practices, below describes the standard process for enterprise risk management (ERM), including: Enterprise Risk Management Process and Procedures Scope In accordance with risk management best practices, below describes the standard process for enterprise risk management (ERM), including: Risk identification

More information

Incident Response. Proactive Incident Management. Sean Curran Director

Incident Response. Proactive Incident Management. Sean Curran Director Incident Response Proactive Incident Management Sean Curran Director Agenda Incident Response Overview 3 Drivers for Incident Response 5 Incident Response Approach 11 Proactive Incident Response 17 2 2013

More information

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and

More information

Cisco 4Q11. Global Threat Report

Cisco 4Q11. Global Threat Report Cisco 4Q11 Global Threat Report Contents Key Highlights 1 Introduction 2 Cisco ScanSafe: Web Malware Events 3 Cisco Intrusion Prevention System 5 Cisco IronPort: Global Spam Trends 6 About the Contributors

More information

Architectural Services Data Summary March 2011

Architectural Services Data Summary March 2011 Firms Typically Small in Size According to the latest U.S. Census Survey of Business Owners, majority of the firms under the description Architectural Services are less than 500 in staff size (99.78%).

More information

Analysis of SQL injection prevention using a proxy server

Analysis of SQL injection prevention using a proxy server Computer Science Honours 2005 Project Proposal Analysis of SQL injection prevention using a proxy server By David Rowe Supervisor: Barry Irwin Department of Computer

More information

12 months 4 quarters 1 goal

12 months 4 quarters 1 goal 12 months 4 quarters 1 goal You know you need to whip your digital marketing game into shape. But you also know budgets are tight. If you're ready to take your online marketing to the next level without

More information

Trust Informatics Policy. Information Governance Department. Computer Antivirus Management Policy

Trust Informatics Policy. Information Governance Department. Computer Antivirus Management Policy Document Control Trust Informatics Policy Information Governance Department Computer Antivirus Management Policy Document Title Author/Contact Computer Antivirus Management Policy Pauline Nordoff-Tate,

More information

RadBlue Load Tester Version 6. [Released: 09 DEC 2009]

RadBlue Load Tester Version 6. [Released: 09 DEC 2009] Version 6 [Released: 09 DEC 2009] In this release, we modified the database setup screen of the RLT installer to default to SQL server information (the recommended database). The Transcript has been modified

More information

2014 2015 University-Wide Academic Calendar

2014 2015 University-Wide Academic Calendar 2014 2015 University-Wide Academic Calendar Guide to Abbreviations UGD = Undergraduate Day GS = Graduate Schools LAW = School of Law CPS = College of Professional Studies Sunday Monday Tuesday Wednesday

More information

Cisco & Big Data Security

Cisco & Big Data Security Cisco & Big Data Security 巨 量 資 料 的 傳 輸 保 護 Joey Kuo Borderless Networks Manager hskuo@cisco.com The any-to-any world and the Internet of Everything is an evolution in connectivity and collaboration that

More information

Resource Management Spreadsheet Capabilities. Stuart Dixon Resource Manager

Resource Management Spreadsheet Capabilities. Stuart Dixon Resource Manager Resource Management Spreadsheet Capabilities Stuart Dixon Resource Manager Purpose Single view of resource data Shows rolling demand vs supply for 14 months, 2 months back, current month, and 11 forward

More information

ESSEX FIRE AUTHORITY Essex County Fire & Rescue Service

ESSEX FIRE AUTHORITY Essex County Fire & Rescue Service ESSEX FIRE AUTHORITY Essex County Fire & Rescue Service MEETING Policy & Strategy Committee AGENDA ITEM 7 MEETING DATE 25 March 2009 REPORT NUMBER SUBJECT REPORT BY Monitoring IT Transformation Progress

More information

Energy Savings from Business Energy Feedback

Energy Savings from Business Energy Feedback Energy Savings from Business Energy Feedback Behavior, Energy, and Climate Change Conference 2015 October 21, 2015 Jim Stewart, Ph.D. INTRODUCTION 2 Study Background Xcel Energy runs the Business Energy

More information

DNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS

DNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS DNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS December 2011 November saw DNS Poisoning, aka Pharming, making the headlines on more than one occasion: To name a few, the online threat

More information

PHISH LOCKERS OUT IN THE WILD

PHISH LOCKERS OUT IN THE WILD PHISH LOCKERS OUT IN THE WILD August 2013 RSA researchers have been increasingly witnessing the activity of highly targeted Trojans, dubbed Phish Lockers, used at the hands of cybercriminals to steal credentials.

