Friday, August 29, 2008
Tuesday, August 26, 2008
Sunday, August 24, 2008
RP can’t do without policy on data privacy, security
http://www.mb.com.ph/INFO20080826133382.html
Under no circumstances can the Philippines compete, let alone thrive, in the lucrative outsourcing market and the global marketplace without a fool-proof policy on data protection and security.
This was the clear message sent out by participants in a recent conference dubbed "Mapping the Future of Information Security Forum" organized by the Information Systems Security Society of the Philippines (ISSSP) at a hotel in Makati City.
Anthony Tuason, a director at consultancy firm PriceWaterhouseCoopers, said during his presentation that IT companies, most especially those in the BPO sector, cannot possibly institute "IT governance" — the process of using technology as to management tool to run an organization — in the workplace if security is being disregarded.
"Innovation, value, and performance can be derived from IT governance (and) data privacy and security is one area that helps organizations achieve their IT governance objectives," Tuason said.
Local BPO firms have a huge stake in this issue, Tuason said. "A company must understand both the impact of laws of the country where data originates and the laws of the Philippines where data is processed. Responsibility for compliance with the originating countries’ laws will rest with the company.’
Industry groups such as the Business Processing Association of the Philippines (BPAP) and Philippine Internet Commerce Society (PICS) have urged the government to pass a law governing data privacy and security.
The BPAP has actually partnered with the Commission on Information and Communications Technology (CICT) for a Technical Working Group (TWG) composed of representatives from the private and public sectors that would look into the pending bills on data privacy and security.
The BPAP said that aside from pushing for the passage of the bills, it also would work for the appointment of a "privacy commissioner" who will act as the primary protector of data privacy rights against misuse and abuse by individuals, private organizations, and even the government.
According to the National Cybersecurity Coordinator Virtus Gil, who was also a speaker during the ISSSP confab, the government has already laid down a strategy for national cybersecurity, which deals mostly to security threats against the country.
The program, Gil said, has three goals: to reinforce current policy and operational measures to reduce vulnerability in the cyberspace under Philippine jurisdiction; to nurture a culture of cyber security amongst users and critical sectors; and to strengthen self-reliance in terms of information security technologies and human resources.
Buhay pa pala ISSSP?
We have a National Cybersecurity Coordinator?
Under no circumstances can the Philippines compete, let alone thrive, in the lucrative outsourcing market and the global marketplace without a fool-proof policy on data protection and security.
This was the clear message sent out by participants in a recent conference dubbed "Mapping the Future of Information Security Forum" organized by the Information Systems Security Society of the Philippines (ISSSP) at a hotel in Makati City.
Anthony Tuason, a director at consultancy firm PriceWaterhouseCoopers, said during his presentation that IT companies, most especially those in the BPO sector, cannot possibly institute "IT governance" — the process of using technology as to management tool to run an organization — in the workplace if security is being disregarded.
"Innovation, value, and performance can be derived from IT governance (and) data privacy and security is one area that helps organizations achieve their IT governance objectives," Tuason said.
Local BPO firms have a huge stake in this issue, Tuason said. "A company must understand both the impact of laws of the country where data originates and the laws of the Philippines where data is processed. Responsibility for compliance with the originating countries’ laws will rest with the company.’
Industry groups such as the Business Processing Association of the Philippines (BPAP) and Philippine Internet Commerce Society (PICS) have urged the government to pass a law governing data privacy and security.
The BPAP has actually partnered with the Commission on Information and Communications Technology (CICT) for a Technical Working Group (TWG) composed of representatives from the private and public sectors that would look into the pending bills on data privacy and security.
The BPAP said that aside from pushing for the passage of the bills, it also would work for the appointment of a "privacy commissioner" who will act as the primary protector of data privacy rights against misuse and abuse by individuals, private organizations, and even the government.
According to the National Cybersecurity Coordinator Virtus Gil, who was also a speaker during the ISSSP confab, the government has already laid down a strategy for national cybersecurity, which deals mostly to security threats against the country.
The program, Gil said, has three goals: to reinforce current policy and operational measures to reduce vulnerability in the cyberspace under Philippine jurisdiction; to nurture a culture of cyber security amongst users and critical sectors; and to strengthen self-reliance in terms of information security technologies and human resources.
Buhay pa pala ISSSP?
We have a National Cybersecurity Coordinator?
Red Hat servers breached
https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html
http://rhn.redhat.com/errata/RHSA-2008-0855.html
Quotes;
"Last week Red Hat detected an intrusion on certain of its computer systems
and took immediate action. While the investigation into the intrusion is
on-going, our initial focus was to review and test the distribution
channel we use with our customers, Red Hat Network (RHN) and its associated
security measures"
"One of the compromised Fedora servers was a system used for signing
Fedora packages."
http://rhn.redhat.com/errata/RHSA-2008-0855.html
Quotes;
"Last week Red Hat detected an intrusion on certain of its computer systems
and took immediate action. While the investigation into the intrusion is
on-going, our initial focus was to review and test the distribution
channel we use with our customers, Red Hat Network (RHN) and its associated
security measures"
"One of the compromised Fedora servers was a system used for signing
Fedora packages."
Help, there's a resident rootkit in the memory
http://tipidpc.com/viewtopic.php?tid=159021
The first ever publicly reported resident rootkit implanted in volatile memory =)
The first ever publicly reported resident rootkit implanted in volatile memory =)
Last posts
Archives
- 5/13/07 - 5/20/07
- 5/20/07 - 5/27/07
- 5/27/07 - 6/3/07
- 7/1/07 - 7/8/07
- 7/8/07 - 7/15/07
- 7/15/07 - 7/22/07
- 9/9/07 - 9/16/07
- 9/16/07 - 9/23/07
- 9/30/07 - 10/7/07
- 10/21/07 - 10/28/07
- 10/28/07 - 11/4/07
- 11/4/07 - 11/11/07
- 12/9/07 - 12/16/07
- 12/30/07 - 1/6/08
- 1/6/08 - 1/13/08
- 1/27/08 - 2/3/08
- 2/3/08 - 2/10/08
- 2/17/08 - 2/24/08
- 2/24/08 - 3/2/08
- 3/16/08 - 3/23/08
- 4/20/08 - 4/27/08
- 6/22/08 - 6/29/08
- 6/29/08 - 7/6/08
- 7/6/08 - 7/13/08
- 8/17/08 - 8/24/08
- 8/24/08 - 8/31/08
- 8/31/08 - 9/7/08
- 9/7/08 - 9/14/08
- 9/14/08 - 9/21/08
- 11/9/08 - 11/16/08
- 11/23/08 - 11/30/08
- 12/7/08 - 12/14/08
- 12/14/08 - 12/21/08
- 1/4/09 - 1/11/09
- 1/11/09 - 1/18/09
- 2/22/09 - 3/1/09
- 3/1/09 - 3/8/09
- 3/15/09 - 3/22/09
- 3/22/09 - 3/29/09
- 3/29/09 - 4/5/09
- 4/5/09 - 4/12/09
- 4/19/09 - 4/26/09
- 5/17/09 - 5/24/09
- 6/28/09 - 7/5/09
- 8/23/09 - 8/30/09