Web Security From A New Perspective
By Sean Wilkins, Contributor at CIOZone
Cisco’s existing product lines offer a number of different appliance options which allow companies the ability to block the various web based threats in existence. The problem that this type of solution has is that it does require constant tweaking of the filtering and analysis settings as well as someone to constantly keep an eye on current events as zero-day attacks become more prominent.
DoS Attacks and Continuity of Operations
By Sean Wilkins, Contributor at CIOZone
These types of attacks are typically launched from computer robots (bots) which are exploited computers which have an Internet connection. These bots are then directed by central controllers to do the tasks assigned. These tasks vary but can include initiating a DDoS attack on a specified target. Now when the combined bandwidth of thousands of bots comes into play, any company can have their Internet connectivity partially or completely blocked.
Broadcasting Vulnerabilities Hinders Security
By Tom Groenfeldt, Technology Journalist - Contributor at CIOZone
The way most of the vendors do PC security makes it very easy for the bad guys to circumvent their software pretty quickly, said John Viega, vice president of engineering at McAfee and author of a new book, The Myths of Security: What the Computer Security Industry Doesn’t Want You to Know. The technologies generally have not gotten good enough fast enough, and there hasn’t been the best collaboration between vendors, even though they do collaborate, he added. They are getting better, but some vendors, who market by publicly announcing vulnerabilities in popular software packages, do more to hurt than help…
Report: China Probing Soft Cyber Underbelly
By Tom Groenfeldt, Technology Journalist - Contributor at CIOZone
In China today, there are thousands of people in a sustained effort to collect intelligence, many of them on an entrepreneurial basis within a competing bureaucratic structure. China understands that a strategic vulnerability of the United States is its soft cyber underbelly. I believe they seek to ‘own’ that space, says Mike McConnell, former director of National Intelligence and director of the NSA.
TSA Breach is a Nightmare for Holiday Travel
Laura Wilson, JD, CISA
This week’s revelation that the Transportation Safety Administration exposed its rules for airport security screening online is outrageous. As holiday travel ramps up, the possibilities and repercussions are horrifying. Coupled with the huge rise in information security breaches across many sectors and rampant identity theft, the TSA’s breach sets the stage for potential disaster.
Massive TSA Security Breach Revealed
By BRIAN ROSS and MATT HOSFORD of ABC News
In a massive security breach, the Transportation Security Agency (TSA) inadvertently posted online its entire airport screening procedures manual, including some of the most closely guarded secrets regarding special rules for diplomats and CIA and law enforcement officers.
Cyber Liability Insurance Mitigates Exposure
By Laton McCartney, Editor at CIOZone
CIOs are starting to embrace the idea of protecting against the risk that comes about as the unintended consequence of Web 2.0 technology. At the same time, data is becoming increasingly regulated, which is creating new exposures, particularly in the areas of data privacy and reputational risk,” Drew Bartkiewicz, vice president of cyber and new media risk at The Hartford, tells CIOZone’s Latom McCartney.
Ten Most Damaging Data Breaches of 2009
By Laton McCartney, Editor at CIOZone
Every week for the past four years the Privacy Rights Clearing House has been chronicling data breaches on a weekly basis. “These are the mega-breaches that can skew the figures in terms of the number of people victimized,” says Paul Stephens, PRCH’s director of policy and advocacy. Here are the ten biggest, most damaging and most embarrassing breaches to date this year.
SaaS and the Need for Enterprise Architecture
Coby Royer, Technical Product Manager for Symplified
Acquisition and deployment of real solutions is now within grasp of business owners (seemingly) without the need for conventional IT delivery and support. But many questions may go unanswered without engagement of EA, and latent risks (such as compliance and security) may turn into real issues.
Symantec CEO Optimistic About IT Spending
By Cara Garretson, Veteran Business and Technology Journalist
Symantec isn’t the only company to forecast improved enterprise IT spending based on quarterly results in the past few weeks; executives at EMC, IBM, and Intel all spoke positively about IT budgets rebounding in the coming months.
