WELCOME

Capella has been designated a National Center of Academic Excellence in Information Assurance Education (CAEIAE) by the National Security Agency and the U.S. Department of Homeland Security. Capella’s information security curriculum meets the NSA Committee on National Security Systems standards 4011, 4013, 4014.

This center provides access to resources, tools, and the latest information regarding information assurance as a way to enhance understanding in this field of study.

CNSS Certification

The NSA’s Information Assurance Courseware Evaluation (IACE) Review Committee has validated that Capella’s information security curriculum meets the Committee on National Security Systems (CNSS) National Standards 4011, 4013, (and 4014 coming). Learn what this means to a Capella learner.

ARCHIVES

Cracking the Security of Computer Chips

From Dr. Steven Brown | February 8th, 2010

Many system chips, like those used in identity cards, are protected by security processes including encryption. Research shows, however, that using microscopy has been able to, basically, bypass all these defenses — and it’s even able to read encryption keys.

Could be a troublesome issue if this can’t be corrected.

Read more at darkreading.com and share your thoughts.

Tags: , , ,

 

RFID Security Call for Papers

From Mary Brown | January 12th, 2010

The RFID Security Alliance has posted a call for papers for their RFID Security Workshop in Istanbul this spring.  RFID technologies are being used in everything from supply chain management to passports.  Security and privacy concerns and failure to develop robust solutions are a challenge for these technologies.  If you are looking for a way to contribute to the information security community, RFID security is a worthy place for you to put your time and attention. 

What do you think about the state of RFID security and the impact it may have on the use of this technology?

 

Tags: , ,

 

Cisco Annual 2009 Security Report

From Mary Brown | December 18th, 2009

Cisco has published their 2009 security report where they review existing security issues and try to identify some trends. Does this analysis fit with your experience or do you recommend changes or additions to this work? Read the Cisco 2009 Annual Security Report here.


Tags: , ,

 

Spying on Twitter and Facebook

From Mary Brown | October 23rd, 2009

Noah Shachtman at Wired.com reports on a business relationship between a segment of the CIA and an Internet company that uses specialized data mining tools to monitor the activity going on in the social networking sites like Twitter and Facebook. Personal privacy laws in the U.S. require the government to use discretion when violating the privacy of U.S. citizens. These social networking sites provide a huge amount of personal information that would not be available, were it not being offered up to the public.

Is this another example of where there is a tension between the potential benefit to security and the potential abuse of privacy? Do users of social networking sites fully understand what will happen to the data they post, and would they alter their behavior if they were made aware? Share your thoughts. Post a comment.

Tags: , , , , , ,

 

Cloud Security: Proprietary vs Freeware DNS

From Mary Brown | September 25th, 2009

Toby Wolpe, of ZDNet UK writes about the commercial use of open source software and its impact on security. He discusses a solution that he argues is more secure.

Do you believe that the security profile of Nominum’s proprietary DNS solution is sufficiently superior to warrant the cost of moving away from freeware such as BIND?

How does this apply to the concept of the commercial use of open source software in general?


Tags: , ,

 

Are you using WPA2 or AES for your wireless?

From Mary Brown | September 8th, 2009

Ohigashi & Morii (2009) have published a research paper that increases the concern about the use of WPA encryption to protect data being transmitted via wireless networks. Wireless security is becoming a more pressing topic as mobile computing becomes more the norm.

How important do you think it really is to worry about using very robust security for wireless as opposed to just the run of the mill WEP or WPA? Do you think most organizations are creating architectures for their wireless solutions that are highly secure?

Why or why not? Tell us what you think.

Tags: , ,

 

Prioritizing Values

From Mary Brown | June 29th, 2009

I have recently been attending a range of webinar meetings being held by federal and private healthcare stakeholders that are trying to get their arms around the Health IT mandates that are included in the Obama stimulus and health reform plans. The big cahuna in healthcare is the HIPAA security and privacy regulations that were meant to protect the private health information of individuals. READ ON

Tags: , , , , ,

 

Agricultural Crime and Safety?

From Dr. Steven Brown | May 27th, 2009

When discussing security, we normally think of things like policies, hacking, terrorism, etc.  But the same attention is not given to our food supply.

Why? READ ON

Tags: , ,

 

Web 2.0 Social Networking Security and Privacy

From Mary Brown | May 19th, 2009

Social networking tools have seen a fair amount of press lately to the ways in which hackers use these tools to commit crimes.  PC Advisor reports a French hacker that gained administrative control of Twitter by compromising the account of an employee.  That is what is known as an ‘adverse event’ in anyone’s world. PCWorld  posted an article describing five different security problems involving Facebook in a single week, in March 2009.

Are you are protecting your organization from the threats that have come about through an increase in Web 2.0 applications and social networking sites? 

Tell us what strategies you use to mitigate these risks.

 

 

Tags: , , , , ,

 

Prepare for April 1

From Mary Brown | March 30th, 2009

April 1, also known by many as April Fool’s Day, has typically been a day of widespread activity for those who write and propagate malicious code. This year is no different. Many of these Trojans, worms, and viruses have functionality that includes disabling personal firewalls and anti-virus or anti-spyware programs. It is important that information security professionals work to encourage the users within their professional and personal lives to double check their systems prior to April 1, 2009, to ensure that they will not contribute by allowing their systems to become bots or zombies. Below are some links that offer advice as to how to protect systems from being compromised.

Tags: , , , , ,

 

Categories

RESOURCES

NEWS FEEDS

META

CAPELLA CONNECTION

Capella University offers several degree programs which specialize in the information assurance and security field. Visit one of the links below for more information.

To learn more about Capella, please visit http://www.capella.edu or call 1.888.CAPELLA, option 2, to speak to an enrollment counselor.

Capella University