Computer Software Bugs and Other IT Threats to Critical Infrastructure: A Preliminary Set of Considerations for IT Governance
|
|
- Randolf Houston
- 8 years ago
- Views:
Transcription
1 Computer Software Bugs and Other IT Threats to Critical Infrastructure: A Preliminary Set of Considerations for IT Governance Presentation for the Seventh European Academic Conference on Internal Audit and Corporate Governance by Michael K. Lavine, Ph.D. Johns Hopkins University Information Security Institute and Georges M. Selim, Ph.D. Cass Business School 16 April 2009
2 Background Information Since President Clinton s administration in the 1990s, there have been a number of important initiatives in the USA to use Government and Web Information Systems to share information about IT Security/Information Assurance threats, risks, protection mechanisms and best practices With the growth of E-Commerce and IT systems, emphasis has been made to protect the critical infrastructures (e.g. banking, telecomm, emergency services etc.) of which approximately 90% in the USA is controlled by the private sector
3 Introduction and Background Tremendous growth of E-Commerce systems, networks, mobile devices and Internet connectivity all contributed to increased threats to IT security Various national Government initiatives in critical infrastructure protection and information sharing The focus of this project is on Software Bugs with additional information on viruses, trojans and exploit scripts as major areas of risk to organisations How can this research potentially impact IT governance and risk management?
4 Research Overview Methodology based on a Grounded Theory approach (Glaser and Strauss, 1967) Provides an ability to develop creative approaches to new areas of research This is a popular research methodology in the Information Systems field Data collection and analysis was based on secondary data from official U.S. government data sources supported by the FBI and DHS
5 Common IT Technical Risks Software Bugs Viruses Trojans Exploit Scripts Other Types of Computer Malware Denial of Service Web Site Defacements Plus a Growing Range of Emerging Techniques (i.e. Phishing, Botnets, Crimeware, Scareware)
6 Descriptive Data Summary: Bugs Exploit Scripts Viruses Trojans Freq. Perc. Freq. Perc. Freq. Perc. Freq. Perc. Year , , , , , , , , , Total 6, , , ,
7 Software Bugs Software Bugs are errors in a computer program (i.e. operating systems or application software) which causes the program to not perform as intended. Most software bugs are attributable to the software source code and result in design or compilers processing errors. Normally, computer programmers use a variety of techniques referred to as de-bugging to perform quality assurance and other tests on the software code. Some common types of software bugs are: buffer overflows, race condition errors, memory leaks and stack errors.
8 Software Bugs: Total Bugs Reported by Month Dec-03 Nov-03 Oct-03 Sep-03 Aug-03 Jul-03 Jun-03 May-03 Apr-03 Mar-03 Feb-03 Jan-03 Dec-02 Nov-02 Oct-02 Sep-02 Aug-02 Jul-02 Jun-02 May-02 Apr-02 Mar-02 Feb-02 Jan-02 Dec-01 Nov-01 Oct-01 Sep-01 Aug-01 Jul-01 Jun-01 May-01 Apr-01 Mar-01 Feb-01 Jan-01 Dec-00 Nov-00 Oct-00 Sep-00 Aug-00 Jul-00 Jun-00 May-00 Apr-00 Mar-00 Feb-00 Jan New Bugs Month Updated Bugs Number of Reported Items
9 Critical Software Bugs by Risk Classification: Study Period High Medium Low All Other Total Freq. Percent. Freq. Percent. Freq. Percent. Freq. Percent. Freq. Percent. Q % % % % % Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Total 2, % 2, % 1, % % 6, % Percent of Total 40.50% 31.62% 16.12% 11.76% %
10 Critical Bugs by Vulnerability Type: in Rank Order Vulnerability Type Ranking Buffer Overflow 1 Denial of Service 2 Multiple Vulnerabilities 3 General Security 4 Password 5 Unauthorised Access 6 Remote Access 7 Directory Transversal 8 Race Condition 9 Web Server IIS 10 Root Access Format String 13
11 Exploit Scripts Exploit Scripts are purpose built program scripts or small sets/sequences of commands that attack specific vulnerabilities in computer software (Adapted from Karestand, 2003). Sometimes these can be generated by computer code generators (Thompson, 2002). Currently, common scripting languages include PERL, Visual Basic and Java Script.
