About Us  |  Membership |  Help
Sign In |  Register

Research & Publications

Securing our connected world 2013

 

Editor:
Annie Turner
aturner@tmforum.org

Download Preview

Securing our connected world is packed full of contributions from leading industry figures, journalists, and spokespeople as well as compelling case studies and essential information on a range of security-related themes. The overall theme of this year’s publication is Cyber supply chain security and implementing best practices. Inside you can read about:


Getting the basics right: the 80/20 rule and patch management 
Martin Huddleston UK MoD DSTL takes a view on the SANS Institute and MITRE report published in 2011, which found that 80% of most attacks and other risks could be mitigated by getting the basic 20% right.


Mobile device management- beyond BYOD
This interview with Blake Lindsay, Network Security Advisor, Bell Canada reveals how, in the era of bring your own device (BYOD) security is a serious issue for all kinds of business. The threat to the security of data is now even more complex and mobile devices offer a potential habitat for hackers as increasingly, those devices may hold data and access of high target value.


Denying distributed denial of service attacks (DdoS)
Our interview with Mike Carpenter, Vice President, Service Assurance, TOA Technologies discusses managing the diverse and complex risks associated with DDoS: a key risk mitigation strategy, whatever line of business you’re in.


Mitigating the human factors
Human error, carelessness and malicious insiders all add up to a big security and business assurance headache. We investigate the scope and scale of the problem and consider possible solutions and best practices to mitigate this common but very troublesome risk.


Why securing servers is crucial
The acute importance of securing servers was highlighted on November 28th 2012 when a hitherto unknown group hacked the UN nuclear agency (the IAEA) via a server that was no longer in use, stealing and publishing contact details of 100 nuclear experts on the web.


Making security measurable - Define, contract, and implement KPIs to prevent threats end-to-end in the supply chain 
This article details an exciting catalyst project championed by Defense Science & Technology Laboratory (DSTL) [an Agency of the UK MOD] and involving CA Technologies, McAfee and Sooth. The participants defined key performance indicators (KPIs) for measuring industry best practices for Cyber operations and sought to bring them to life through their collaboration work.


Security and Frameworx 
What’s new in TM Forum’s Frameworx 12.5 and Frameworx for Defense: the importance of Frameworx to the myriad aspects of security, applicable to any organization, as well as to defense was underlined in August 2012 when the U.S. Department of Defense issued an instruction on network management. This new policy for its communications suppliers and system integrators requires their use of the Information Framework (SID) as one of the baseline protocols and standards for exchanging network management data. The policy also referenced TM Forum’s Guidebook 917 Service Level Agreement (SLA) Management Handbook Release 3.0.