How A Security Company Applies Security

By Larry Ketchersid, Chairman and CEO at MediaSourcery

Similar to security assessments, network architecture designs and other projects, a development project, such as this one involves the exchange of confidential data, including in this case, intellectual property designs, requirements documents, test plans, code fragments and road maps. We could have chose to exchange these documents over email, or printed them out and sent them next day parcel post. Instead, we ate our own dogfood and utilized IslandPKI encrypted document and message transfer…

Lest We Forget About Enterprise Security

By Shubhendu Parth, CTO Forum Team

Are CIOs spending less time on supervising what they should be doing the most—strengthening the citadel and securing the digital assets—particularly when corporate wide cyber crimes and espionage have started to show a quantum jump even in developing economies like India? Security may be a key thing that worries CIOs, but there are other things that keep him occupied these days.

Security Assurances are Challenge for CIO’s

From the CTO Forum Team

In an exclusive interview with the CTO Forum, Tom Clare, Sr. Director Product Marketing Blue Coat Systems, cautions CIO’s about the ignorance towards the growing web-based security threats and prescribes simple remedies to prevent from damages.

Optimizing Multiple Enterprise Applications

From the CTO Forum Team

Enterprise applications choke the corporate IT networks, and the blame invariably falls on bandwidth scarcity. Jeff Barker, VP solutions and Technical Marketing at Blue Coat Systems, talks exclusively to Rahul Neel Mani about application optimization and secured delivery.

Strategies for Secure Storage Initiatives

From the CTO Forum Team

As part of their storage security strategy, enterprises must understand the value of such intellectual property in combination with the risk tolerance of the organization before they can address how to appropriately secure it and store it. Moreover, because the value of information changes over its lifetime, so should its storage.

Heartland (HPY) Implements E2EE System

From Heartland Payment Systems

“Monday’s successful test involved Zones 1, 2, 3 and 4,” detailed Steven M. Elefant, Heartland’s executive director of end-to-end encryption. “We believe that protecting data in these zones alone will significantly impact the protection of cardholder data.

Anti-Phishing with Two Factor Authentication

By John B. Frank, Strategist with HomeATM ePayment Solutions

According to research firm, Gartner, banks, online payment organizations and other financial institutions are bearing most of the financial cost of phishing attacks. (A survey of nearly 4,000 US consumers revealed a 40% increase in the number of phishing victims in 2008 over the year before to five million.) “The findings underline the fact that the war against phishing is far from over,” said Avivah Litan, analyst at Gartner. Yes, the very same Avivah Litan who says “never” enter your PIN on the Internet unless it’s hardware based.

Security Risks Accompany New Technologies

By John B. Frank, Marketing Strategist with HomeATM ePayment Solutions

RSA and IDG released two new research studies that examine the far-reaching security implications of promising technologies such as cloud computing, virtualization, social networking and mobile communications, and explore the pivotal business risks and rewards they represent to organizations worldwide.

ISR News: Hackers Destroy 100k Websites

Excerpts From The Register

A large internet service provider said data for as many as 100,000 websites was destroyed by attackers who targeted a zero-day vulnerability in a widely-used virtualization application.

Data Sniffing Trojans Hit European ATMs

By Dan Goodin in San Francisco for the Register UK

The malware logs the magnetic-stripe data and personal identification number of cards used at an infected machine and provides an intuitive interface for retrieving the information using the ATM’s receipt printer, according to analysts from Spider Labs, the research arm of security firm Trustwave. Since late 2007 or so, there have been at least 16 updates to the software, an indication that the authors are working hard to perfect their tool.

Next Page »