12 Exploit Scripts: Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Frequency Percentage Study Quarter Number of Reported Cases Percentage
13 Viruses Viruses are a common form of malware and were studied early on by many computer science researchers. Karestand (2003, p. 42) quoting earlier researchers, defines a computer virus, as a computer program that is able to replicate by attaching itself to other computer programs in some way. Furthermore, the program the virus attaches to is called a host or victim program.
14 Frequency 6 Percent Q Viruses: Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Study Quarter Number of Reported Items Percentage
15 Trojans Trojans derive their name from the Trojan Horses of ancient times. This type of malware can pretend to be a piece of legitimate (e.g. trusted) software, but develops into a destructive mechanism or function that can be activated. Often this is done by a remote user such as a hacker, criminal organisation or terrorist group.
16 Trojans: Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Frequency Percentage Study Quarter Number of Reported Cases Percentage
17 Research Hypothesis No. 1 H1: There is a defined correlation between the new critical software bugs detailed in the NIPC s CyberNotes newsletters and the general number of new software bugs identified by the U.S. Computer Emergency Response Team/Coordination Centre (CERT/CC) and the U.S. National Institute of Standards and Technology (NIST).
18 Hypothesis No. 1 - Results Software Bugs Correlation Analysis Panel A: Pearson Correlation Coefficients (N=48) CERT/CC BUGS NIST BUGS BUGS p = p = Panel B: Spearman Rank Correlation Coefficients (N=48) CERT/CC BUGS NIST BUGS BUGS p = p = Result: The new critical software bugs are correlated to the CERT/CC Bugs, but there is no association of these same bugs to the NIST software bugs.
19 Research Hypothesis No. 2 H2: There is a defined correlation between the number of critical computer viruses detailed in the NIPC s CyberNotes newsletters and the general number of computer viruses found in the wild.
20 Hypothesis No. 2 - Results Computer Viruses Correlation Analysis Panel A: Pearson Correlation Coefficients (N=48) VIRUSES IN THE WILD VIRUSES p = Panel B: Spearman Rank Correlation Coefficients (N=48) VIRUSES IN THE WILD VIRUSES p = Result: No linear relationship was observed.
21 Possible Considerations for IT Governance 1. Board of Directors concerns and understanding of IT Security? Furthermore, what are their roles and responsibilities in this area? 2. Management has serious concerns about IT Threats and Risks (supported by various Big Four surveys), how does Internal Audit assist in this area from a risk management perspective? 3. Role of Internal Audit in IT Governance activities; more specifically how it relates to IT Security 4. What reporting measures can be developed to improve IT Governance? And can these measures be used in modeling and metric development?
22 Suggestions for Future Research 1. Assess the potential extensions of existing control frameworks to include more information about IT Security Threat reporting 2. Conduct a comparative international study 3. Expand statistical testing and modeling with the use of additional study variables for different threats
23 Questions and Feedback
AT&T Global Network Client for Windows Product Support Matrix January 29, 2015
AT&T Global Network Client for Windows Product Support Matrix January 29, 2015 Product Support Matrix Following is the Product Support Matrix for the AT&T Global Network Client. See the AT&T Global Network
More informationCOMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*
COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) 2 Fixed Rates Variable Rates FIXED RATES OF THE PAST 25 YEARS AVERAGE RESIDENTIAL MORTGAGE LENDING RATE - 5 YEAR* (Per cent) Year Jan Feb Mar Apr May Jun
More informationCOMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*
COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) 2 Fixed Rates Variable Rates FIXED RATES OF THE PAST 25 YEARS AVERAGE RESIDENTIAL MORTGAGE LENDING RATE - 5 YEAR* (Per cent) Year Jan Feb Mar Apr May Jun
More informationAnalysis One Code Desc. Transaction Amount. Fiscal Period
Analysis One Code Desc Transaction Amount Fiscal Period 57.63 Oct-12 12.13 Oct-12-38.90 Oct-12-773.00 Oct-12-800.00 Oct-12-187.00 Oct-12-82.00 Oct-12-82.00 Oct-12-110.00 Oct-12-1115.25 Oct-12-71.00 Oct-12-41.00
More informationCase 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138. Exhibit 8
Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138 Exhibit 8 Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 2 of 138 Domain Name: CELLULARVERISON.COM Updated Date: 12-dec-2007
More informationEnhanced Vessel Traffic Management System Booking Slots Available and Vessels Booked per Day From 12-JAN-2016 To 30-JUN-2017
From -JAN- To -JUN- -JAN- VIRP Page Period Period Period -JAN- 8 -JAN- 8 9 -JAN- 8 8 -JAN- -JAN- -JAN- 8-JAN- 9-JAN- -JAN- -JAN- -JAN- -JAN- -JAN- -JAN- -JAN- -JAN- 8-JAN- 9-JAN- -JAN- -JAN- -FEB- : days
More informationDeep Security/Intrusion Defense Firewall - IDS/IPS Coverage Statistics and Comparison
Deep Security/Intrusion Defense Firewall - IDS/IPS Trend Micro, Incorporated A technical brief summarizing vulnerability coverage provided by Deep Security and Intrusion Defense Firewall. The document
More informationVulnerability Assessment & Compliance
www.pwc.com Vulnerability Assessment & Compliance August 3 rd, 2011 Building trust through Information security* Citizen-Centric egovernment state Consultantion workshop Agenda VAPT What and Why Threats
More informationDeep Security Intrusion Detection & Prevention (IDS/IPS) Coverage Statistics and Comparison
Deep Security Intrusion Detection & Prevention (IDS/IPS) Trend Micro, Incorporated A technical brief summarizing vulnerability coverage provided by Deep Security. The document also outlines a comparison
More informationA!Team!Cymru!EIS!Report:!Growing!Exploitation!of!Small! OfCice!Routers!Creating!Serious!Risks!
