|
|
Free Newsletters
|
|
|
|
|
|
IT trainer offers master's degree for hackers In an effort to produce the next generation of chief security officers and IT systems defense experts, an online training company is offering a new master's degree program in security science. Security vendors bring zombie fighters to life Data leakage prevention might currently be the hottest IT security submarket, but vendors are also tuning up their product offerings to help customers ward off the presence of botnet-infected zombie computers.  October 4, 3:41 p.m. PDT Security experts pitch 'culture of data' The companies that are having the most success in advancing their data security efforts today are those that are finding a way to protect sensitive information without getting in the way of business users, industry experts maintain. September 25, 2:53 p.m. PDT Security outsourcing on the rise As one of the world's largest outsourcing providers, Wipro Technologies is ramping up its security services business in a big way. September 20, 2:30 p.m. PDT Fear of insider threats hits home The more money that companies spend on securing their IT operations from external attack, the more it seems they become aware that the potential threat posed by their own employees remains their most significant risk. September 18, 10:42 a.m. PDT Cisco says acquisitions don't impede best-of-breed Cisco executives speaking at the ongoing Security Standard Conference claim that the networking giant hasn't sapped innovation in the security companies it has acquired in its efforts to add to its own expanse of IT systems-defense products, while some customers clearly feel otherwise. September 10, 4:38 p.m. PDT Forrester security show stresses risk management Enterprise security decision makers have long been more likely to be swayed by flashy new technologies than by the notion of comprehensive IT restructuring to protect data and other corporate assets, but the situation is evolving rapidly, according to experts participating in Forrester Research's ongoing Security Forum. September 5, 11:33 a.m. PDT Germany implements security plan to protect IT infrastructure with The German government has agreed to implement a sweeping set of security measures aimed at protecting critical IT infrastructure in the country. September 5, 9:35 a.m. PDT China denies its military hacked Pentagon network China Tuesday denied allegations that its military hacked a Pentagon network in June -- the second time in as many weeks that the country has responded to charges of sponsoring computer attacks. September 5, 5:54 a.m. PDT FBI: Enterprises need counterintelligence The Chinese government has denied involvement in a series of hacks carried out against IT systems at the Pentagon in June this week, but the threat of technology-driven espionage has forced the FBI to push businesses and academic institutions to better prepare for such attacks. September 4, 3:45 p.m. PDT Intel's vPro chips in more security for businesses With the introduction of its latest vPro microprocessors on Monday, Intel contends it is injecting a heavy dose of new security capabilities for the benefit of business customers and third-party technology providers alike. August 27, 8:00 a.m. PDT Intel adds desktop NAC to latest chips Intel's move to provide new integration with NAC (network access control) tools in its latest vPro desktop processors could provide interesting opportunities for use with the device authentication systems while further strengthening the technology standards it supports, according to industry watchers. August 27, 8:00 a.m. PDT Security SaaS maturing fast Security technologies delivered via the SaaS (software-as-a-service) business model may still be in their nascent stage, but some early adopters are already piecing together multiple offerings to outsource a significant portion of their IT systems defense infrastructure. August 22, 11:06 a.m. PDT Pundits on parade: What’s next in tech You’ve heard of Christmas in July, that classic advertising gimmick designed to lure shoppers into stores despite the oppressive heat and humidity. We’ll, we’ve got New Year’s in August, which invites you to stay indoors and read “The next big things in IT” -- 15 predictions about the future of technology. August 20, 3:00 a.m. PDT Sourcefire acquires ClamAV open-source anti-malware project Network security specialist Sourcefire announced Friday that it has acquired ClamAV, an open-source gateway anti-malware project whose technologies are used in the products of a number of other vendors. August 17, 8:58 a.m. PDT Apps security to dominate Black Hat Black Hat kicks off this week in Las Vegas with a big shift in focus from Internet viruses to application security. July 31, 3:00 a.m. PDT Organized crime infiltrates financial IT In Martin Scorsese's hit movie "The