|
|
Free Newsletters
|
|
|
|
|
|
IT trainer offers master's degree for hackers In an effort to produce the next generation of chief security officers and IT systems defense experts, an online training company is offering a new master's degree program in security science. Security vendors bring zombie fighters to life Data leakage prevention might currently be the hottest IT security submarket, but vendors are also tuning up their product offerings to help customers ward off the presence of botnet-infected zombie computers.  October 4, 3:41 p.m. PDT Cool tools for hacker trackers If you want to keep up with the latest criminal exploits without having to collect malware yourself, take a look at SRI International's Cyber-Threat Analytics BotHunter Malware Analysis Web page. Reporting on information and statistics collected from a research honeynet, the BotHunter Malware Analysis page makes daily infection logs from high-interaction honeypots available for anyone to view. Although the scale of the project and information collected is fairly small, this is a useful site for gaining more insight into crimeware and the world of bots. September 28, 3:00 a.m. PDT Security outsourcing on the rise As one of the world's largest outsourcing providers, Wipro Technologies is ramping up its security services business in a big way. September 20, 2:30 p.m. PDT AT&T: Network perimeter security should be virtual Enterprise companies will soon begin offloading many of their network security responsibilities to telecommunications and Internet service providers and save vast amounts of time and money doing so, if AT&T has its way. September 20, 4:05 a.m. PDT Vontu 7 covers your end point Information leak prevention solutions have evolved predictably. First, they identified, and then blocked, sensitive data moving around your networks. Next, the cycle repeated with information resting in data repositories. The latest installment safeguards data at end points. This is especially important for mobile workforces with sensitive files residing on laptops and other portable devices; if the unit is stolen or otherwise compromised, data loss is clearly a major problem. September 20, 3:00 a.m. PDT Fear of insider threats hits home The more money that companies spend on securing their IT operations from external attack, the more it seems they become aware that the potential threat posed by their own employees remains their most significant risk. September 18, 10:42 a.m. PDT Keyloggers proposed to fight terrorism in cybercafes An organization in Mumbai, India, has proposed that police use key-logging software at cybercafes to keep track of communications between terrorists. September 12, 6:12 a.m. PDT Best of open source in security In areas such as CRM software and portals, open source gained a foothold because users were willing to compromise -- less could be more, because the price was right. In security, open source rushed in because commercial vendors fell down on the job. As security problems in the enterprise outstripped the capabilities of commercial solutions, a number of talented security researchers stepped into the breach via the open source model. September 10, 3:00 a.m. PDT Forrester security show stresses risk management Enterprise security decision makers have long been more likely to be swayed by flashy new technologies than by the notion of comprehensive IT restructuring to protect data and other corporate assets, but the situation is evolving rapidly, according to experts participating in Forrester Research's ongoing Security Forum. September 5, 11:33 a.m. PDT Debate rages over German government spyware plan When it comes to who can and who can't be a hacker, the German government appears to want its cake and eat it, too. September 5, 8:14 a.m. PDT FBI: Enterprises need counterintelligence The Chinese government has denied involvement in a series of hacks carried out against IT systems at the Pentagon in June this week, but the threat of technology-driven espionage has forced the FBI to push businesses and academic institutions to better prepare for such attacks. September 4, 3:45 p.m. PDT Malicious Web: Not just porn sites The New Zealand Honeynet Project, which produced Capture-HPC (mentioned here last week), also produced an excellent white paper about using Capture-HPC to identify malicious Web servers. On the group's Web site, you'll find that paper, the captured data, and the tools for anyone to inspect and replicate. August 31, 3:00 a.m. PDT Intel's vPro chips in more security for businesses With the introduction of its latest vPro microprocessors on Monday, Intel contends it is injecting a heavy dose of new security capabilities for the benefit of business customers and third-party