ATeamCymruEISReport:GrowingExploitationofSmall OfCiceRoutersCreatingSeriousRisks PoweredbyTeamCymru sthreatintelligencegroup Page 1of 14www.team-cymru.com www.team-cymru.com Threat'Intelligence'Group EXECUTIVE
More informationAshley Institute of Training Schedule of VET Tuition Fees 2015
Ashley Institute of Training Schedule of VET Fees Year of Study Group ID:DECE15G1 Total Course Fees $ 12,000 29-Aug- 17-Oct- 50 14-Sep- 0.167 blended various $2,000 CHC02 Best practice 24-Oct- 12-Dec-
More informationCurrent counter-measures and responses by CERTs
Current counter-measures and responses by CERTs Jeong, Hyun Cheol hcjung@kisa.or.kr April. 2007 Contents I. Malware Trends in Korea II. Malware from compromised Web sites III. Case Study : Malware countermeasure
More informationUsing big data analytics to identify malicious content: a case study on spam emails
Using big data analytics to identify malicious content: a case study on spam emails Mamoun Alazab & Roderic Broadhurst Mamoun.alazab@anu.edu.au http://cybercrime.anu.edu.au 2 Outline Background Cybercrime
More informationDragonfly: Energy Companies Under Sabotage Threat Symantec Security Response
Dragonfly: Energy Companies Under Sabotage Threat Symantec Security Response Dragonfly: Western Energy Companies Under Sabotage Threat 1 What is Dragonfly? Ongoing cyberespionage campaign Targeting the
More informationCENTERPOINT ENERGY TEXARKANA SERVICE AREA GAS SUPPLY RATE (GSR) JULY 2015. Small Commercial Service (SCS-1) GSR
JULY 2015 Area (RS-1) GSR GSR (LCS-1) Texarkana Incorporated July-15 $0.50690/Ccf $0.45450/Ccf $0.00000/Ccf $2.85090/MMBtu $17.52070/MMBtu Texarkana Unincorporated July-15 $0.56370/Ccf $0.26110/Ccf $1.66900/Ccf
More informationComputing & Telecommunications Services Monthly Report March 2015
March 215 Monthly Report Computing & Telecommunications Services Monthly Report March 215 CaTS Help Desk (937) 775-4827 1-888-775-4827 25 Library Annex helpdesk@wright.edu www.wright.edu/cats/ Last Modified
More information2015-16 BCOE Payroll Calendar. Monday Tuesday Wednesday Thursday Friday Jun 29 30 Jul 1 2 3. Full Force Calc
July 2015 CM Period 1501075 July 2015 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 August 2015 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
More informationBUGAT TROJAN JOINS THE MOBILE REVOLUTION
BUGAT TROJAN JOINS THE MOBILE REVOLUTION June 2013 RSA researchers analyzing Bugat Trojan attacks have recently learned that Bugat s developers managed to develop and deploy mobile malware designed to
More informationConsumer ID Theft Total Costs
Billions Consumer and Business Identity Theft Statistics Business identity (ID) theft is a growing crime and is a growing concern for state filing offices. Similar to consumer ID theft, after initially
More informationDetailed guidance for employers
April 2015 3 Detailed guidance for employers Appendix A: Pay reference periods This document accompanies: Detailed guidance no. 3 Assessing the workforce Pay reference period calendars where the definition
More informationSummary of the State of Security
Summary of the State of Security Tram Jewett, CISA CliftonLarsonAllen LLP Virginia GFOA Annual Spring Conference, 2016 1 1 Summary of the State of Security Tram Jewett, MS., CISA, 11 years IT audit and
More informationP/T 2B: 2 nd Half of Term (8 weeks) Start: 25-AUG-2014 End: 19-OCT-2014 Start: 20-OCT-2014 End: 14-DEC-2014
