Web Security From A New Perspective
By Sean Wilkins, Contributor at CIOZone
Cisco’s existing product lines offer a number of different appliance options which allow companies the ability to block the various web based threats in existence. The problem that this type of solution has is that it does require constant tweaking of the filtering and analysis settings as well as someone to constantly keep an eye on current events as zero-day attacks become more prominent.
Convenience Legitimizes Big Brother Security
By Michael O’Connor, President of IronClad Consulting
Despite the fact that CDI has inherent weaknesses, as do all of the prior fraud prevention technologies, it is providing tremendous benefit to many companies, ranging from credit and loan issuers to social networking sites to online retailers. This is especially true when layering it with other effective technologies.
DoS Attacks and Continuity of Operations
By Sean Wilkins, Contributor at CIOZone
These types of attacks are typically launched from computer robots (bots) which are exploited computers which have an Internet connection. These bots are then directed by central controllers to do the tasks assigned. These tasks vary but can include initiating a DDoS attack on a specified target. Now when the combined bandwidth of thousands of bots comes into play, any company can have their Internet connectivity partially or completely blocked.
Broadcasting Vulnerabilities Hinders Security
By Tom Groenfeldt, Technology Journalist - Contributor at CIOZone
The way most of the vendors do PC security makes it very easy for the bad guys to circumvent their software pretty quickly, said John Viega, vice president of engineering at McAfee and author of a new book, The Myths of Security: What the Computer Security Industry Doesn’t Want You to Know. The technologies generally have not gotten good enough fast enough, and there hasn’t been the best collaboration between vendors, even though they do collaborate, he added. They are getting better, but some vendors, who market by publicly announcing vulnerabilities in popular software packages, do more to hurt than help…
Anti-Money Laundering for Crime and Terror
By Michael O’Connor, President of IronClad Consulting
With criminal money laundering law enforcement can trace events from the crime to the money. However, terrorist methodology uses money to fund an activity which has not yet taken place. Enforcement efforts are placed on stopping the crime before it occurs. The challenges are at opposite ends of the spectrum.
Report: China Probing Soft Cyber Underbelly
By Tom Groenfeldt, Technology Journalist - Contributor at CIOZone
In China today, there are thousands of people in a sustained effort to collect intelligence, many of them on an entrepreneurial basis within a competing bureaucratic structure. China understands that a strategic vulnerability of the United States is its soft cyber underbelly. I believe they seek to ‘own’ that space, says Mike McConnell, former director of National Intelligence and director of the NSA.
Open Source Software Design Spurs Growth
By Semyon Dukach, Author and Angel Investor
A moral argument can be made that for any large organization to maintain wealth and power, competitive barriers must be erected to prevent young start-ups from moving in too quickly and eroding the margins. Some barriers such as price fixing or dumping goods below cost have been ruled illegal, but others have been encouraged due to their social benefits, and include trade secrets, copyrights, patents, and proprietary software and business processes. No such moral argument can apply to non-profits. A non-profit is supposed to be driven solely by its mission.
Shared Threat Monitoring Protects Enterprise
By Michael O’Connor, President of IronClad Consulting
Ideally, both government and private sectors would contribute to the system, which would provide real-time updates and warnings concerning devices that were previously known to be used in fraudulent activities. An intrinsic benefit of CDI is that it does not hold Personally Identifiable Information (PII) within it. The privacy concerns become moot.
Revolving Door of Abuse: Procurement Fraud
By Michael O’Connor, President of IronClad Consulting
Kellogg, Brown & Root (KBR) was responsible for the kickback fraud that occurred in the US v. Khan case, and has been the focus of many other cases of procurement fraud within the LOGCAP project. Since combat operations began in 2001, DCAA has referred to criminal investigators 32 cases of suspected fraud that were associated with all wartime-support contracts. Of those, the vast majority were related to the Logistics Civil Augmentation Program.