technology providers alike. August 27, 8:00 a.m. PDT Intel adds desktop NAC to latest chips Intel's move to provide new integration with NAC (network access control) tools in its latest vPro desktop processors could provide interesting opportunities for use with the device authentication systems while further strengthening the technology standards it supports, according to industry watchers. August 27, 8:00 a.m. PDT Honeypots as sticky as ever Longtime readers of my column know what a honeypot proponent I am. I run several around the world, collecting information on malware and malicious hackers, and I think every company should have one. August 24, 3:00 a.m. PDT Making a case for virtual patching The period during which businesses work to install security patches to protect IT systems from attack undeniably remains one of the most vulnerable timeframes for many companies -- but a recently-launched startup selling a virtual patching alternative claims to have found a solution to the problem. August 20, 2:20 p.m. PDT Pundits on parade: What’s next in tech You’ve heard of Christmas in July, that classic advertising gimmick designed to lure shoppers into stores despite the oppressive heat and humidity. We’ll, we’ve got New Year’s in August, which invites you to stay indoors and read “The next big things in IT” -- 15 predictions about the future of technology. August 20, 3:00 a.m. PDT Sourcefire acquires ClamAV open-source anti-malware project Network security specialist Sourcefire announced Friday that it has acquired ClamAV, an open-source gateway anti-malware project whose technologies are used in the products of a number of other vendors. August 17, 8:58 a.m. PDT Apps security to dominate Black Hat Black Hat kicks off this week in Las Vegas with a big shift in focus from Internet viruses to application security. July 31, 3:00 a.m. PDT Organized crime infiltrates financial IT In Martin Scorsese's hit movie "The Departed," actor Matt Damon plays the part of a mole -- someone who helps his connected mob friends stay a step ahead of the cops by becoming one of the very law enforcement officials assigned to stop them. July 23, 11:14 a.m. PDT Piecing together IBM's security puzzle IBM owns some of the world's leading IT security talent, products, and services, but executives with the massive company say it will likely never aim to become what people might label as a true "security vendor." July 23, 3:00 a.m. PDT Anti-phishing techniques for the real world I need to expand my idea of a secure computing ecosystem into the real world. Let me explain. July 13, 3:00 a.m. PDT The struggle to protect enterprise data Long ago, when businesses kept sensitive information locked away in file cabinets and safes, it was relatively cheap and easy to store valuable data and control who had access to it. Today, enterprises invest millions in security, storage, and compliance technologies -- all in the name of increasing visibility into where vital electronic information lives and how it is being defended. June 25, 3:00 a.m. PDT HP-SPI deal underscores apps security integration Hewlett Packard's acquisition of Web applications security specialist SPI Dynamics on June 19 illustrates a growing demand among enterprise customers to have vulnerability-scanning tools integrated into their software development platforms. June 19, 12:07 p.m. PDT Homeland Security to detail IT attacks Officials from the U.S. Department of Homeland Security will hold a hearing on Capitol Hill on June 20 to discuss the findings of an investigation into the agency's own problems in battling electronic attacks and IT systems intrusions. June 15, 11:26 a.m. PDT Global co-op feeds FBI's botnet fight Officials with the FBI claim that global law enforcement partnerships are playing a significant role in its ongoing efforts to stomp out botnets and other computer-borne crimes. June 14, 3:09 p.m. PDT Experts: Botnets add fault tolerance Security experts contend that a growing number of operators of compromised computer networks (or "botnets") are finding new ways to grow their networks and make them immune to potential shutdowns, including sophisticated fault-tolerance planning to help ensure that their networks can't be easily wiped out. June 7, 12:00 a.m. PDT Microsoft unveils integrated security Microsoft shared details of its long-term security product strategy as part of its ongoing TechEd 2007 training conference on June 4, lifting the lid on plans to deliver an integrated suite of its software by mid-2009. June 4, 7:24 a.m. PDT Spammers' use of AI only just begun Though security industry experts were openly referring to the death of spam several years ago, the arrival of image-based attacks has resulted in a stunning renaissance