2014-2015 SPECIAL TERM ACADEMIC CALENDAR FOR SCRANTON EDUCATION ONLINE (SEOL), MBA ONLINE, HUMAN RESOURCES ONLINE, NURSE ANESTHESIA and ERP PROGRAMS SPECIAL FALL 2014 TERM Key: P/T = Part of Term P/T Description
More informationP/T 2B: 2 nd Half of Term (8 weeks) Start: 26-AUG-2013 End: 20-OCT-2013 Start: 21-OCT-2013 End: 15-DEC-2013
2013-2014 SPECIAL TERM ACADEMIC CALENDAR FOR SCRANTON EDUCATION ONLINE (SEOL), MBA ONLINE, HUMAN RESOURCES ONLINE, NURSE ANESTHESIA and ERP PROGRAMS SPECIAL FALL 2013 TERM Key: P/T = Part of Term P/T Description
More informationP/T 2B: 2 nd Half of Term (8 weeks) Start: 24-AUG-2015 End: 18-OCT-2015 Start: 19-OCT-2015 End: 13-DEC-2015
2015-2016 SPECIAL TERM ACADEMIC CALENDAR For Scranton Education Online (SEOL), Masters of Business Administration Online, Masters of Accountancy Online, Health Administration Online, Health Informatics
More information10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)
1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction
More informationPHISHING IN SEASON TAX TIME MALWARE, PHISHING AND FRAUD
PHISHING IN SEASON TAX TIME MALWARE, PHISHING AND FRAUD April 2013 As cybercriminals will have it, phishing attacks are quite the seasonal trend. It seems that every April, after showing a slight decline
More informationACTIVE MICROSOFT CERTIFICATIONS:
Last Activity Recorded : May 30, 2014 Microsoft Certification ID : 375009 SUSANNE SCHNEIDER KAISERSTRASSE 53 REUTLINGEN, 72764 DE SUSANNE.SCHNEIDER@KIT-KOM.DE *Charter- Certification that was achieved
More informationMeasuring and Monitoring Customer Experience
Measuring and Monitoring Experience Tom Exeter Sales, Marketing & Experience Executive Sport & Physical Activity, Commercial Services, University of Leeds Background to our organisation. The department
More informationCAFIS REPORT 2015.10
CAFIS REPORT 2015.10 INDEX Message CAFIS Inbound 03-06 07-08 CAFIS Arch 09-10 CAFIS Brain 11-12 CAFIS Global 13-14 What We Do 15-16 About CAFIS 17-18 Services for Member Stores 19-34 Services for Card
More informationGovernment proposals to reform vocational qualifications for 16-19 year olds in England
Government proposals to reform vocational qualifications for 16-19 year olds in England A consultation published by the Department for Education (DfE) on 7 th March 2013 What reforms does the consultation
More informationDeep Security Vulnerability Protection Summary
Deep Security Vulnerability Protection Summary Trend Micro, Incorporated This documents outlines the process behind rules creation and answers common questions about vulnerability coverage for Deep Security
More informationE-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications
Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html
More informationEvolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance
Evolving Threats and Attacks: A Cloud Service Provider s viewpoint John Howie Senior Director Online Services Security and Compliance Introduction Microsoft s Cloud Infrastructure Evolution of Threats
More informationAgriLife Information Technology IT General Session January 2010
AgriLife Information Technology IT General Session January 2010 Agenda Topics Year in Review Enterprise IT Services Update FirstCall Overview and Next Steps Sophos Antivirus Initiative Update Information/
More informationDomain Name Abuse Detection. Liming Wang
Domain Name Abuse Detection Liming Wang Outline 1 Domain Name Abuse Work Overview 2 Anti-phishing Research Work 3 Chinese Domain Similarity Detection 4 Other Abuse detection ti 5 System Information 2 Why?
