Features
Forging a national cyber security strategy
In the face of growing threats to its cyber assets, America requires a cohesive and comprehensive plan to protect its vital and most sensitive data. Here, one of the leading decision makers in the federal government IT arena coveys overarching priorities for securing the country's cyberspace.
Mar 6 2006 7:59PM
Security
Spam finds a way
Two years ago, Bill Gates made the brave prediction that spam would soon be “a thing of the past.” But it currently makes up between 60 and 90 percent of the world’s email traffic, and by all accounts is not going away. If anything, this year will see spam reaching new heights.
Mar 6 2006 7:46PM
Security
The Common Vulnerability Scoring System: Get your threat priorities right
Over the years, I’ve seen and used a diverse range of methods to evaluate and explain the risks associated with a particular security threat or vulnerability. Depending on the audience and the nature of the environment being evaluated, there has always been – and always will be – a frequent need to reclassify the severity of a finding. This is particularly relevant when making use of findings derived from automated security tools.
Mar 6 2006 7:04PM
Security
Risks and rewards of a wireless LAN
Wireless local area network (WLAN) technology was deployed at Mount Allison University to enhance on-the-go productivity of our students, faculty, staff and administrators. Whether it’s conducting research, exchanging ideas or gaining access to useful operational information, campus users can now perform such functions in real-time without breaking stride from their daily routines.
Mar 6 2006 6:54PM
Security
Review: SenSage ESA
One of the regular complaints heard from enterprise network staff is how they often struggle to avoid drowning in log files. Threats against compliance, security and uptime are disclosed in event logs, but the staff’s good intentions for investigating those data points collides with the high costs of managing and researching the massive jumble. SenSage clears the way through logjams of enormous size, enabling users to quickly extract hard answers.
Mar 1 2006 12:00AM
Security
Review: eToken
The use of a token offers interesting possibilities for user authentication and single sign-on to multiple applications. For example, various credentials can be stored on a token and released to applications and services as required. The user may then simply remember a single password for the token which, in turn, will take care of the detailed requirements for each application.
Mar 1 2006 12:00AM
Security
Grudging compliance just isn’t enough
Feb 13 2006 10:28AM
Security
Time to stop trusting paper
Everybody loves a good conspiracy, whether it’s alien invasion or security services’ plots to subvert governments. There seems to be no protection against such fascinations with increased education or intelligence (see, for example, Michael Shermer’s book Why people believe weird things).
Feb 13 2006 10:10AM
Security
We all need to shout louder
As the security community starts another year, it is time to take stock of significant accomplishment. According to the second annual (ISC)2 Global Workforce Study, we are becoming a domain in our own right. Ultimate accountability for information security is moving away from IT and the CIO to CSOs and CEOs. There is also an entrenchment of the security department, with 20 per cent of respondents having direct reporting lines here.
Feb 13 2006 10:10AM
Security
Joe Dauncey, lead security consultant, AT&T Business
I got into security about eight years ago as a network configurator for IBM, setting up routers for its Global Network. Then it became part of AT&T. Eventually, I ended up in a unit mediating between the security guys and the network guys.
Feb 13 2006 10:10AM
Security