Departed," actor Matt Damon plays the part of a mole -- someone who helps his connected mob friends stay a step ahead of the cops by becoming one of the very law enforcement officials assigned to stop them. July 23, 11:14 a.m. PDT Average zero-day bug has 348-day lifespan, exec says The average zero-day bug has a lifespan of 348 days before it is discovered or patched, but some vulnerabilities live on for much longer, according to security vendor Immunity's chief executive officer. July 9, 5:10 a.m. PDT Microsoft.co.uk succumbs to SQL injection attack A hacker successfully attacked a Web page within Microsoft's U.K. domain on Wednesday, resulting in the display of a photograph of a child waving the flag of Saudi Arabia. June 29, 5:24 a.m. PDT HP-SPI deal underscores apps security integration Hewlett Packard's acquisition of Web applications security specialist SPI Dynamics on June 19 illustrates a growing demand among enterprise customers to have vulnerability-scanning tools integrated into their software development platforms. June 19, 12:07 p.m. PDT Homeland Security to detail IT attacks Officials from the U.S. Department of Homeland Security will hold a hearing on Capitol Hill on June 20 to discuss the findings of an investigation into the agency's own problems in battling electronic attacks and IT systems intrusions. June 15, 11:26 a.m. PDT Experts: Botnets add fault tolerance Security experts contend that a growing number of operators of compromised computer networks (or "botnets") are finding new ways to grow their networks and make them immune to potential shutdowns, including sophisticated fault-tolerance planning to help ensure that their networks can't be easily wiped out. June 7, 12:00 a.m. PDT App developers finally securing code On Aug. 14, IT security training and research authority SANS Institute will convene its inaugural set of exams for software developers seeking to attain its new secure coding certifications. The rise of such initiatives -- and increasing adoption of source code vulnerability scanning tools among internal software development teams -- are finally making a difference in overall applications security, some end users and industry experts contend. June 6, 4:14 a.m. PDT Microsoft unveils integrated security Microsoft shared details of its long-term security product strategy as part of its ongoing TechEd 2007 training conference on June 4, lifting the lid on plans to deliver an integrated suite of its software by mid-2009. June 4, 7:24 a.m. PDT Companies open wallets for secure data An annual VanDyke Software-sponsored survey of IT network and systems administrators finds that businesses have increased their spending on secure data communications technologies and also have undertaken significant work to improve their internal processes to benefit security. May 22, 11:42 a.m. PDT Microsoft, TCG get closer on NAC The Trusted Computing Group (TCG) is tying its authentication software standard to Microsoft's proprietary network access protection platform -- a move that leaders in the network access control (NAC) segment tout as a major step toward getting products made by different vendors to work together. May 21, 8:20 a.m. PDT Deepwater churns around unencrypted data The most sensitive and highly classified data communicated over the nation's internal computer networks remains at risk for exposure, according to key witnesses in the government's investigation into the United States Coast Guard's Deepwater procurement program. May 17, 11:33 a.m. PDT IBM pitches risk management strategy IBM unveiled a new IT governance and risk management strategy on May 15 that it will market to enterprise customers as a means to weave together security and compliance projects to ease planning and help drive down related expenses. May 15, 12:42 p.m. PDT Social Security, spyware bills go to House vote The House Energy and Commerce Committee unanimously approved a pair of bills on May 10 that aim to bolster consumers' protection against misuse of their social security numbers and computer-borne spyware. May 11, 11:23 a.m. PDT IBM criticizes TippingPoint over hacking contest IBM's ISS division has torn into rival TippingPoint for sponsoring the hacking contest that led to the disclosure of a QuickTime vulnerability in Apple's Safari browser. May 11, 9:31 a.m. PDT Symantec pitches rootkit tech as Veritas validation Some industry watchers may still question why Symantec moved to acquire storage software maker Veritas for $10.2 billion in 2004, but the fruits of the companies' combined labors are already proving the deal as a winner, according to executives with the massive security firm. May 9, 4:26 p.m. PDT Infrastructure security powers up He may not have known it at the time, but Lonnie Charles Denison helped prove the need for tighter security at many infrastructure businesses