More informationThe dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more
The dramatic growth in mobile device malware continues to escalate at an ever-accelerating pace. These threats continue to become more sophisticated while the barrier to entry remains low. As specific
More informationBuilding The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord
Building The Human Firewall Andy Sawyer, CISM, C CISO Director of Security Locke Lord Confidentiality, Integrity, Availability Benchmarks of Cybersecurity: Confidentiality Information is protected against
More information2016 Examina on dates
Please note the following informa on: The following exams are available throughout the year: Please click on the exam for which you wish to see the dates. When you have finished, you can select to return
More informationProtect Yourself in the Cloud Age
Protect Yourself in the Cloud Age Matthew Wu Consultant Hong Kong Computer Emergency Response Team Coordination Centre About HKCERT HKCERT ( 香 港 電 腦 保 安 事 故 協 調 中 心 ) Established in 2001 Funding & Operation
More informationAgenda. John Veldhuis, Sophos The playing field Threats Mobile Device Management. Pagina 2
Mobile Security Agenda John Veldhuis, Sophos The playing field Threats Mobile Device Management Pagina 2 The Changing Mobile World Powerful devices Access everywhere Mixed ownership User in charge Powerful
More informationDNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS
DNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS December 2011 November saw DNS Poisoning, aka Pharming, making the headlines on more than one occasion: To name a few, the online threat
More information2015 Examination dates
Please note the following information: The following exams are available throughout the year: BULATS Paper-based: Please click on the exam for which you wish to see the dates. When you have finished, you
More informationCost effective methods of test environment management. Prabhu Meruga Director - Solution Engineering 16 th July SCQAA Irvine, CA
Cost effective methods of test environment management Prabhu Meruga Director - Solution Engineering 16 th July SCQAA Irvine, CA 2013 Agenda Basic complexity Dynamic needs for test environments Traditional
More informationHow To Get A Certificate From Ms.Net For A Server Server
Last Activity Recorded : December 19, 2014 Microsoft Certification ID : 2665612 MARC GROTE Wittorfer Strasse 4 Bardowick, Lower Saxony 21357 DE grotem@it-training-grote.de ACTIVE MICROSOFT CERTIFICATIONS:
More informationCertification Programs
Certification Programs 2014 The SBS Institute serves community banks by providing educational programs that will certify a banker has the knowledge and skills to protect against todays information security
More informationAddiction and Prevention Services State Quality Committee
This report shows the detail of how many claims were processed by ValueOptions each month, the timeframe for processing and the percentage of claims processed that denied. AGGREGATE ANALYSIS REPORT Final
More informationTrimble Navigation Limited (NasdaqGS:TRMB) > Public Ownership > Officials' Trading
Trimble Navigation Limited (NasdaqGS:TRMB) > Public Ownership > Officials' Trading Individual Trades Holder Name Trade Date Range Transacted Shares Transaction Value (USD) Transaction Type Price Range
More informationZscaler Cloud Web Gateway Test
Zscaler Cloud Web Gateway Test A test commissioned by Zscaler, Inc. and performed by AV-TEST GmbH. Date of the report: April15 th, 2016 Executive Summary In March 2016, AV-TEST performed a review of the
More informationIncident Response. Proactive Incident Management. Sean Curran Director
Incident Response Proactive Incident Management Sean Curran Director Agenda Incident Response Overview 3 Drivers for Incident Response 5 Incident Response Approach 11 Proactive Incident Response 17 2 2013
More informationTrust Informatics Policy. Information Governance Department. Computer Antivirus Management Policy
Document Control Trust Informatics Policy Information Governance Department Computer Antivirus Management Policy Document Title Author/Contact Computer Antivirus Management Policy Pauline Nordoff-Tate,
More informationRadBlue Load Tester Version 6. [Released: 09 DEC 2009]
Version 6 [Released: 09 DEC 2009] In this release, we modified the database setup screen of the RLT installer to default to SQL server information (the recommended database). The Transcript has been modified
More informationCITADEL TROJAN OUTGROWING ITS ZEUS ORIGINS