in the volumes of unwanted e-mail reaching end-users' inboxes. May 31, 5:03 p.m. PDT Attackers get chatty on VoIP The recent spate of malware attacks propagating throughout the user base of the Skype Internet calling system illustrates a broader trend toward cyber-criminals moving to take advantage of VoIP platforms as they become increasingly popular. May 30, 12:18 p.m. PDT Companies open wallets for secure data An annual VanDyke Software-sponsored survey of IT network and systems administrators finds that businesses have increased their spending on secure data communications technologies and also have undertaken significant work to improve their internal processes to benefit security. May 22, 11:42 a.m. PDT Microsoft, TCG get closer on NAC The Trusted Computing Group (TCG) is tying its authentication software standard to Microsoft's proprietary network access protection platform -- a move that leaders in the network access control (NAC) segment tout as a major step toward getting products made by different vendors to work together. May 21, 8:20 a.m. PDT Deepwater churns around unencrypted data The most sensitive and highly classified data communicated over the nation's internal computer networks remains at risk for exposure, according to key witnesses in the government's investigation into the United States Coast Guard's Deepwater procurement program. May 17, 11:33 a.m. PDT IBM pitches risk management strategy IBM unveiled a new IT governance and risk management strategy on May 15 that it will market to enterprise customers as a means to weave together security and compliance projects to ease planning and help drive down related expenses. May 15, 12:42 p.m. PDT Botnet management app exposed A new and unusually sophisticated application for controlling and monitoring botnet PCs has been discovered by security company Panda Software. May 14, 8:26 a.m. PDT Social Security, spyware bills go to House vote The House Energy and Commerce Committee unanimously approved a pair of bills on May 10 that aim to bolster consumers' protection against misuse of their social security numbers and computer-borne spyware. May 11, 11:23 a.m. PDT Symantec pitches rootkit tech as Veritas validation Some industry watchers may still question why Symantec moved to acquire storage software maker Veritas for $10.2 billion in 2004, but the fruits of the companies' combined labors are already proving the deal as a winner, according to executives with the massive security firm. May 9, 4:26 p.m. PDT Infrastructure security powers up He may not have known it at the time, but Lonnie Charles Denison helped prove the need for tighter security at many infrastructure businesses when he launched a multifaceted attack against California Independent System Operator, a quasi-governmental agency responsible for management of the state's power grid. May 9, 4:17 a.m. PDT Document shell code attacks loom large Targeted attacks that utilize vulnerabilities in popular document file formats and execute via hard-to-find shell code are becoming an increasingly popular menace, according to researchers at IBM's Internet Security Systems division. May 2, 12:37 p.m. PDT Making sense of Websense's SurfControl buyout Websense's $400 million buyout offer for rival network filtering specialist SurfControl should help position the two companies for short-term growth and possible acquisition in the future, according to market watchers. May 1, 11:27 a.m. PDT Nokia expands security appliance line Nokia introduced two new network security appliances on April 30, adding high- and low-end models that aim to help companies filter out malware traffic before it penetrates their IT systems. April 30, 2:17 p.m. PDT Rootkits: The next big enterprise threat? Late at night, a system administrator performed a routine check of a crashed server, one of 48 systems comprising a major online infrastructure that generated about $4 million per month in revenue. He was a bit surprised that the system had gone down, as it had been humming for months without any indication of being prone to crashing. The check uncovered three encrypted files. The administrator called on MANDIANT to analyze them. April 30, 3:00 a.m. PDT Large enterprises still serving up spam Well-known enterprise companies are still having their IT systems hijacked by spammers despite investing in many different types of technologies aimed at stopping the problem. April 17, 3:04 p.m. PDT Symantec takes initial step into SaaS Symantec took its initial step into the software-as-a-service market on April 17, introducing its maiden set of hosted applications for small and medium-sized businesses. April 17, 4:00 a.m. PDT P2P worms get their turn Massive networks of infected computers controlled