when he launched a multifaceted attack against California Independent System Operator, a quasi-governmental agency responsible for management of the state's power grid. May 9, 4:17 a.m. PDT Document shell code attacks loom large Targeted attacks that utilize vulnerabilities in popular document file formats and execute via hard-to-find shell code are becoming an increasingly popular menace, according to researchers at IBM's Internet Security Systems division. May 2, 12:37 p.m. PDT Making sense of Websense's SurfControl buyout Websense's $400 million buyout offer for rival network filtering specialist SurfControl should help position the two companies for short-term growth and possible acquisition in the future, according to market watchers. May 1, 11:27 a.m. PDT Rootkits: The next big enterprise threat? Late at night, a system administrator performed a routine check of a crashed server, one of 48 systems comprising a major online infrastructure that generated about $4 million per month in revenue. He was a bit surprised that the system had gone down, as it had been humming for months without any indication of being prone to crashing. The check uncovered three encrypted files. The administrator called on MANDIANT to analyze them. April 30, 3:00 a.m. PDT Large enterprises still serving up spam Well-known enterprise companies are still having their IT systems hijacked by spammers despite investing in many different types of technologies aimed at stopping the problem. April 17, 3:04 p.m. PDT P2P worms get their turn Massive networks of infected computers controlled by attackers worldwide will serve as a powerful engine for the new breed of so-called P2P worm that is currently echoing across cyberspace. April 16, 11:17 a.m. PDT Bottom line impact of data breaches unclear Despite the fact that unwanted exposure of consumer data has become a hot-button issue in the media and among legislators nationwide, experts admit that it remains unclear just how much damage the events will cause to the finances and reputations of companies that experience major incidents. April 13, 3:01 p.m. PDT More security OEM deals to come With enterprises demanding more tightly integrated security products than ever before and pressure increasing on vendors in the space to offer as many tools as possible to win deals, experts say that an increasing number of technology providers will turn to licensing agreements to help increase their marketability. April 12, 3:57 p.m. PDT McAfee: Cyber-crime will continue to pay The latest research report from McAfee's Avert Labs paints a frightening picture for enterprise IT administrators and end-users, predicting continued maturation of cyber-crime and the technological means being used to carry out external attacks. April 10, 9:00 p.m. PDT Debate lingers over federal data-handling laws Even as the federal government appears poised to create new consumer data protection laws in 2007, businesses and privacy advocates in the United States remain at odds over the parameters of such legislation and its potential impact. April 3, 6:59 p.m. PDT ShmooCon hacker event gets under way The third annual ShmooCon convention kicked off in Washington, D.C., on March 23 and will run throughout the weekend with a series of lectures and presentations covering a wide range of enterprise security issues. March 23, 2:12 p.m. PST TJX stolen data used in Florida crime spree Law enforcement officials in Florida have arrested six individuals suspected of carrying out a fraud scheme built around the misuse of credit card data stolen from retailer TJX Companies. March 21, 9:25 a.m. PST More IT war stories Off the Record, the real-world slice of life that graces the last page of InfoWorld, is one of our most popular columns. I know this from reader surveys and from all the e-mail I receive about it. As reader Roland Sickenberger put it recently, “It’s my favorite part of the magazine, kind of like a ‘Dilbert come to life’ thing.” March 5, 3:00 a.m. PST US government readying massive cybersecurity test The U.S. Department of Homeland Security (DHS) is planning a large-scale test of the nation's response to a cyberattack to be held in early 2008. February 12, 12:04 p.m. PST Women in technology: A call to action A quick scan of almost any IT department -- from the trenches to the corner office -- confirms it: Women who embrace technology as a lifelong career remain a rare breed. To be sure, opportunity for women in technology has advanced in the past few decades, as have education initiatives aimed at leveling the playing field, but for every woman rising to prominence or embarking on a profession in IT, there seems to be another opting out of her career in technology. January 29, 3:03 a.m. PST Back to school: Getting girls into IT Despite the success of various education initiatives in the past