Features
Spam and patents are issues to resolve now
This month we are tackling the issue of junk mail and spam. While unsolicited advertising is annoying, it has become the CSO’s problem as HR departments face off with users who receive offensive messages, business services grind to a halt, and outright scams grow in number.
Jun 23 2004 3:08PM
Security
Training, certification or experience? A security dilemma.
People who complain about certifications really get me wound up - especially when they hold no certifications of their own but do hold positions where they can wield power against people who have them. I suppose it could be argued that some people can buy their certifications, but on the whole a lot of hard work is required to pass exams and it is on this very topic that my tale begins.
Jun 22 2004 10:03AM
Security
Why are people ignoring the danger posed by blended threats?
Cisco’s recent announcement that it will incorporate Trend Micro virus and worm technologies with its intrusion-detection system software used on its routers and switches, is excellent news for anyone concerned with IT security. With the rise of more sophisticated attacks – blended threats - a more proactive approach to security is not just necessary, but vital. This is an approach we've been taking for two years now, so it’s always pleasing to see Cisco validating our market by adopting it in such a way.
Jun 21 2004 4:40PM
Security
Ex-hacker: the unspoken, dirty little secret - part 1
I rarely make a bet, but if you asked me if I'd bet my bottom dollar on a firm employing a hacker to assess their security risk, I'd only accept on the basis that they would not. Hiring a hacker to assess the security risk of an organisation is something that fewer than 64 per cent of ISO's are willing to consider. That's hardly surprising when the risks are analysed alongside the statistics; viruses and hackers cost businesses worldwide somewhere in the region of $1.5 trillion. That said, organisations that are unwilling to hire a hacker face one increasing problem; hiring a hacker is not always a conscious decision.
Jun 21 2004 4:03PM
Security
Meeting the challenges of securing your business
Events in the news during the past few years have taught us all many lessons. However, the primary lesson that all businessmen should have learned, is the need to keep their businesses secure in an ever changing and increasingly malevolent world. From fears about Y2K to the tragic events of September 11, the need for heighten security is readily apparent. Heightened alert is a worldwide status.
Jun 15 2004 12:21PM
Security
In search of a better approach to secure e-mail
The volume of internet traffic generated by an ever-increasing number of applications, including e-mail, Instant Messaging (IM), web services, Voice over IP (VoIP), and other network transactions is growing unabated. Together with these applications has come an associated proliferation in the number of user identities within enterprises – e-mail addresses, IM handles, VoIP telephone numbers, all of which need to be managed. Concurrently, companies are under increasing scrutiny to adhere to government regulations and other compliance requirements to protect the privacy of customers, employees, and their personal data.
Jun 15 2004 12:13PM
Security
Managing information security in modern commercial environments
We began this series of articles with the observation that recent advances in the area of network technology and the success of the Internet have resulted in a new business model. This new model has resulted in a number of new challenges in the area of information security which, although largely understood, are only partially resolved. As a result, information security-related risk has been growing rapidly in the last few years and companies will need to take a more proactive stance to managing this risk in order to continue to enjoy the benefits that technological advances have made possible.
Jun 15 2004 12:09PM
Security
Keys to addressing the data privacy mandate
Enterprises worldwide are spending approximately $20 billion per year on IT security, yet very costly breaches continue to occur. In large part, this is because security efforts have mainly been focused on network security rather than data privacy. Data privacy is the process of securing critical data as it is being stored, transmitted, and used within the enterprise.
Jun 8 2004 12:02PM
Security
The case for intrusion prevention
There have been many cases reported in both trade and national press recently about the increasing threat of cyber attacks, and the methodology employed to exploit vulnerabilities in security implementations. Despite this increased emphasis on the reality of the threat, many organisations are ignoring the advances in security products and technologies that can significantly increase their resistance to these attacks.
Jun 8 2004 11:42AM
Security
Managing information security in modern commercial environments
Previous articles in this series have outlined the challenges facing the present-day information security manager, presented an approach to meeting these challenges and analysed the purpose of the consolidation phase in some detail. We now turn our eyes to the second phase of the approach – the strategic planning cycle.
Jun 8 2004 11:37AM
Security
Review: SecureLogin Single Sign-On
We are all familiar with the concept of single sign-on, where a user undertakes a single authentication process for access to multiple applications, thus significantly reducing the password nightmare which is a reality for many enterprise users.
Jun 5 2004 12:00AM
Security