by attackers worldwide will serve as a powerful engine for the new breed of so-called P2P worm that is currently echoing across cyberspace. April 16, 11:17 a.m. PDT Bottom line impact of data breaches unclear Despite the fact that unwanted exposure of consumer data has become a hot-button issue in the media and among legislators nationwide, experts admit that it remains unclear just how much damage the events will cause to the finances and reputations of companies that experience major incidents. April 13, 3:01 p.m. PDT More security OEM deals to come With enterprises demanding more tightly integrated security products than ever before and pressure increasing on vendors in the space to offer as many tools as possible to win deals, experts say that an increasing number of technology providers will turn to licensing agreements to help increase their marketability. April 12, 3:57 p.m. PDT McAfee: Cyber-crime will continue to pay The latest research report from McAfee's Avert Labs paints a frightening picture for enterprise IT administrators and end-users, predicting continued maturation of cyber-crime and the technological means being used to carry out external attacks. April 10, 9:00 p.m. PDT Debate lingers over federal data-handling laws Even as the federal government appears poised to create new consumer data protection laws in 2007, businesses and privacy advocates in the United States remain at odds over the parameters of such legislation and its potential impact. April 3, 6:59 p.m. PDT ShmooCon hacker event gets under way The third annual ShmooCon convention kicked off in Washington, D.C., on March 23 and will run throughout the weekend with a series of lectures and presentations covering a wide range of enterprise security issues. March 23, 2:12 p.m. PST TJX stolen data used in Florida crime spree Law enforcement officials in Florida have arrested six individuals suspected of carrying out a fraud scheme built around the misuse of credit card data stolen from retailer TJX Companies. March 21, 9:25 a.m. PST More IT war stories Off the Record, the real-world slice of life that graces the last page of InfoWorld, is one of our most popular columns. I know this from reader surveys and from all the e-mail I receive about it. As reader Roland Sickenberger put it recently, “It’s my favorite part of the magazine, kind of like a ‘Dilbert come to life’ thing.” March 5, 3:00 a.m. PST Tolerating online fraud Whenever I see someone turning the other cheek to a problem, I smile and think of the greatest golden retriever I’ve ever known, a family dog named Kayo who was a very strong swimmer. March 1, 3:00 a.m. PST NAC policy management wags the watchdog The most critical element of a NAC system is the policy management system. As every administrative interface that an administrator must use requires specialized focus and understanding, the ease with which an administrator can launch the policy management system, make the changes desired, view reports, and perform other management tasks is critical. No administrator is likely to have hours to devote to these systems each day, so the simplification and visualization provided by the system should be a primary consideration for shoppers (and a prime opportunity for differentiation among the vendors). February 5, 3:00 a.m. PST Women in technology: A call to action A quick scan of almost any IT department -- from the trenches to the corner office -- confirms it: Women who embrace technology as a lifelong career remain a rare breed. To be sure, opportunity for women in technology has advanced in the past few decades, as have education initiatives aimed at leveling the playing field, but for every woman rising to prominence or embarking on a profession in IT, there seems to be another opting out of her career in technology. January 29, 3:03 a.m. PST Back to school: Getting girls into IT Despite the success of various education initiatives in the past several years, there’s little doubt that the shortage of women in technology begins on the playground. As such, many industry leaders and experts believe the long-term solution to the gender imbalance in IT lies in women technologists going back to school -- way back, to high schools and even elementary schools to mentor young girls, who too often give up on math and science at an early age. January 29, 3:02 a.m. PST Activism provides competitive advantage for IT Encountering another woman working in technology was a rare event for me when I started out in IT many years ago. In the years since, women have made significant strides, sometimes against great odds, proving their mettle as both tech execs and engineers. January 29, 3:01 a.m. PST Gender crisis in IT You don’t need a degree in statistics