several years, there’s little doubt that the shortage of women in technology begins on the playground. As such, many industry leaders and experts believe the long-term solution to the gender imbalance in IT lies in women technologists going back to school -- way back, to high schools and even elementary schools to mentor young girls, who too often give up on math and science at an early age. January 29, 3:02 a.m. PST Activism provides competitive advantage for IT Encountering another woman working in technology was a rare event for me when I started out in IT many years ago. In the years since, women have made significant strides, sometimes against great odds, proving their mettle as both tech execs and engineers. January 29, 3:01 a.m. PST Gender crisis in IT You don’t need a degree in statistics to recognize that IT is a men’s club. Just walk the floor of any tech conference or, in all likelihood, your own office — XY chromosomes everywhere you look. January 29, 3:00 a.m. PST Technology of the Gods January is named after Janus, the two-faced Roman deity of beginnings and endings, who reportedly was able to look both forward and back. So for our Jan. 1 issue, we pay homage to the mythological immortal with our seventh annual Technology of the Year Awards, an analysis of where IT has been and where it’s going in 2007. January 1, 3:00 a.m. PST Review of reviews It’s coming up on closing time for 2006. All around us, everyone is going into holiday mode. Not to be curmudgeonly contrarians, InfoWorld will be following suit, taking a one-week break before returning on Jan. 1 with our first print issue of the year. (It’s really only a semi-hiatus; InfoWorld.com will continue to perk over the holidays with a slightly reduced slate of stories.) December 18, 3:00 a.m. PST Ten security trends worth watching In a keynote speech that was webcast at last month's Hack in the Box Security Conference in Kuala Lumpur, Malaysia, Bruce Schneier, chief technology officer of U.S.-based managed security services provider Counterpane Internet Security, identified 10 trends affecting information security today. October 18, 4:29 a.m. PDT Q1 hones in on network events Prior to releasing the QRadar SEM (security event manager), Q1 Labs was one of a handful of vendors actively competing in the NBAD (Network Based Anomaly Detection) market. NBAD works by maintaining service profiles on every network device. Policies are configured to define normal operations for a given type of network host; anything beyond those profiles is noted as an anomaly. May 25, 3:00 a.m. PDT Determina pre-hacks applications against intruders Malicious hackers are constantly exploiting software vulnerabilities. Vendors and IT staff alike spend countless hours racing to update protection signatures and install patches before their exposed systems can be compromised. It’s a never-ending battle that favors the hackers. May 15, 3:00 a.m. PDT Tech startups to watch Startups are back! or at least, startup fever is back. Scan the latest numbers from PricewaterhouseCoopers and you won’t find any hockey sticks -- the level of investment in enterprise-related technology startups has actually remained fairly flat, hovering between $1.5 and $2.3 billion per quarter from 2003 through 2005. May 15, 3:00 a.m. PDT Product previews EMC rolls out entry SAN and archiving software EMC introduced the EMC clariion AX150 and AX150i storage systems and the EMC Documentum Archive Services for Email and Archive Services for Reports. The AX150 systems, available with Fibre Channel or iSCSI connectivity, support as many as 10 host servers and scale from 750GB to 6TB of SATA II storage. Pricing starts at $5,600. The new Archiving Services offerings are based on a unified archiving platform for collecting, retaining, securing, and discovering all kinds of information, including e-mail, reports, documents, images, Web content, video, and transactional data. Prices vary by configuration. EMC Clariion AX150 and EMC Documentum Archive Services, EMC April 10, 3:00 a.m. PDT RSA - FBI director: Cyber threats 'fluid and far-reaching' Hacker hunters need to develop new techniques to take on the latest generation of sophisticated and better-organized cyber criminals. That's what U.S. Federal Bureau of Investigation Director Robert Mueller told attendees of the RSA Conference 2006 in San Jose, California, Wednesday. February 15, 3:45 p.m. PST For banks, security compliance goes only MSSP-deep In the financial industry, third parties often guard the vault. For example, MSSPs (managed security services providers), such as the company I work for, deliver vital resources and expertise to many small to midsize banks. These services include firewalls and intrusion management, secure electronic document delivery, and oversight by trained security professionals. Many banks also