Features

Cover story: If once is good, twice is better

Cover story: If once is good, twice is better

A United States federal government agency didn’t need to point out the weaknesses of username and password authentication to E*Trade Financial’s CIO Greg Framke. He already knew that such an antiquated method for validating online banking customers falls short in today’s era of keyloggers and phishing scams.
Ericka Chickowski May 10 2006 8:03PM Security
Avoiding a hostile host

Avoiding a hostile host

Back in the old days, at least by malicious hacking standards, the simplest way to hijack a PC was to compromise the vulnerable entryways of the operating system.
Dan Kaplan May 10 2006 8:03PM Security
Threats for $ale

Threats for $ale

As if dealing with skyrocketing numbers of new vulnerabilities each day is not enough, the IT security world must now brace for a new challenge: an emerging underground vulnerability market that could result in more zero-day attacks.
Dan Kaplan May 10 2006 8:02PM Security
Risky business

Risky business

Call it another unintentional legacy of Enron, WorldCom and other corporate accounting scandals of the past decade.
Frank Washkuch May 10 2006 8:02PM Security
SC Forum: It's almost here

SC Forum: It's almost here

Gain insight and contacts to help achieve your goals as an IT security professional, but act fast.
Staff Writers May 10 2006 8:01PM Security
An integrated approach

An integrated approach

SC Magazine is providing an exclusive look at abridged versions of various chapters included in the just-released Larstan’s The Black Book on Government Security, as part of an agreement with Larstan Publishing.
Doron Cohen May 10 2006 8:00PM Security
Backup tapes can't be neglected

Backup tapes can't be neglected

In 2005, storage security losses frequently garnered a storm of media attention, with one organization losing computer backup tapes with personal information on current and former employees. In another instance, a financial services organization lost several backup tapes, with records detailing the financial information of government employees because an overnight shipping company lost their tapes.
Peter Elliman May 10 2006 7:59PM Security
Andreas Wuchner

Andreas Wuchner

The Novartis security chief is delivering on his mission to create a compliant, globally managed risk system. Ron Condon reports
Ron Condon May 9 2006 4:24PM Security
The strength of the pound

The strength of the pound

One simple way to improve your firm’s password security is incorporating non-US characters. Ken Munro explains
Ken Munro May 9 2006 4:24PM Security
Time to welcome another acronym

Time to welcome another acronym

As a relatively recent recruit to the world of security, I have two overwhelming impressions – first, the enormous number of abbreviations and acronyms, and second, the incredible professionalism and deep knowledge of my colleagues.
Mark Hughes May 9 2006 4:24PM Security
Time to call a spade a spade

Time to call a spade a spade

If you’re paranoid like me, one of your regular daily routines will be a check of your corporate anti-virus to make sure that it is receiving updates regularly. This is not an unreasonable precaution; several times I have seen major brand products silently go into a sulk and stop talking to the update server.
Nick Barron May 9 2006 4:23PM Security
Boards need to pay the cost

Boards need to pay the cost

In our organisations, we need to take a strong lead in many areas. The first is awareness. I remember a commercial where a smirking executive tells an IT engineer that he just opened an email attachment – like he was told not to. We know that sort of thing happens somewhere in our organisations.
Peter Stephenson,CeRNS, May 9 2006 4:23PM Security
Simon Heron, director, Network Box

Simon Heron, director, Network Box

It was almost inevitable that I got into security. I started off as a developer before moving into managing people. There I realised I had an interest in network security.
Staff Writers May 9 2006 4:23PM Security
Cyber-crime gets easier

Cyber-crime gets easier

Last month’s launch of the government’s new Serious Organised Crime Agency (SOCA) was welcomed by many commentators. With a growing threat from international drug gangs and the rise in people trafficking, a need was seen for a national agency with the teeth to tackle organised crime and the human misery it causes.
Paul Fisher May 9 2006 4:23PM Security
Handle risk better and reap the rewards

Handle risk better and reap the rewards

It’s been a busy month. By the time you read this, three highlights of the infosec year will have passed in quick succession: Infosecurity Europe, Jericho Forum’s annual conference and, of course, the SC Magazine Awards, Europe 2006. If you weren’t there on the night, the full list of winners and finalists is enclosed with this issue in the commemorative book of the night. Congratulations to all those who went home with one of the coveted gongs.
Paul Fisher May 9 2006 4:23PM Security
Debate: Should companies use unofficial patches to fix vulnerabilities?

Debate: Should companies use unofficial patches to fix vulnerabilities?
Alan Bentley May 9 2006 4:23PM Security
Protection for hire

Protection for hire

Hosted services are gaining in popularity. But should you put your faith in the people who offer IT security? Robert Jaques reports
Robert Jaques May 2 2006 4:35PM Security
Chance assessment

Chance assessment

It’s time to get real when measuring risk against acceptable loss. Business needs a more intelligent approach, says Gary Flood
Gary Flood May 2 2006 3:10PM Security
Review: Top Layer IPS 5500-50

Review: Top Layer IPS 5500-50

This device incorporates several features in one box. It has real flexibility, with fully adjustable and customisable policies, port configuration, and management screens. It also offers several different report types, which make finding clear information about attacks or network activity easy. Reports can also be created according to a schedule set by an administrator and saved on the device for review later.
Peter Stephenson,CeRNS, May 1 2006 12:00AM Security
Review: TippingPoint 200E

Review: TippingPoint 200E

Since 200E is what we call a learning device, it requires a little time on the network to begin protecting assets.
Peter Stephenson,CeRNS, May 1 2006 12:00AM Security

Log In

  |  Forgot your password?