to recognize that IT is a men’s club. Just walk the floor of any tech conference or, in all likelihood, your own office — XY chromosomes everywhere you look. January 29, 3:00 a.m. PST Microsoft helps fight online child abuse in India Microsoft is working with the International Centre for Missing & Exploited Children (ICMEC) and the international police force Interpol to help fight online child abuse in India. January 19, 5:17 a.m. PST Technology of the Gods January is named after Janus, the two-faced Roman deity of beginnings and endings, who reportedly was able to look both forward and back. So for our Jan. 1 issue, we pay homage to the mythological immortal with our seventh annual Technology of the Year Awards, an analysis of where IT has been and where it’s going in 2007. January 1, 3:00 a.m. PST 2006 Year in Reviews: Security Given a sharp nudge from federal and state mandates, the security focus has shifted from intruders and malware to data protection and the insider threat — and the likes of Vontu, Reconnex, Oakley Networks, and PortAuthority are meeting the challenge. December 18, 3:00 a.m. PST Review of reviews It’s coming up on closing time for 2006. All around us, everyone is going into holiday mode. Not to be curmudgeonly contrarians, InfoWorld will be following suit, taking a one-week break before returning on Jan. 1 with our first print issue of the year. (It’s really only a semi-hiatus; InfoWorld.com will continue to perk over the holidays with a slightly reduced slate of stories.) December 18, 3:00 a.m. PST Al-Qaeda 'Battle of Guantanamo' cyberattack a no-show A planned cyberattack against U.S. financial institutions by Islamic jihadists has so far failed to materialize, Internet security observers said Friday. December 1, 2:04 p.m. PST PortAuthority tightens its data security net I appreciate when a vendor succeeds at developing a very good application. But what I find more admirable is when a vendor recognizes the deficits in its solutions, makes no excuses, and quickly goes back to the drawing board to make that app excellent. December 1, 3:00 a.m. PST Redefining innovation Innovative ideas are a dime a dozen, according to Jim Andrew, senior partner at big-time consultancy BCG. In fact, at most companies, coming up with great concepts for a product, service, or process isn’t even an issue. But turning those ideas into money … ah, there’s the rub. October 30, 3:00 a.m. PST Watching out for our own security Security pros know that there’s no perfect defense against a determined attacker. So when an identity thief strikes, it’s vital to detect the theft. But who’s going to be the detective? September 20, 3:00 a.m. PDT Hack Tales: Network auditing on a shoestring What do you do when the auditors are breathing down your neck, wanting to see an exhaustive report on the Windows network security of a 2,000-user network across eight sites? That’s easy. Break out a text editor and start writing some Perl. May 29, 3:00 a.m. PDT Determina pre-hacks applications against intruders Malicious hackers are constantly exploiting software vulnerabilities. Vendors and IT staff alike spend countless hours racing to update protection signatures and install patches before their exposed systems can be compromised. It’s a never-ending battle that favors the hackers. May 15, 3:00 a.m. PDT Tech startups to watch Startups are back! or at least, startup fever is back. Scan the latest numbers from PricewaterhouseCoopers and you won’t find any hockey sticks -- the level of investment in enterprise-related technology startups has actually remained fairly flat, hovering between $1.5 and $2.3 billion per quarter from 2003 through 2005. May 15, 3:00 a.m. PDT SANS: Attacks shift to Mac, zero-day The SANS Institute warned of a steep increase in critical security holes in Apple Computer's Mac OS X operating system and in previously undiscovered ("zero day") vulnerabilities in Web browsers. May 1, 2:34 p.m. PDT Product previews EMC rolls out entry SAN and archiving software EMC introduced the EMC clariion AX150 and AX150i storage systems and the EMC Documentum Archive Services for Email and Archive Services for Reports. The AX150 systems, available with Fibre Channel or iSCSI connectivity, support as many as 10 host servers and scale from 750GB to 6TB of SATA II storage. Pricing starts at $5,600. The new Archiving Services offerings are based on a unified archiving platform for collecting, retaining, securing, and discovering all kinds of information, including e-mail, reports, documents, images, Web content, video, and transactional data. Prices vary by configuration. EMC Clariion AX150 and EMC Documentum Archive Services, EMC April 10, 3:00 a.m. PDT Elemental extends visibility and control