Gartner Tells CIOs to Embrace Social Media

March 1, 2010 by ADMIN · 2 Comments

By Laton McCartney, Editor at CIOZone

Has someone been putting strange substances in the drinking water at Gartner’s Greenwich, CT headquarters? Some of their analysts are beginning to sound like New Age gurus on a mission to bring peace, love and harmony to the corporate world. Consider these words of wisdom recently imparted by Gartner analysts to clients at an Orlando conference…

Measuring Hidden Costs of Cloud Computing

February 21, 2010 by ADMIN · Leave a Comment

By Chris Curran, CTO Forum Team

Many companies across industries are still working on getting beyond the usage costs for cloud computing to understand the complete costs of migrating, implementing, integrating, training, and redesigning the surrounding and supporting people, processes, and architecture. In fact, three examples from companies that we are working with demonstrate how different details can lead to the same conclusion: uncertainty about the hidden costs of cloud computing…

Afraid of the Cloud? Ask the Right Questions

February 11, 2010 by ADMIN · 2 Comments

By Greg George, Managing Partner of GTI Advisors

What if your vendor is acquired, are there assurances in your service agreement allowing you to opt out if you choose to – if so, will all your data be deleted? What if you vendor is acquired by a company based in a foreign country? Maybe the acquiring company ceo, also a peoples republic of china communist party official, will assure you your data has been deleted. All in all – right now, using SaaS simply comes down to a judgment call, what is in the best interest of your firms operations: ease of access, work flow and cost benefits vs. associated risks…

Sorting Out Social CRM Options for Business

February 8, 2010 by ADMIN · Leave a Comment

By Dylan Persaud, CTO Forum Team

According to Peter Greenberg, the author of CRM at the Speed of Light, social CRM is a philosophy and a business strategy, supported by a technology platform and designed to engage a customer in a collaborative conversation in order to provide mutually beneficial value in a trusted and transparent business environment…

Avoiding Enterprise Software Vendor Lock-In

February 3, 2010 by ADMIN · Leave a Comment

By Bozidar Spirovski, CISSP, MCSA, MCP

Large enterprises rely on software products. And as everything else in large enterprises, the software products are large, complex, cumbersome and nearly unchangeable. This last attribute is better known as vendor lock-in. Software vendors love vendor lock-in.

On Privacy and Cloud Computing Challenges

January 20, 2010 by ADMIN · Leave a Comment

By Rebecca Herold (The Privacy Professor) CIPP, CISSP, CISM, CISA, FLMI

Businesses need to scrutinize the information security and privacy programs and practices of vendors and other business partners, and the cloud computing tools, applications and services should be viewed no differently. If your business is entrusting critical processing and data to another entity, you should first ensure it is trustworthy, secure and will meet your organization’s compliance obligations…

Cloud Computing Still Only In Its Infancy

January 18, 2010 by ADMIN · 1 Comment

By Gyana Ranjan Swain, CTO Forum Team

In an exclusive conversation with Gyana Ranjan Swain, Salesforce.com’s APAC Regional Marketing VP (APJ) Jeremy Cooper talks about the potential for and the technological advancements in Cloud Computing…

2009 Infosec Threat Analysis Summary

January 13, 2010 by ADMIN · Leave a Comment

By Simon Heron, CISSP Internet Security Analyst

Three million new threats were identified in 2009, which equates to almost one every 10.8 seconds. 2,905,697 threat signatures were released to protect against new or variant threats, an increase of 6.9 per cent from 2008. Most spam and malware originates from botnets and compromised hosts. There’s been a move away from mass-mailed spam and malware of old, to more targeted vulnerability exploits as cyber-criminals look towards more efficient means of carrying out their attacks. These examples highlight the need for all companies to review security policies for the applications and software that they permit people to access via their corporate networks or work computers.