CITADEL TROJAN OUTGROWING ITS ZEUS ORIGINS May 2012 As of April 30th, 2012 the Citadel Trojan was at its fourth upgrade with Version 1.3.4.0 already in the hands of its customers. Citadel s features, bug
More informationCisco & Big Data Security
Cisco & Big Data Security 巨 量 資 料 的 傳 輸 保 護 Joey Kuo Borderless Networks Manager hskuo@cisco.com The any-to-any world and the Internet of Everything is an evolution in connectivity and collaboration that
More informationSpeech and Language Therapy Service DRAFT
Speech and Language Therapy Service DRAFT Key Achievements Staff training and consultation proving successful and a system for modelling speech and language support being developed Information Pack for
More informationCisco 4Q11. Global Threat Report
Cisco 4Q11 Global Threat Report Contents Key Highlights 1 Introduction 2 Cisco ScanSafe: Web Malware Events 3 Cisco Intrusion Prevention System 5 Cisco IronPort: Global Spam Trends 6 About the Contributors
More informationSpine Warranted Environment Specification
Spine Warranted Environment Specification 2015 Richard Trusson June 2015 1 Copyright 2015, Health and Social Care Information Centre. Contents Introduction 3 Scope 3 Intended Audience 4 Approach 4 Changes
More informationBlackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security
Overview Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security Blackboard Collaborate web conferencing is available in a hosted environment and this document
More informationBased on Chapter 11, Excel 2007 Dashboards & Reports (Alexander) and Create Dynamic Charts in Microsoft Office Excel 2007 and Beyond (Scheck)
Reporting Results: Part 2 Based on Chapter 11, Excel 2007 Dashboards & Reports (Alexander) and Create Dynamic Charts in Microsoft Office Excel 2007 and Beyond (Scheck) Bullet Graph (pp. 200 205, Alexander,
More informationBROMSGROVE DISTRICT COUNCIL PERFORMANCE MANAGEMENT BOARD 16 DECEMBER 2008 PERFORMANCE MANAGEMENT BOARD PROPOSED PROGRAMME 2008/09
BROMSGROVE DISTRICT COUNCIL PERFORMANCE MANAGEMENT BOARD 16 DECEMBER 2008 PERFORMANCE MANAGEMENT BOARD PROPOSED PROGRAMME 2008/09 Responsible Member Responsible Head of Service Councillor - James Duddy,
More informationHow To Get Rid Of A Phish Locker On A Computer (For A Bank)
PHISH LOCKERS OUT IN THE WILD August 2013 RSA researchers have been increasingly witnessing the activity of highly targeted Trojans, dubbed Phish Lockers, used at the hands of cybercriminals to steal credentials.
More informationResource Management Spreadsheet Capabilities. Stuart Dixon Resource Manager
Resource Management Spreadsheet Capabilities Stuart Dixon Resource Manager Purpose Single view of resource data Shows rolling demand vs supply for 14 months, 2 months back, current month, and 11 forward
More informationCHILDREN AND YOUNG PEOPLE'S PLAN: PLANNING AND PERFORMANCE MANAGEMENT STRATEGY
CHILDREN AND YOUNG PEOPLE'S PARTNERSHIP BOARD CHILDREN AND YOUNG PEOPLE'S PLAN: PLANNING AND PERFORMANCE MANAGEMENT STRATEGY 1 Introduction 1.1 The purposes of this strategy are to set out: i) the arrangements
More informationChoosing a Cell Phone Plan-Verizon
Choosing a Cell Phone Plan-Verizon Investigating Linear Equations I n 2008, Verizon offered the following cell phone plans to consumers. (Source: www.verizon.com) Verizon: Nationwide Basic Monthly Anytime
More informationPenetration Testing Service. By Comsec Information Security Consulting
Penetration Testing Service By Consulting February, 2007 Background The number of hacking and intrusion incidents is increasing year by year as technology rolls out. Equally, there is no hiding place your
More informationWeb Application Report
Web Application Report This report includes important security information about your Web Application. Security Report This report was created by IBM Rational AppScan 8.5.0.1 11/14/2012 8:52:13 AM 11/14/2012
More informationEnergy Savings from Business Energy Feedback
Energy Savings from Business Energy Feedback Behavior, Energy, and Climate Change Conference 2015 October 21, 2015 Jim Stewart, Ph.D. INTRODUCTION 2 Study Background Xcel Energy runs the Business Energy
More informationEmployers Compliance with the Health Insurance Act Annual Report 2015
Employers Compliance with the Health Insurance Act Annual Report 2015 ea Health Council Health Council: Employers Compliance with the Health Insurance Act 1970 Annual Report 2015 Contact us: If you would
More informationCyber Security Metrics Dashboards & Analytics
Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics
More information(General purpose) Program security. What does it mean for a pgm to be secure? Depends whom you ask. Takes a long time to break its security controls.
