Who?

  You or your organization.

 

What? 

  Secure your systems

 

When? 

  You haven't started yet, WTF? 

 

Where?

  Home, Work, anywhere else.

 

Why?

  1. Common Sense

  2. Compliance

       FTC Red Flag Rules

       Copyright Pre-Litigation Letters

       PCI

       Sarbanes/Oxley

       HIPAA

       ACH

       USDA

  3. Computer crime vs physical crime

       Chance at prosecution...

 

How:

Books:

  Amazon, Borders, B&N

  JGI

 

Identify information of value:

  Spider (cornell)

    http://www.cit.cornell.edu/security/tools/

 

Standards?

Organizations:

Sans: http://www.sans.org

CERT: http://www.cert.org

 

Podcasts:

http://www.cyberspeak.libsyn.com/

http://www.watchguard.com/education/radiofreesecurity.asp

 

 

Opps, too late:

Forensics:

  http://www.techsec.com/html/AgendaForensic08.html

  http://www.techsec.com/TF-2008-PDF/Wednesday/Doyle%20Critical%20Infrastructure%20Protection%20Congress.ppt

 

  Helix  http://www.e-fense.com

    Live Linux CD

 

Electronic Crime Scene Investigation: A Guide For First Responders, Second Edition

http://www.ncjrs.gov/pdffiles1/nij/219941.pdf

 

FTC Identity Theft

http://www.ftc.gov/bcp/edu/microsites/idtheft/

 

But what about old computers and stuff...

Disk Wipe tools

  DriveErazer (hardware)

  http://wiebetech.com

 

Software:

  DBAN: http://www.dban.org/

 

I don't want it to be discoverable:

Fat Chance...

Boot CD / Boot USB Keys (data only in ram)

Virtual Machines

Raid

Tor

UltraSurf