Cell Phone Tapping: GSM Encryption Hacked

January 11, 2010 by ADMIN · 1 Comment

By Michael Coats for Information Security Short Takes

GSM cellular networks in the US and Europe use the A5/1 stream cipher meant to ensure cellular calls cannot be listened into by unauthorized parties monitoring radio traffic. However, the guarantee of privacy is no longer ensured. New attack techniques were unveiled at the Hacking at Random conference in The Netherlends which would allow an attacker to decrypt cellular calls made over a GSM network. The attacker only needs the new software and about $500 in radio monitoring equipment.

Broadcasting Vulnerabilities Hinders Security

January 10, 2010 by ADMIN · 2 Comments

By Tom Groenfeldt, Technology Journalist - Contributor at CIOZone

The way most of the vendors do PC security makes it very easy for the bad guys to circumvent their software pretty quickly, said John Viega, vice president of engineering at McAfee and author of a new book, The Myths of Security: What the Computer Security Industry Doesn’t Want You to Know. The technologies generally have not gotten good enough fast enough, and there hasn’t been the best collaboration between vendors, even though they do collaborate, he added. They are getting better, but some vendors, who market by publicly announcing vulnerabilities in popular software packages, do more to hurt than help…

Categories
- Anthony M. Freed (26)
- Bill Brenner (2)
- Bob Violino (1)
- Bozidar Spirovski (23)
- Breach (540)
- Britt Womelsdorf (5)
- By Dr. InfoSec (2)
- Cara Garretson (7)
- CCCNews (1)
- Chorey Taylor & Feil (8)
- Christophe Veltsos (2)
- Christopher Burgess (7)
- CIOZone (26)
- Class Action Lawsuit (111)
- Cloud computing (113)
- Coby Royer (5)
- CTO Forum (9)
- D&O Liability (601)
- Daniel Wallace (5)
- Danny Lieberman (11)
- DataLine (10)
- David Alexander (2)
- Derek Crawford (1)
- Doug Pollack (7)
- due diligence (310)
- Fame Foundry (1)
- FEATURE ARTICLE (428)
- Financial (587)
- Fred Leland (7)
- Gene Kim (3)
- Government (373)
- Greg George (5)
- H1N1 (15)
- hackers (539)
- healthcare (134)
- Heather Bourgoin (1)
- HomeATM (8)
- identity-theft (535)
- IDExperts (17)
- Ike Z. Devji (1)
- Infosec Island Network (38)
- Insider Threat (490)
- Internet Crime Complaint Center (1)
- Internet Security Alliance (71)
- ISR News (321)
- Jacqueline Herships (2)
- Jenni Hesterman (3)
- John M. Salomon (2)
- John Watkins (7)
- John-Patrick Skaar (2)
- Kaliber Data Security and Compliance Consultants (3)
- Kat Sanders (2)
- Ken Leeser (3)
- Kevin L. Jackson (10)
- Kevin M. Nixon (21)
- Larry Ketchersid (1)
- Laton McCartney (7)
- Lauren Taylor (1)
- Linda McGlasson (1)
- malware (501)
- Mark Smail (1)
- Mark Wright (1)
- Mel Duvall (3)
- Michael Eggebrecht (3)
- Michael Lohr (1)
- Michael O'Conner (4)
- MicroSolved (1)
- Mike Duncan (3)
- Mike Meikle (4)
- Mike Spinney (1)
- Military (211)
- national security (453)
- PCI (308)
- PCI Security Standards Council (32)
- Physical Security (11)
- privacy (552)
- Rachel James (10)
- reach (11)
- Rebecca Herold (16)
- Richard Stiennon (44)
- Robert Siciliano (34)
- Sarbanes-Oxley (502)
- ScamStop (2)
- Sean Wilkins (2)
- Semyon Dukach (1)
- Simon Heron (14)
- Software Associates (11)
- Steven Fox (19)
- SUPERAntiSpyware (3)
- Sybase (6)
- Symplified (5)
- The Jester (8)
- The Privacy Professor (16)
- Thomas R. Fox (8)
- Tom Groenfeldt (2)
- Tom McLain (2)
- Trefis (14)
- Tripwire (18)
- Uncategorized (621)
- virtualization (101)
- Webcast (49)

Information Security Resources