Features

Workable risk management

Workable risk management

Information security has evolved from safeguarding systems to protecting business services and brands against risk. Senior security executives must closely understand and monitor the level of risk exposure a company has, how the latest threats impact their risk exposure, which system vulnerabilities and access violations represent an actual exploit risk, and what risks will enter into play with new technology and business initiatives.
Chris Babel Jul 6 2006 9:25PM Security
Access in a compliance world

Access in a compliance world

Regulatory pressures continue to shape the demand for "more security" in IT operations. Sarbanes-Oxley is being implemented with a fair bit of grumbling, but it has caused many organizations to strengthen their security posture. CIOs who were previously stymied in their efforts to implement security programs can now wave the "Sarbanes-Oxley flag" to justify their IT investments.
Mary Ann Jul 6 2006 9:17PM Security
Got something to say?

Got something to say?

Send your comments, praise or criticisms to scfeedbackus@haymarketmedia.com. We reserve the right to edit letters.
Staff Writers Jul 6 2006 9:14PM Security
What pill can I take for cyber insecurity?

What pill can I take for cyber insecurity?

Ahhhhh, the internet. We are hooked, and we better be prepared for the consequences. Real dollars are being lost, identities are being stolen, botnets are running rampant, consumer ATM cards are being compromised, spam is jamming our inboxes, the press is reporting stories that contribute to consumer cyber fears, and mankind again finds itself waging a protracted war — this time against internet insecurity.
Kevin Mandia Jul 6 2006 8:31PM Security
Good Business Practice -Scapegoat or Superstar

Good Business Practice -Scapegoat or Superstar

The World Cup is upon us and so for the next four weeks life comes to a standstill. Already meetings are being planned for the week after the final as everyone assumes that his or her team will feature on July the 10th.
Calum Macleod Jun 20 2006 10:48AM Security
No heroes or villains in McKinnon case

No heroes or villains in McKinnon case

To the United States Department of Justice, Gary McKinnon is a suspected criminal; to a growing number of people in the UK, his country of birth, he’s some kind of hero. The lone hacker from Crouch End that dares to take on the might of a bullying superpower.
Paul Fisher Jun 15 2006 11:26AM Security
Debate: Is there evidence of innovation in the information security industry any more?

Debate: Is there evidence of innovation in the information security industry any more?
Dr. Steve Jun 15 2006 11:07AM Security
.xxx could have marked the spot

.xxx could have marked the spot

At first, the idea to sell a new .xxx domain name suffix to online porn vendors seems rational. Any site using the new suffix would be instantly recognisable by web filters and blocked, if required. Good news for parents, businesses and schools – and an industry seeking to position itself as an acceptable, even necessary, part of Western civilisation.
Paul Fisher Jun 15 2006 10:37AM Security
VoIP threats must be faced

VoIP threats must be faced

“Tell me what you want, and I’ll find a solution. I have many datacentres and options...”
Chris Boyd Jun 15 2006 10:17AM Security
It’s time to restrict user rights

It’s time to restrict user rights

Most of the best ideas in IT security – indeed, security in general – have been around for a long time. One that is all too often forgotten is the concept of “least privilege”, or using the bare minimum level of access to get the job done.
Nick Barron Jun 14 2006 5:22PM Security
Smartcard technology just the start

Smartcard technology just the start
Staff Writers Jun 12 2006 5:09PM Security
The wolf in Granny’s bed

The wolf in Granny’s bed

The latest concern is custom malware that targets internal desktops, writes Gunter Ollmann
Gunter Ollmann Jun 12 2006 4:31PM Security
Simon Janes

Simon Janes

The former head of the UK’s Computer Crime Unit tells Ron Condon why it’s time someone helped smaller companies protect themselves
Ron Condon Jun 12 2006 3:47PM Security
Living without wires

Living without wires

Is WPA really the answer to the problem of insecure corporate wireless networks? Maybe, but as Rob Buckley discovers, it's not that simple
Rob Buckley Jun 12 2006 12:26PM Security
Make your people aware

Make your people aware

Properly planned and executed staff education makes employees more responsible and reaps tangible business benefits. Paul Hansford reports
Staff Writers Jun 12 2006 11:50AM Security
Cover story: Hard to decipher

Cover story: Hard to decipher

The break-neck speed and frequency with which corporate data breaches are happening these days has most enterprise executives racing to avoid becoming the next headline.
Ericka Chickowski Jun 6 2006 8:13PM Security
The switch is on

The switch is on

Tarron Weir and Joseph Raquel might well be "poster boys" for the Secure Sockets Layer (SSL) virtual private network (VPN) movement. In fact, their experience with the latest in secure remote-access technology more or less epitomizes what’s going on in the VPN marketplace right now.
Jim Carr Jun 6 2006 8:05PM Security
Back to school

Back to school

The message is clear for employees at the 19 Exchange Bank branches scattered across Sonoma County in California: Protect valuable customer information or risk damaging the financial institution’s good name.
Dan Kaplan Jun 6 2006 7:58PM Security
Remote control wars

Remote control wars

Monitoring an illicit Internet Relay Chat (IRC) channel recently, Nicholas Albright couldn’t believe what he was seeing. First, he observed a network operator sending commands to install keyloggers on thousands of compromised, remote-controlled computers. Then, all this private data started flying over the channel — HIPAA-protected medical information, financial account numbers, usernames and passwords.
Deb Radcliff Jun 6 2006 7:47PM Security
The race to reduce insider threats

The race to reduce insider threats

As part of the recent Infosecurity Europe 2006 Conference in London, a Hackers’ Panel included the likes of Gary McKinnon — also known as Solo, who could be extradited from the U.K. to the U.S. for allegedly hacking into various military and NASA systems. A less covered session, however, hit upon a problem that has existed for ages but that seems to still get short shrift in enterprises today: insider threats.
Illena Armstrong Jun 5 2006 10:45PM Security

Log In

  |  Forgot your password?