rely on MSSPs to comply with regulatory mandates. February 14, 3:00 a.m. PST U.S. DHS completes large-scale cyber exercise The U.S. Department of Homeland Security (DHS) has completed the first full-scale government-led cyber attack simulation, and officials there called the exercise a "significant milestone." February 10, 1:05 p.m. PST Hackers lurk in AMD Web site Users of Advanced Micro Devices Inc.'s (AMD's) microprocessors may want to think twice before looking for technical support on the company's Web site. Customer support discussion forums on the forums.amd.com site have been compromised and are being used in an attempt to infect visitors with malicious software, an AMD spokesman confirmed Monday. January 30, 12:39 p.m. PST State CIOs need more IT security support from DHS The U.S. Department of Homeland Security (DHS) must improve its support for U.S. state and local governments so they can better protect their IT infrastructures from attackers, two organizations of top IT officials said Wednesday. January 25, 2:57 p.m. PST WMF warnings: I wasn't crying wolf By coincidence, I was checking my e-mail at the exact moment (7:31 p.m. EST, Dec. 27, 2005) when a new Microsoft Windows zero-day exploit (the WMF buffer overflow exploit) was announced in an anonymous e-mail to Bugtraq. Here’s the e-mail with the URL modified to prevent unknowledgeable readers from accidentally launching the malware: January 6, 3:00 a.m. PST Top technologies of the year Welcome to our first issue of the year. For those of you who took a break, re-entry into the heady universe of work may be a bit discombobulating. Fortunately, last Saturday, the world’s ever-considerate timekeepers saw fit to give us an extra sliver of time -- a leap second-- to prep for the new year. And now, with the pop of the cork (or was that the buzz of a pager?), we’re ready to herald 2006, a potential banner year for the enterprise. January 2, 3:00 a.m. PST Tech reviews for the holidays Even IT takes a holiday now and then. Same goes for the InfoWorld staff, which chills out by taking a one-week break following the publication of this, our 51st and final issue of the year. December 19, 3:00 a.m. PST MCI launches security risk management service MCI is introducing a security risk management service to help enterprises take proactive action against systems threats and vulnerabilities, the company announced Tuesday. December 6, 5:05 a.m. PST Fiorina pops up on security company's board Carly Fiorina has kept a low profile since being dismissed as president and chief executive officer of Hewlett-Packard last February, but apparently has no intention of abandoning the technology industry altogether. On Thursday, Herndon, Virginia, security vendor Cybertrust is expected to announce that Fiorina has been appointed to the company's board of directors. October 27, 4:09 a.m. PDT Security event managers rule the roost See editor's note at end of review September 23, 3:00 p.m. PDT US industries: We take cybersecurity seriously WASHINGTON, D.C. - While lawmakers decried a lack of concern in the U.S. about cybersecurity issues, representatives of the electricity, communications and other so-called critical infrastructure industries on Thursday said they take the potential for cyberattacks seriously. September 15, 2:55 p.m. PDT Internet sieges can cost businesses a bundle When the first extortion e-mail popped into Michael Alculumbre's inbox, he had no idea it was about to cost his business nearly $500,000. August 25, 8:10 a.m. PDT The consultant's view Steve Manzuik is an independent IT security consultant. March 28, 6:00 a.m. PST The CTO's perspective Kevin Bernstein is CTO of platinum capital group. March 28, 6:00 a.m. PST How to hire an IT security consultant Outsourcing IT security is all the rage these days. It’s cheaper and more efficient, the prevailing theory goes, to farm out functions not directly related to your organization’s core competencies. If you make nickel-plated widgets, for example, your staff must be expert in manufacturing, nickel-plating, and selling widgets, not in keeping 14-year-olds out of your network. March 28, 6:00 a.m. PST Managing security in a compliance-crazy world The laws seem to be shooting out of Congress like arrows aimed at the hearts and budgets of IT administrators across corporate America. Sarbanes-Oxley, HIPAA, Gramm-Leach-Bliley, Basel II, and a host of other regulations are pushing IT security management into extremely difficult and potentially expensive territory. March 18, 3:00 p.m. PST Secure architectures Thanks to complex perimeters, sophisticated application-level threats, and regulations that hold CEOs and CIOs accountable for company data, security must now be regarded as more than a bunch of technologies tacked onto the network. “Companies are realizing they must approach security