Opinion News, Features, and Interviews
I have been reading about the upcoming retirement of support for the Microsoft Server 2003 operating system (OS). One author felt that organisations will probably mismanage the retirement of the OS, like many did with the retirement of Windows XP.
The recent mega-breach experienced by US retail brand Target was devastating to the company and its customers. Executives, including the CIO and the CEO, got the sack because of it.
Think of the perfect attack like the perfect murder. It must be planned carefully and meticulously then executed systematically and flawlessly. Remember all the small detail in Hitchcock’s “The Rear Window”? No-one would have noticed anything or even missed the victim if it weren’t for Jimmy Stewart, who, with a broken leg had nothing better to do all day than to gaze out his rear window.
Heartbleed wasn't just an interesting Internet security story. It was a sign that one of the most fundamental building blocks relied on by many large companies was significantly flawed. Even more staggering was the revelation that the OpenSSL open source code library, that is responsible for SSL communications between systems, had another flaw that went undetected for over a decade.
A recent report released by the World Economic Forum (WEF) focused on the Global Agenda for 2014 and the top 10 trends facing the world. As one might expect, topping the list were globally pertinent and vital topics like; growing societal tensions in the Middle East and North Africa; income disparity around the world; and ongoing unemployment.
Amit Yoran was the Department of Homeland Security's first director of the National Cyber Security Division of the Information Analysis and Infrastructure Protection office. But by September 2004 he was frustrated by what he saw as a lack of concern and commitment to Internet security. So he quit his post.
There are significant differences between state and federal privacy legislation. CIOs who deal with government agencies or other public sector organisations must determine the privacy laws applicable to them – and how best to accommodate them.
As Cyber Monday approaches, research suggests a majority of workers will use their work computer to shop this holiday season. But despite the continued growth in online shopping, employees and business still don't understand the risk.
They are etched into the conventional wisdom of IT security, but are these 12 articles of faith (to some) actually wise, or are they essentially myths? We've assembled a panel of experts to offer their judgments.
Ten years ago, Michael Riva was network administrator for a top-five American consultancy. Employees were downloading graphic pictures and videos onto the network. Riva told his boss a proxy server with content filtering might be in order; his boss laughed and suggested they put in a bigger file server instead.
Traditional ways of doing business have changed. Or, to be rather brutally accurate, they have been disrupted.
I remember the days when hacking was something that people did because they could. It wasn’t quite done for fun, but people wanted to show off their computer skills. More often than not, hacking was harmless, someone broke into a system and left a little calling card, but beyond that there was very little damage done. It was for the thrill as much as anything.
The security landscape today is highly complex, which can largely be attributed to the increasingly sophisticated nature of cyber attacks, particularly from an execution perspective. DDoS attacks, for example, are now reaching speeds of up to 400Gbps, targeting both the network and application layer.
Once there were mainframes that were standalone systems, fed by punch cards and teletypewriters. They had tight roles, based on access control models, often externalised to the operating system and application.
Human factors have always been the bane of security professionals, and social engineering is also high on the list of factors requiring mitigation measures and controls. Yet their very nature makes them highly variable – humans will always work out circumvention to a control if it makes their lives easier.
Sign up now »
RSA offers a wide range of strong two-factor authentication solutions to help organizations assure user identities and meet compliance requirements.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.