• Categories

  • Anthony M. Freed (26)
  • Bill Brenner (2)
  • Bob Violino (1)
  • Bozidar Spirovski (23)
  • Breach (540)
  • Britt Womelsdorf (5)
  • By Dr. InfoSec (2)
  • Cara Garretson (7)
  • CCCNews (1)
  • Chorey Taylor & Feil (8)
  • Christophe Veltsos (2)
  • Christopher Burgess (7)
  • CIOZone (26)
  • Class Action Lawsuit (111)
  • Cloud computing (104)
  • Coby Royer (5)
  • CTO Forum (9)
  • D&O Liability (592)
  • Daniel Wallace (5)
  • Danny Lieberman (11)
  • DataLine (10)
  • David Alexander (2)
  • Derek Crawford (1)
  • Doug Pollack (7)
  • due diligence (301)
  • Fame Foundry (1)
  • FEATURE ARTICLE (428)
  • Financial (578)
  • Fred Leland (7)
  • Gene Kim (3)
  • Government (364)
  • Greg George (5)
  • H1N1 (15)
  • hackers (530)
  • healthcare (125)
  • Heather Bourgoin (1)
  • HomeATM (8)
  • identity-theft (526)
  • IDExperts (17)
  • Ike Z. Devji (1)
  • Infosec Island Network (29)
  • Insider Threat (481)
  • Internet Crime Complaint Center (1)
  • Internet Security Alliance (62)
  • ISR News (321)
  • Jacqueline Herships (2)
  • Jenni Hesterman (3)
  • John M. Salomon (2)
  • John Watkins (7)
  • John-Patrick Skaar (2)
  • Kaliber Data Security and Compliance Consultants (3)
  • Kat Sanders (2)
  • Ken Leeser (3)
  • Kevin L. Jackson (10)
  • Kevin M. Nixon (21)
  • Larry Ketchersid (1)
  • Laton McCartney (7)
  • Lauren Taylor (1)
  • Linda McGlasson (1)
  • malware (492)
  • Mark Smail (1)
  • Mark Wright (1)
  • Mel Duvall (3)
  • Michael Eggebrecht (3)
  • Michael Lohr (1)
  • Michael O'Conner (4)
  • MicroSolved (1)
  • Mike Duncan (3)
  • Mike Meikle (4)
  • Mike Spinney (1)
  • Military (202)
  • national security (444)
  • PCI (299)
  • PCI Security Standards Council (32)
  • Physical Security (11)
  • privacy (543)
  • Rachel James (10)
  • reach (2)
  • Rebecca Herold (16)
  • Richard Stiennon (44)
  • Robert Siciliano (34)
  • Sarbanes-Oxley (493)
  • ScamStop (2)
  • Sean Wilkins (2)
  • Semyon Dukach (1)
  • Simon Heron (14)
  • Software Associates (11)
  • Steven Fox (19)
  • SUPERAntiSpyware (3)
  • Sybase (6)
  • Symplified (5)
  • The Jester (8)
  • The Privacy Professor (16)
  • Thomas R. Fox (8)
  • Tom Groenfeldt (2)
  • Tom McLain (2)
  • Trefis (14)
  • Tripwire (18)
  • Uncategorized (621)
  • virtualization (92)
  • Webcast (49)

• ISR Headline Index

  • DoS Attack Reveals Widespread Vulnerabilities
  • Study Shows Employees Put Data at Risk
  • Tracking Google’s Script Kiddie Hackers
  • Newbie Introduction to Digital Forensics Part 2
  • Simple Log Review Checklist Released
  • Press F1 for Help? Microsoft Zero Day Threat!
  • A Newbie’s Introduction to Digital Forensics
  • Security Best Practice: Trust But Verify…
  • Google, Adobe, and Big Oil Under Attack!
  • Building your OWN Malware Lab (Part 2)
  • How Twitter Spam Steals From Google, Yahoo!
  • Tech Stocks Week in Review Featuring iPad
  • DoD Endorses Certification for Hackers
  • Risk Based Enterprise Compliance Programs
  • Data Loss Prevention Has Jumped the Shark

• Recent Comments

  • Ryan Aslett on Data Loss Prevention Has Jumped the Shark
  • Tom on (Lack Of) Encryption and The HITECH Act
  • ADMIN on Patriot Hacker Hits Jihad With DDoS Attacks
  • Robert Siciliano on Data Loss Prevention Has Jumped the Shark
  • Karen J. Cox on Data Loss Prevention Has Jumped the Shark
  • Scot McLeod on Outsourcing Breach Response Lowers Costs
  • John Marke on Gartner Tells CIOs to Embrace Social Media
  • Social Engineering and Enterprise Security | CIO – Blogs and … | Enterprise Engineering Addict on Gartner Tells CIOs to Embrace Social Media
  • From Russia, With Smartphones on Top 8 Social Media Security Threats
  • Judith Hoffman on Scam Alert: Rogue Gmail Account Phishing
• 
  

  Information Security Resources

  Top network security blogs