Phishing? Social Engineering?

I wonder how many people will give their passwords when simply be asked so. This morning, I received below email, purportedly came from Google, which asked me to confirm that I still want to use Gmail. Of course I still want to use it, how else could I chat during office hour?
Everytime I receive a [...]

Read Full Post »

Do your part in maintaining privacy !

What happened to YB Elizabeth Wong must be a nightmare. Technologies have been (mis)used to take private photo of her, and to distibute it online. I hope she will not resign over this matter, because it would encourage more of such practice. I am approaching this matter from security point of view, not political.
My stand [...]

Read Full Post »

Finally, an idea

Finally got an idea for my Master thesis. Personally, I think it’s a splendid idea. I sent an email to Prof. Azizah asking for opinion, and she seems to think it’s worthy of research. But she foresees that I might have difficulty with Literature Review, because it is not known what real-life problems I may [...]

Read Full Post »

Article Reviews Relevant to Information Security Management

Some of the article reviews I wrote which are relevant to Information Security Management.
[1] IT Security in the USA, Japan and China : A Study on Initiatives and Trends within Policy, R&D, Industry and Technology.
Original article   Article Review
[2] Managing Security Threats and Vulnerabilities for Small to Medium Enterprises
Original article   Article Review
[3] National Cybersecurity Policy & Implementation [...]

Read Full Post »

Back up

Businesses and organization now depend on Information Technology heavily. However, there are too many threats that could cause damage and harm to information as an asset.
Should these businesses and organizations back down from these threats, or should they back up?
The answer is obvious. They must back up. In this context, it means businesses and organizations [...]

Read Full Post »

IT Security in USA, Japan, China

For the past two days, I have been reading Internet scholarly materials on non-technical issues relating to Information Security. What I initially thought to be a boring subject (in contrast to computer security technicals) is slowly  proving otherwise.
One of the study papers I read was titled “IT Security in the USA, Japan and China : A Study [...]

Read Full Post »

Computer Forensic Law

A computer forensic investigator must not only be well-equipped with technical knowledge of computing and information technology, but also have good understanding of computer forensic law. This is primarily important to ensure that the evidence collected following an incident will be admissible in court and have enough weightage to support the prosecution of the criminals.
There are several legal [...]

Read Full Post »

Laws and Crimes

Today, I had three hours of lecture on Malaysia cyber law. The lecturer, David Len started by talking about computer crime and how the definition of computer may cover any electronic device including printers, mobile phones, storage media and so on. He then continued by introducing to us the existing legal framework in Malaysia concerning [...]

Read Full Post »

Awakening of a dormant dream

Although it makes my life seems very dull to others, I benefit a lot from my part time Master course in Information Security. The gain is not just in the form of hard knowledge, but also subtle understanding of many aspects of different functions of the world. The latter is the reward exclusive to part-time course.
Classmates are from [...]

Read Full Post »

Too many awarenesses

Today, during our Operational & Physical class, a friend gave outburst of his dissatisfaction with many teachers who do not know how to use computer. “They are hopeless, cant even protect against viruses“. Then we also had discussion how some nurses and hospital staff lack security awareness.
It’s true. Many people really lack security awareness. They [...]

Read Full Post »