at the enterprise level,” says Rich Caralli, senior member of the technical staff at the CERT Coordination Center’s survivable enterprise management group. “Rather than chasing the latest threat, they’re working on identifying and securing directly the core business processes and information assets essential to the company mission.” March 11, 3:00 p.m. PST IT tackles phishing This article has been modified from its original version. Certain quoted material has been removed because its veracity could not be confirmed. January 21, 3:00 p.m. PST Reeling in the phishers Phishers beware. IT is watching you watching them. The FBI is out to get you jailed, too. January 21, 3:00 p.m. PST Phishing ploys reflect savvy technical skills This article has been modified from its original version. Certain quoted material has been removed because its veracity could not be confirmed. January 21, 3:00 p.m. PST DOD cyber sleuths swap secrets in Florida The U.S. Department of Defense (DOD) is making changes to streamline its response to online threats across the various branches of the military, and deal with a steady stream of new online woes, from hacking attempts to child pornography and threats posed by powerful portable storage devices such as iPods, according to senior DOD officials. January 12, 2:10 p.m. PST Skybox updates risk management wares BOSTON - New software from Skybox Security will help companies monitor their networks and comply with U.S. federal and state data security regulations, and even help them prepare networks for dangerous new Internet worms, according to the company. December 13, 1:07 p.m. PST The top 20 IT mistakes to avoid We all like to think we learn from mistakes, whether our own or others’. So in theory, the more serious bloopers you know about, the less likely you are to be under the bright light of interrogation, explaining how you managed to screw up big-time. That’s why we put out an all-points bulletin to IT managers and vendors everywhere: For the good of humanity, tell us about the gotchas that have gotten you, so others can avoid them. November 19, 3:00 p.m. PST Study finds e-voting irregularities in Florida See correction below November 19, 4:40 a.m. PST Study: Information security field to grow steadily WASHINGTON - The number of cybersecurity professionals is projected to grow at an annual compound rate of nearly 14 percent from now until 2008, according to a study released this week during the Computer Security Institute (CSI) trade show in Washington, D.C. November 9, 1:26 p.m. PST Report: E-voting problems cause loss of votes See correction below November 5, 12:36 p.m. PST Symantec adds threat data to Managed Security Services SAN FRANCISCO - In a bid to expand its services business, Symantec Corp. next week plans to start selling security intelligence data as an add-on to its Managed Security Services. November 5, 11:11 a.m. PST In search of security event standards Integrating SEM (security event management) technology with existing security and system management infrastructure can be a hair-raising experience. Security point products such as IDSes, anti-virus gateways, and vulnerability scanners tend to use proprietary formats for reporting, recording network events, and issuing alerts. And the standard formats that do exist -- such as SNMP and syslog files -- are limited in what they can convey. October 29, 3:00 p.m. PDT Big picture security There was a time when cutting-edge network security meant a firewall on your perimeter and anti-virus software on the desktop. No longer. With the advent of polymorphic Internet worms, application-layer attacks, Trojan horses, adware, spyware, and wireless hacks, the network security picture is more complicated than ever. October 29, 3:00 p.m. PDT New security products 'adapting' to threats As networks increase in size and complexity, security products are growing in sophistication and security threats are becoming more ingenious. October 5, 4:32 p.m. PDT Product Previews Netegrity Strengthens Identity for Web Services Netegrity has released TransactionMinder 6.0, the latest edition of its policy-based identity access management system that extends Netegrity's secure single-sign on, delegated administration, and federated identity and session management capabilities to include Web services and SOAs (service-oriented architectures). The new version offers full support for the WS-Security 1.0 standard out of the box, including XML encryption within the WS-Security framework and support for WS-Security authentication based on SAML (Security Assertion Markup Language) tokens. The product features a proxy mode, which lets TransactionMinder secure Web services running on application servers such as IBM WebSphere and BEA Weblogic. Additionally, XML agents can be deployed on Web servers such as Microsoft IIS or