An Article on Random Numbers from CPU Execution Time Jitter
Here is a link to an interesting thread on Random numbers from CPU execution
time jitter.
Random numbers from CPU execution time jitter
Wednesday, May 27, 2015
Wednesday, May 20, 2015
The 27K Summit: The First U.S. Conference Focusing on the ISO/IEC 27001 Family of Standards
 |
| Ron Ross, NIST Fellow, delivers his keynote presentation |
The ISO/IEC 27001 standard is a globally accepted standard for ISMS. It is widely used in Europe and Asia, but to date it has not been as widely adopted in the United States, this first conference of its kind in the U.S. was held last week in Austin, Texas.
atsec initiated the organization of the conference due to the history of atsec and the ISO/IEC 27001 standard. Sal La Pietra, atsec CEO, in his closing remarks at the conference said, "We organized this conference because we believe in the 27K standard and atsec owes the foundation and growth of the company to the standard." Much of atsec's early business in Europe was related to the ISO 27001 standard. atsec was assisted in the development of the conference by Cyberdefenses and BSI.
A day of pre-conference workshops was followed by the conference opening with keynote presentations by
- David Cannon, President & CEO, CertTest Training Center,
- Ron Ross, Fellow, National Institute of Standards and Technology (NIST),
- Scott Bullock CCSK, CISSP, CISM, Information Security Manager, Websense Cloud Services,
The conference was capped with a summary panel discussion on the subject of Integrating ISO/IEC 27001 with Existing Management Systems. The panel was moderated by Vern Williams, Chief Security Officer of CyberDefenses, and consisted of Fiona Pattinson, VP of atsec information security, John DiMaria ISO Product Manager of BSI Group America, Timothy Woodcome, Director of NQA USA, and David Ochel, Senior Information Security Manager of Rêv Worldwide. It was clear from the enthusiastic participation and discussion of the attendees that a conference on the subject of ISO/IEC 27001 has been needed and was valued highly by the community.
 |
| Vern Williams moderates the summary panel |
Thank you to everyone for attending! We are truly sorry that the typically beautiful Austin Spring weather chose not to cooperate on the week of the conference.
The conference organizers would like to thank Vern Williams and Willibert Fabritius for their invaluable contribution to the organization of the conference. We would also like to thank all of the conference sponsors: BSI, CyberDefenses, Inc., SGS, UL DQS Inc., DEKRA Certification, Inc., National Quality Assurance, The Open Group, SecuraStar, and Developing Telecoms. We are also grateful for the able assistance of Bill Rutledge of Cnxtd (“Connected”) Event Media Services.
Wednesday, May 13, 2015
27K: Security Summit for the Americas has started
The 27K: Security Summit for the Americas started off with keynote speeches from David Cannon, Ron Ross and Scott Bullock. The next two days will see presentations from thirty speakers on a wide variety of topics concerning ISO/IEC 27001. atsec information security is represented by Fiona Pattinson, Yi Mao and Helmut Kurth. For more information on the conference, please visit http://iso27001.com.
Thursday, May 7, 2015
Newly Approved NIAP "collaborative Protection Profile for Network Devices"
NIAP recently approved a new protection profile for network devices called the "collaborative Protection Profile for Network Devices"(NDcpp) version 1.0. This protection profile supersedes the older NDPP v1.1 protection profile. NIAP plans to sunset NDPP v1.1 on August 27, 2015.
The NDcpp contains most of the same requirements as NDPP plus several new requirements, several enhanced requirements, and a few optional requirements. The linked PDF presentation contains a comparison of the new NDcpp v1.0 to NDPP v1.1 Errata #3. It also contains a slide of a few SFR inconsistencies found in the new NDcpp.
cPP for Network Devices v1.0
Subscribe to:
Comments (Atom)
