Stories about: Bill

While external data breaches involving household brand names such as TJX tend to grab more headlines, insider data thefts are emerging as compliance and reputational risks for organizations. Recent studies suggest that over 60 per cent of data breaches originate from an internal source or event. One reason for this is that in today's data-rich environment organizations continue to struggle with the 'human element' at the heart of data security. It can be extremely difficult to balance the protection of sensitive data with granting access to employees who need it to complete their daily job requirements. To that end, organizations have implemented several new security measures including employee education programs, data access monitoring, and strict policies regarding USB ports and portable devices. Although these are steps in a positive direction, little has been done to study and understand how the data is exploited once it leaves an organization.

If you want to know about the latest malicious rootkit, ask security researcher Dino Dai Zovi. He'll tell you all about his proof of concept rootkit called Vitriol that uses virtual machine instructions in Intel processors to hide a rootkit at the virtualization layer.

There were 6 a.m. calls from Finnish certificate authorities and also some pretty harsh words from his peers in the security community, even an accidentally leaked Black Hat presentation, but after managing the response to one of the most highly publicized Internet flaws in recent memory, Dan Kaminsky said Wednesday that he'd do it all over again.

A network administrator has allegedly locked up a multimillion-dollar computer system for the city of San Francisco that handles sensitive data, and he is refusing to give police the password

For those of us who make our living behind a keyboard in IT, it's hard to imagine a more time-tested vulnerability than the end-user. Armed with network access, these IT viruses wreak havoc nearly everywhere you look -- havoc borne of tech idiocy.

Security issues often seem to smolder more than burn, but these six are certainly capable of lighting a fire under IT professionals at a moment's notice. Handle with care.

Local victims of Nigerian online scams now have a new ally in the fight against fraud with a partnership between the Queensland Police Service, Nigeria's Economic Financial Crimes Commission (EFCC), and industry.

A controversial bill to make wiretapping easier for law enforcement was shot down by Senate last week.

Microsoft late Friday denied that vulnerabilities in its Web and SQL server software had been exploited to hack hundreds of thousands of Internet pages.

Sweeping reforms will make it easier than ever for law enforcement to intercept communications if amendments to the Telecommunications (Interceptions) Act are agreed upon by a Senate standing committee.

This is a transcript of a keynote address presented at the RSA Conference on Thursday by Dave Hansen, corporate senior vice president and general manager for CA's Security Management Business Unit. The address is titled: "Strategic Security: The Evolving Role of the Security Professional."