Apache. TransactionMinder is priced at $40,000 per CPU. TransactionMinder 6.0, Netegrity September 24, 3:00 p.m. PDT Product Previews Procera appliance defends against internal network attacks Companies deploy firewalls to protect against outside attacks, but according to Procera Networks, the majority of network threats come from the inside. Procera's answer is the OptimIP 2402 internal network protection appliance, a turnkey device that supports high-speed traffic monitoring, filtering, and analysis over an 8.8Gbps managed backplane. The appliance provides fine-grained access control down to the IP or MAC (media access control) address level, with policies defined on a per-application basis. In addition, it protects against network attacks including ARP (Address Resolution Protocol) poisoning, address spoofing, and distributed DoS attacks that might result from virus or worm infections. According to Procera, the device is compatible with existing network hardware and can be installed in an hour or less. Pricing starts at $3,495. OptimIP 2402 Procera Networks September 10, 3:00 p.m. PDT Security landscape shifts as technologies combine In today's era of perimeter-invading worms, malicious e-mails that don't rely on attachments, and tenacious spyware, safeguarding the enterprise demands a security framework that marshals a more sophisticated combination of technologies. A traditional firewall and an up-to-date virus scanner may no longer be enough. August 27, 3:00 p.m. PDT The shaky state of enterprise security Faced with a seemingly endless onslaught of virulent Internet worms, spam, and e-mail scams, less than half of IT professionals report strong confidence in the security of their enterprise networks, according to the results of the 2004 InfoWorld Security Survey. July 23, 3:00 p.m. PDT Patrolling an always-on network Butch Johnstone looks back at the past year with a mixture of pride and concern when it comes to the issue of enterprise security. July 23, 3:00 p.m. PDT Security: It's time for management to get a clue It’s easy for people to say that they’re extremely or very confident that their IT department’s security is up to par, and it’s even easier for executives to become convinced of a company’s invulnerability to computer-borne attacks. Even though our respondents were no more confident than they were last year, they still seem to be convincing management they know what they’re doing. July 23, 3:00 p.m. PDT Best practices for unified security *Have a clear, strategic plan — including goals and expectations for deployment — developed with broad participation from multiple constituencies. July 2, 3:00 p.m. PDT Shift toward unified security emerges When Delaware State University took a hard look at its campuswide security systems in the late 1990s, it didn’t like what it saw. The school’s 1,800 students used multiple passwords for various campus IT systems. They carried a mish-mash of identity and access cards for the library, residence halls, bookstore, and cafeteria. According to CIO and Assistant Provost Dr. Charles D. Fletcher Jr., “We were experiencing difficulty with keys and significant theft.” July 2, 3:00 p.m. PDT Akamai says attack targeted specific customers One day after an apparent attack on its systems slowed access to leading Web sites such as yahoo.com, google.com and microsoft.com, distributed computing company Akamai Technologies Inc. said that it was the victim of a sophisticated, large-scale attack aimed at specific customer Web sites. June 16, 8:47 a.m. PDT Akamai blames 'global DNS attack' for disruptions A global attack on the DNS (domain name system) caused disruptions affecting customers of Internet hosting company Akamai Technologies Inc., including search engine sites, said Jeff Young, an Akamai spokesman. June 15, 11:59 a.m. PDT Akamai outage hobbles Google, Microsoft, others BOSTON - A service disruption at content hosting company Akamai Technologies Inc. cut off access to some of the Internet's major Web sites Tuesday, including Google.com, and Microsoft.com, according to The SANS Institute's Internet Storm Center. June 15, 8:56 a.m. PDT CSO survey: Companies lack plans in event of attack A majority of security executives surveyed say that their companies do not have plans to cope with the effect of an unconventional terrorist attack, even though most believe that a terrorist attack of some kind is likely in the coming months, according to the results of a poll from CSO magazine released on Wednesday. June 9, 9:57 a.m. PDT CPU-based security for Windows XP, Red Hat Linux coming Microsoft Windows XP Service Pack 2 and the next version of Red Hat Enterprise Linux 3 will support new CPU-based security protections designed to stop incoming malicious executable code from being triggered. June 7, 2:50 p.m. PDT > Security |
|
|
||||||||||||||||||