(General purpose) Program security These ideas apply also to OS and DB. Read Chapter 3. What does it mean for a pgm to be secure? Depends whom you ask. Takes a long time to break its security controls.
More informationACTIVE MICROSOFT CERTIFICATIONS:
Last Activity Recorded : August 30, 2012 Microsoft Certification ID : 30999 BERT VAN HOVE BARON EMPAINLAAN 68 MECHELEN, 2800 BE bert@road2result.be ACTIVE MICROSOFT CERTIFICATIONS: Microsoft Certified
More informationCMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis
CMSC 421, Operating Systems. Fall 2008 Security Dr. Kalpakis URL: http://www.csee.umbc.edu/~kalpakis/courses/421 Outline The Security Problem Authentication Program Threats System Threats Securing Systems
More informationWhen a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.
Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.
More informationArchitectural Services Data Summary March 2011
Firms Typically Small in Size According to the latest U.S. Census Survey of Business Owners, majority of the firms under the description Architectural Services are less than 500 in staff size (99.78%).
More informationEMAIL ACCOUNT TAKEOVER TO IDENTITY TAKEOVER
EMAIL ACCOUNT TAKEOVER TO IDENTITY TAKEOVER March 2013 Phishing attacks are notorious for their potential harm to online banking and credit card users who may fall prey to phishers looking to steal information
More informationDepartment of Public Welfare (DPW)
Department of Public Welfare (DPW) Office of Income Maintenance Electronic Benefits Transfer Card Risk Management Report Out-of-State Residency Review FISCAL YEAR 2012-2013 June 2013 (March, April and
More informationAccident & Emergency Department Clinical Quality Indicators
Overview This dashboard presents our performance in the new A&E clinical quality indicators. These 8 indicators will allow you to see the quality of care being delivered by our A&E department, and reflect
More informationA Comparative Study on the Performance of ULIPs Offered by the Selected Insurance Companies-A Study in Indian Capital Markets
A Comparative Study on the Performance of ULIPs Offered by the Selected Insurance Companies-A Study in Indian Capital Markets 1 Mr Kantesha Sanningammanavara Research Scholar, BMS College of Engineering,Bangalore.
More informationAnalysis of SQL injection prevention using a proxy server
Computer Science Honours 2005 Project Proposal Analysis of SQL injection prevention using a proxy server By David Rowe Supervisor: Barry Irwin Department of Computer
More informationACTIVE MICROSOFT CERTIFICATIONS:
Last Activity Recorded : August 04, 2011 Microsoft Certification ID : 483228 KENT NORDSTROM Asbergsvagen 27 Soderhamn, 82637 SW kent@xpservices.se ACTIVE MICROSOFT CERTIFICATIONS: Microsoft Certified Solutions
More informationMicrosoft Security Intelligence Report
Microsoft Security Intelligence Report Volume 16 July through December, 2013 Key Findings Summary This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY,
More informationESSEX FIRE AUTHORITY Essex County Fire & Rescue Service
ESSEX FIRE AUTHORITY Essex County Fire & Rescue Service MEETING Policy & Strategy Committee AGENDA ITEM 7 MEETING DATE 25 March 2009 REPORT NUMBER SUBJECT REPORT BY Monitoring IT Transformation Progress
More informationAnnexure B: Planning, Budgeting and Performance Management Programme
Annexure B:, Budgeting Programme The following are key activities that need take place in more detail than Time frame Nature Period referred Start Finish 2012/09/01 /08/31 /or September /09/01 /09/26 August
More information12 months 4 quarters 1 goal
12 months 4 quarters 1 goal You know you need to whip your digital marketing game into shape. But you also know budgets are tight. If you're ready to take your online marketing to the next level without
More informationPenetration Testing. How Government Can Achieve Better Outcomes. Delivered by Murray Goldschmidt, Chief Operating Officer
Penetration Testing How Government Can Achieve Better Outcomes Delivered by Murray Goldschmidt, Chief Operating Officer Cyber Security for Government Conference, 25&26 October 2011, Sydney Compliance,
More informationNEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT
Appendix A to 11-02-P1-NJOIT NJ OFFICE OF INFORMATION TECHNOLOGY P.O. Box 212 www.nj.gov/it/ps/ 300 Riverview Plaza Trenton, NJ 08625-0212 NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT The Intent
More information2014 2015 University-Wide Academic Calendar
2014 2015 University-Wide Academic Calendar Guide to Abbreviations UGD = Undergraduate Day GS = Graduate Schools LAW = School of Law CPS = College of Professional Studies Sunday Monday Tuesday Wednesday
More informationEaster Seals Central Texas Programs Outcome Profiles Monthly and Year to Date FY 2011 85% 87% 80% 80% 84% 84% 83%
I. Outcomes Indicators for individuals receiving services: (Service Delivery Effectiveness) 85% 87% 80% 80% 84% 84% 83% A. Access Sep 10 Oct 10 Nov 10 YTD Dec 10 Jan 11 Feb 11 YTD Mar 11 Apr 11 May 11
More informationExecutive Summary. McAfee Labs Threats Report: Third Quarter 2013
Executive Summary McAfee Labs Threats Report: Third Quarter Although summer can be a relatively slow season for cybercriminal activity (even the bad guys need a break occasionally), the third quarter of
More informationGOVERNING BODY MEETING held in public 29 July 2015 Agenda Item 4.4
GOVERNING BODY MEETING held in public 29 July 2015 Agenda Item 4.4 APPENDIX A Strategic Planning Process 2016/17 Strategic Planning Process 2016/17 Interlocking processes 5 Year strategic process: reviewed
More informationA SECURITY COMPARISON OF OPEN-SOURCE AND CLOSED- SOURCE OPERATING SYSTEMS
A SECURITY COMPARISON OF OPEN-SOURCE AND CLOSED- SOURCE OPERATING SYSTEMS Kishen Iyengar Dept. of Information Systems and Operations Management, University of Texas at Arlington, Box 19437 University of
More informationSEO Presentation. Asenyo Inc.
SEO Presentation What is Search Engine Optimization? Search Engine Optimization (SEO) : PPC and Organic Results Pay Per Click Ads The means of achieving top search engine results without having to incur
More informationNHS BLOOD AND TRANSPLANT MARCH 2009 RESPONDING EFFECTIVELY TO BLOOD DONOR FEEDBACK
09/26 NHS BLOOD AND TRANSPLANT MARCH 2009 RESPONDING EFFECTIVELY TO BLOOD DONOR FEEDBACK EXECUTIVE SUMMARY From April 2009 an NHS wide common approach to complaint handling comes in to effect. This provides
More informationSage ERP MAS 90, 200, 200 SQL, and Sage ERP MAS 500. Supported Versions
Sage ERP MAS 90, 200, 200 SQL, and Sage ERP MAS 500 Supported Versions Current Document: 2012... Page 1 Earlier Documents: 2011... Page 2 2010... Page 3 2009... Page 4 2008... Page 5 Sage ERP MAS 90, 200,
More informationRelease of the Draft Cybersecurity Procurement Language for Energy Delivery Systems
Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems Energy Sector Control Systems Working Group Supporting the Electricity Sector Coordinating Council, Oil & Natural Gas
More informationComputer Ethics. (Ethics) Ethics in Computer System (COMPUTER ETHICS AND COMPUTER SECURITY) Computer Ethics and Computer Security
3 (COMPUTER ETHICS AND COMPUTER SECURITY) (Ethics) 4 Computer Ethics 2 Ethics in Computer System 4 Issues in Information Ethics* Consequences of Ethical Issues 5 6 *Richard O. Mason, Four Ethical Issues
More informationCoordination and air quality monitoring during emergencies. Colin Powlesland Environment Agency
Coordination and air quality monitoring during emergencies Colin Powlesland Environment Agency Contents h Introduction h What do we want to achieve? h Implementation programme h Incident timeline h Proposed
More informationImproving Software Security at the. Source
Improving Software Security at the Source Greg Snyder Privacy & Security RIT January 28, 2006 Abstract While computer security has become a major focus of information technology professionals due to patching
More informationCenters of Academic Excellence in Cyber Security (CAE-C) Knowledge Units Review
Centers of Academic Excellence in Cyber Security (CAE-C) Knowledge Units Review Review Process The Knowledge Unit (KU) Review Calendar divides the entire CAE-C KU list into 12 months for the purposes of
More informationEnd of Life Content Report November 2014. Produced By The NHS Choices Reporting Team CH.NHSChoices-Reporting@nhs.net
End of Life Content Report November 2014 Produced By The NHS Choices Reporting Team CH.NHSChoices-Reporting@nhs.net End of Life Dashboard Page 1 Overall Choices Site Visits Tag cloud showing end of life
More information