5 problems with SaaS security
As interest in software-as-a-service grows, so too do concerns about SaaS security. Total cost of ownership used to be the most frequently cited roadblock among potential SaaS customers. But now, as cloud networks become more frequently used for strategic and mission-critical business applications, security tops the list. Read More
WEBCAST: Cisco Ironport Systems
All Clouds Are Not Created Equal
Join this webcast for a tactical session that breaks down cloud computing, addresses concerns around control and reliability, and addresses one of the popular uses of cloud services today: email security. Learn More
WEBCAST: Meraki
802.11n: Faster, Easier, and Cheaper than Ethernet?
See Cloud Controlled Wireless in action - including demos, case studies, and architectural analysis, to learn just how well this fast-moving technology lives up to its promises. Learn more!
How to keep employees from stealing intellectual property
Your data is your business. And if you're not vigilant about your employees' access to that data, you're going to end up out of business. That's the advice of Patricia Titus, current CISO of Unisys and former CISO of the Transportation Security Administration. Read More
6 tips for guarding against rogue sys admins
One of the biggest threats that organizations face is losing sensitive data -- such as payment card or personally identifiable information about customers or employees -- to theft from their own employees. The threat is greatest from systems and network administrators, who have privileged access to vast amounts of corporate data and are responsible for most compromised records in insider cases. Read More
Biggest insider threat? Sys admin gone rogue
What's one of the biggest insider threats to the corporate network? The high-tech folks that put it together, make changes to it, and know more about what's on it and how it works than anybody else. When the database, network or systems administrator goes rogue, stealing data http://www.networkworld.com/news/2007/070307-fidelity-national-records.html?nlhtsec=0702securityalert4&, setting up secret access for themselves, even in anger planting logic bombs to destroy data http://www.usdoj.gov/usao/nj/press/files/du1217_r.htm, or just peeking at sensitive information http://www.networkworld.com/news/2010/070710-snooping-protected-data.html they know is off limits, they become the very insider threat that the IT department is supposed to be guarding against. Read More
State IT security pros feeling big budget squeeze
A survey published Monday of chief information security officers (CISO) for almost every state in the union shows that the vast majority feel they don't have adequate budgets. Read More
Business partners a growing security concern
Increasingly complex business relationships are forcing companies to give outsiders greater access to internal systems. According to this year's Global Information Security Survey, this presents a security problem. Read More
Meeting the new PCI wireless requirements
Beginning Sept. 30, Visa will require merchants and related businesses to conduct wireless security scans to prove compliance with version 1.2 of the PCI Data Security Standard (PCI DSS) which is designed to safeguard cardholder data from wireless threats. Read More
Microsoft's Security Essentials running on 31 million PCs
Microsoft's free antivirus software, Security Essentials, has been installed on 31 million PCs in its first year, the company has announced. Read More
MIT system helps companies recover from network intrusion
MIT Computer Science and Artificial Intelligence Laboratory researchers will next week detail a system they say will make it easier for companies to recover from security intrusions. Read More
ZeuS trojan bank-theft scheme extends to the U.S.
More than 60 people will be charged in the U.S. with using the Zeus trojan to steal millions of dollars from U.S. banks as part of a scheme that resulted in similar charges in the U.K. earlier this week. Read More
WHITE PAPER: IBM
Data Growth Challenges Demand Proactive Data Management
Most organizations do not have a firm handle on how to manage their data growth, particularly unstructured, file-based information – the fastest growing type of data. Learn the tools, techniques and best practices available to proactively plan for and manage data growth. Read now
Four steps toward safer online banking
With the ZeuS Trojan continually being revised and updated, the malware remains effective as a tool for stealing online financial credentials, but there are some simple measures banks could take to make online accounts more secure, according to the SANS Institute. Read More
Houston hotel on watch for threats from inside and out
As open buildings, hotels are typically on guard for any signs of trouble. So it's no surprise that the downtown Hilton Americas–Houston just upgraded its video-surveillance system, installing one based on 3VR Security's digital recorder platform for the sake of efficient retrieval of video footage for research. Read More
Android software piracy rampant despite Google's efforts to curb
Pirating Android apps is a long-standing problem. But it seems to be getting worse, even as Google begins to respond much more aggressively. The dilemma: protecting developers' investments, and revenue stream, while keeping an open platform. Read More
Fight insider threats with the tools you already have
Common security tools already used by many businesses can be effective means for finding corporate data thieves and saboteurs, according to researchers at Carnegie Mellon's Software Engineering Institute. Read More
Is Stuxnet an Israeli-invented attack against Iran?
Was Stuxnet, a sophisticated piece of malware designed to attack industrial control systems (ICS), secretly invented by Israel to attack Iran's industrial controls systems? Read More
What's up with encryption?
Indeed whatever the reason, encryption technologies seem to be behind a series of important security happenings of late. Here's a look at some of the more interesting happenings shaping encryption today: Read More
Survey: Cloud security still a struggle for many companies
Despite the value many companies see in cloud computing, a lot of you are still afraid of the security implications, according to this year's Global Information Security Survey. Read More
Professionals: Don't use Facebook and Twitter
Do you receive a steady stream of invitations to join Facebook, MySpace, and Friendster? I have been told repeatedly by friends and colleagues that I should post personal information on these sites, tweet on Twitter, and use some of the many other social-networking tools available. However, as a computer-security professional, I have purposely avoided joining Facebook and tweeting on Twitter. Read More
The shape of threats to come
Mark Gibbs ponders the uber malware called Stuxnet. Read More
WHITE PAPER: CA
Service Assurance Defined
This Forrester paper explains the concept of service assurance and highlights how it can address fundamental issues around managing application performance and business services. Learn More
Many Android apps leak user privacy data
Researchers have created Android-based code that tracks what applications on a smartphone actually do with the data they have access to. They do a lot, it turns out, and most of what they do is unknown to the enduser Read More
IE users most at risk from DLL hijacking attacks
Users of Microsoft's Internet Explorer are more vulnerable to rogue DLL attacks than people who use rival browsers such as Mozilla's Firefox or Google's Chrome, a security researcher said today. Read More
Zeus botnet bank thieves were careless with own security
Suspects charged with stealing more than $9.4 million from U.K. banks using the Zeus botnet apparently spent more time figuring out the logistics of stealing the money than they did on securing their cyber operation. Read More
Why CIOs are Resetting Information Security Priorities
Business partners with shoddy information security. Cloud computing vendors with dubious risk controls. What's a CIO to do? Our annual Global Information Security Survey tracks the trends. Read More
NIST blesses network access, desktop security
The Trusted Computing Group and the National Institute of Standards and Technology Tuesday joined to give their blessing to the union of two technologies that each have championed: TCG with its network-access control standard called Trusted Network Connect, and NIST with its desktop-security configuration standard called the Security Control Automation Protocol. Read More
Symantec lays out encryption roadmap
Symantec is laying down a strategy for integrating the two encryption-software companies it acquired, PGP Corp. and GuardianEdge Technologies. Read More
Study: Top web sites riskier than porn
Malware has become so common on the web that users are more likely to find malicious content while visiting popular sites than when they are on porn and gaming sites, according to research released Tuesday by security firm Websense Read More
Heartland Payment Systems bolsters encryption
Heartland Payment Systems, which last year suffered a devastating data breach, has been on a mission to secure payment-card processing . Read More
Snort rival launches threat-detection start-up
Emerging Threats Pro debuted Monday with a rival intrusion detection and prevention signature technology to vendor Sourcefire, which shepherds open source Snort and its threat-detection signature base. Read More
| 
No comments:
Post a Comment