In an impressive debut release, Elemental Security’s Elemental Compliance System 1.1 advanced the cause of enterprisewide system monitoring and access control with exceptional reporting and granular policy management. Version 2.0 of the agent-based system, renamed ESP (Elemental Security Platform), advances on both of these fronts by broadening the client platform support and adding more than 300 new predefined rules. March 20, 3:00 a.m. PST Use numbers to fight cybercrime, show told Statistics could prove a handy ally in helping companies large and small to ward off cyberattacks, according to one security expert. March 16, 3:02 p.m. PST UK firms weak against ID theft Only 1 percent of U.K. companies use all methods available to control access to their IT systems and prevent security problems, according to the Department of Trade and Industry (DTI). March 16, 8:05 a.m. PST Plug-and-play appliances reshape IT landscape Looking for a can’t-miss enterprise trend? I have just one word for you: appliances. During the past year, our Test Center has been inundated with the things. And not just the old standbys like firewalls, switches, and routers. I’m talking appliances that can handle virtually every IT operation: intrusion prevention, intrusion detection, CRM, anti-spam, e-mail security, Web services integration. We’ve even seen a smattering of appliances for Microsoft Exchange that come bundled with managed services (look for our Test Center review in April). March 6, 3:00 a.m. PST Microsoft builds a beta ISA 2006 Last week, I’m struggling for Redmond news; this week, it’s like they have a volcano up there or something. SMS (Systems Management Server) 2003 R2, a Vista Community Technology Preview, Commerce Server 2006 Beta, new announcements about SharePoint Server 2007 , a funeral for FrontPage, and a formal ISA (Internet Security and Acceleration) Server 2006 Beta announcement. Whew. Guess all those headlines about a Microsoft stock slump lit a fire under somebody’s booty. February 23, 3:00 a.m. PST RSA - FBI director: Cyber threats 'fluid and far-reaching' Hacker hunters need to develop new techniques to take on the latest generation of sophisticated and better-organized cyber criminals. That's what U.S. Federal Bureau of Investigation Director Robert Mueller told attendees of the RSA Conference 2006 in San Jose, California, Wednesday. February 15, 3:45 p.m. PST For banks, security compliance goes only MSSP-deep In the financial industry, third parties often guard the vault. For example, MSSPs (managed security services providers), such as the company I work for, deliver vital resources and expertise to many small to midsize banks. These services include firewalls and intrusion management, secure electronic document delivery, and oversight by trained security professionals. Many banks also rely on MSSPs to comply with regulatory mandates. February 14, 3:00 a.m. PST AOL patches serious Winamp bug Users of America Online Inc.'s Winamp 5.12 media player are being told to upgrade their software following the release of malicious code that could be used to take over a Winamp user's system. January 30, 3:07 p.m. PST Hackers lurk in AMD Web site Users of Advanced Micro Devices Inc.'s (AMD's) microprocessors may want to think twice before looking for technical support on the company's Web site. Customer support discussion forums on the forums.amd.com site have been compromised and are being used in an attempt to infect visitors with malicious software, an AMD spokesman confirmed Monday. January 30, 12:39 p.m. PST Startup Mu Security looks to lock down code A Sunnyvale, California, startup backed by US$4 million in venture funding and a team of former Juniper Networks Inc. executives says that it has developed a way to make networking products and applications more secure. Mu Security Inc. says it will soon begin selling a new vulnerability assessment product that lets technology vendors and enterprise developers test their products with known hacker techniques, allowing them to fix bugs before products are put into use. January 27, 11:03 a.m. PST State CIOs need more IT security support from DHS The U.S. Department of Homeland Security (DHS) must improve its support for U.S. state and local governments so they can better protect their IT infrastructures from attackers, two organizations of top IT officials said Wednesday. January 25, 2:57 p.m. PST Cisco patches a number of products Cisco Systems Inc. has patched a number of security vulnerabilities affecting its routers and Call Manager software, some of which could be used to launch a DOS (denial of service) attack against the products. January 19, 11:52 a.m. PST WMF warnings: I wasn't crying wolf By coincidence, I was checking my