More information

Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security

Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security Overview Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security Blackboard Collaborate web conferencing is available in a hosted environment and this document

More information

Centers of Academic Excellence in Cyber Security (CAE-C) Knowledge Units Review

Centers of Academic Excellence in Cyber Security (CAE-C) Knowledge Units Review Centers of Academic Excellence in Cyber Security (CAE-C) Knowledge Units Review Review Process The Knowledge Unit (KU) Review Calendar divides the entire CAE-C KU list into 12 months for the purposes of

More information

Reviews on your MechanicNet Website!

Reviews on your MechanicNet Website! Reviews on your MechanicNet Website SEPTEMBER April 2008 2010 Inside Lane: SEO MNG Updates Reviews on your MechanicNet Website! by Frank Renteria Your MechanicNet program has always provided the ability

More information

Choosing a Cell Phone Plan-Verizon

Choosing a Cell Phone Plan-Verizon Choosing a Cell Phone Plan-Verizon Investigating Linear Equations I n 2008, Verizon offered the following cell phone plans to consumers. (Source: www.verizon.com) Verizon: Nationwide Basic Monthly Anytime

More information

SEO Presentation. Asenyo Inc.

SEO Presentation. Asenyo Inc. SEO Presentation What is Search Engine Optimization? Search Engine Optimization (SEO) : PPC and Organic Results Pay Per Click Ads The means of achieving top search engine results without having to incur

More information

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.

More information

ACTIVE MICROSOFT CERTIFICATIONS:

ACTIVE MICROSOFT CERTIFICATIONS: Last Activity Recorded : October 29, 2014 Microsoft Certification ID : 6767 MAGNUS JUNGAKER GRANSVAGEN 4 SOLLENTUNA, Stockholm 19134 SE magnus@jungaker.net *Charter- Certification that was achieved within

More information

EMAIL ACCOUNT TAKEOVER TO IDENTITY TAKEOVER

EMAIL ACCOUNT TAKEOVER TO IDENTITY TAKEOVER EMAIL ACCOUNT TAKEOVER TO IDENTITY TAKEOVER March 2013 Phishing attacks are notorious for their potential harm to online banking and credit card users who may fall prey to phishers looking to steal information

More information

(General purpose) Program security. What does it mean for a pgm to be secure? Depends whom you ask. Takes a long time to break its security controls.

(General purpose) Program security. What does it mean for a pgm to be secure? Depends whom you ask. Takes a long time to break its security controls. (General purpose) Program security These ideas apply also to OS and DB. Read Chapter 3. What does it mean for a pgm to be secure? Depends whom you ask. Takes a long time to break its security controls.

More information

A SECURITY COMPARISON OF OPEN-SOURCE AND CLOSED- SOURCE OPERATING SYSTEMS

A SECURITY COMPARISON OF OPEN-SOURCE AND CLOSED- SOURCE OPERATING SYSTEMS A SECURITY COMPARISON OF OPEN-SOURCE AND CLOSED- SOURCE OPERATING SYSTEMS Kishen Iyengar Dept. of Information Systems and Operations Management, University of Texas at Arlington, Box 19437 University of

More information

Employers Compliance with the Health Insurance Act Annual Report 2015

Employers Compliance with the Health Insurance Act Annual Report 2015 Employers Compliance with the Health Insurance Act Annual Report 2015 ea Health Council Health Council: Employers Compliance with the Health Insurance Act 1970 Annual Report 2015 Contact us: If you would

More information