e-mail at the exact moment (7:31 p.m. EST, Dec. 27, 2005) when a new Microsoft Windows zero-day exploit (the WMF buffer overflow exploit) was announced in an anonymous e-mail to Bugtraq. Here’s the e-mail with the URL modified to prevent unknowledgeable readers from accidentally launching the malware: January 6, 3:00 a.m. PST Top technologies of the year Welcome to our first issue of the year. For those of you who took a break, re-entry into the heady universe of work may be a bit discombobulating. Fortunately, last Saturday, the world’s ever-considerate timekeepers saw fit to give us an extra sliver of time -- a leap second-- to prep for the new year. And now, with the pop of the cork (or was that the buzz of a pager?), we’re ready to herald 2006, a potential banner year for the enterprise. January 2, 3:00 a.m. PST Tech reviews for the holidays Even IT takes a holiday now and then. Same goes for the InfoWorld staff, which chills out by taking a one-week break following the publication of this, our 51st and final issue of the year. December 19, 3:00 a.m. PST MCI launches security risk management service MCI is introducing a security risk management service to help enterprises take proactive action against systems threats and vulnerabilities, the company announced Tuesday. December 6, 5:05 a.m. PST Sony stops shipping controversial DRM code One day after hackers released malicious software that used controversial Sony BMG Music Entertainment copy-protection software to attack computers, Sony has decided to stop shipping the product, the company said Friday. November 11, 1:15 p.m. PST Maspro pushes Wi-Fi 5 kilometers Maspro Denkoh, a Japanese manufacturer of wireless communications equipment, has developed a transmission system that can send Wi-Fi signals as far as 5 kilometers. October 5, 4:41 a.m. PDT Security event managers rule the roost See editor's note at end of review September 23, 3:00 p.m. PDT Microsoft aims to host regular hacker meetings Microsoft is working on plans to make a recent hacker meeting held on its Redmond, Washington, campus a twice-yearly event, according to a spokesman for the vendor's security group. August 1, 4:56 p.m. PDT ITM peers inside the inside threats Oakley Networks’ ITM (Insider Threat Manager), an unobtrusive server-agent solution, provides enterprisewide monitoring of workstations and laptops, even those used remotely or wirelessly. Because ITM blocks policy violations at the source -- before the information ever reaches your network -- it promises to be one of the more effective ways to stop intentional and unintentional insider data leaks. June 20, 5:00 a.m. PDT GSM operators welcome rejection of EU data retention rules BRUSSELS - GSM Europe, the umbrella group representing 148 mobile operators, on Thursday welcomed a vote this week by the European Parliament to reject planned data retention rules for telecommunications service operators. June 10, 11:41 a.m. PDT The "simple" truth about security It all sounds so simple. You save your data to a tape cartridge. When you have enough cartridges, you put them in a box and send them off to be stored. May 13, 5:00 a.m. PDT Fear and loathing at Interop “What happens in Vegas, stays in Vegas” may be the rule for gamblers and dance club denizens, but I hope you’ll forgive my passing along a few newsworthy items from the Interop show in that dusty desert outpost. May 9, 5:00 a.m. PDT The consultant's view Steve Manzuik is an independent IT security consultant. March 28, 6:00 a.m. PST The CTO's perspective Kevin Bernstein is CTO of platinum capital group. March 28, 6:00 a.m. PST How to hire an IT security consultant Outsourcing IT security is all the rage these days. It’s cheaper and more efficient, the prevailing theory goes, to farm out functions not directly related to your organization’s core competencies. If you make nickel-plated widgets, for example, your staff must be expert in manufacturing, nickel-plating, and selling widgets, not in keeping 14-year-olds out of your network. March 28, 6:00 a.m. PST Secure architectures Thanks to complex perimeters, sophisticated application-level threats, and regulations that hold CEOs and CIOs accountable for company data, security must now be regarded as more than a bunch of technologies tacked onto the network. “Companies are realizing they must approach security at the enterprise level,” says Rich Caralli, senior member of the technical staff at the CERT Coordination Center’s survivable enterprise management group. “Rather than chasing the latest threat, they’re working on identifying and securing directly the core business processes and information assets essential to the company mission.” March 11, 3:00 p.m. PST > Security |
|
|
||||||||||||||||||
