Can a hacker burn down your business by remotely setting one of your printers on fire? Researchers at Columbia University have recently <a href="http://www.pcworld.com/article/245175/hp_laserjet_printers_vulnerable_to_attacks_researchers_warn.html">proposed such a scenario</a>, although HP quickly denied that it's possible. However, even if your printers can't be used as remote firestarters, there are many risks involved in networking a printer.
If you're ready for a technical deep dive in a book, the Cisco Networking Technology Series provides that in its collection of volumes on topics that include Cisco firewalls, Cisco Unity Connection voice-messaging platform, Cisco Contact Center, <a href="http://www.networkworld.com/news/2009/073009-ipv6-guide.html">IPv6</a> and more. Here's a quick review of the books published in this series by Cisco Press this year.
This is a continuation of the <a href="http://www.csoonline.com/article/686312/cloud-architecture-questions-to-ask-your-provider-for-reliability">previous cloud deployment article</a> where I created architectural questions that enable a consultant to understand what products are used to support a corporation's top 10 critical applications. Once these product lists are created, it is much easier to map private or public cloud products that can support these same applications.
As a CSO and CIO you may be wondering why I crafted a diagnostic related to understanding your most critical web products. The original purpose of the diagnostic was to discern which applications and how applications are ported successfully to a service provider's cloud. The diagnostic determines which cloud IaaS products (storage components, network components, and virtualization machines) are needed for an application. It addresses the platform components (server/operating system and web server) in the PaaS layer. Lastly, it focuses on the SaaS software application.
If enterprises want to understand how they can better invest in security defenses, build the necessary processes to respond to attacks, and mitigate the risks of a breach they need to get threat intelligence right.
Australian intelligence agency Defence Signals Directorate (DSD) has urged government agencies to conduct a risk assessment to determine the viability of Cloud computing technology before jumping head first.
For all the talk of Cloud computing, the governance issue remains, for many enterprises, the great unknown. Cloud computing inevitably impacts business processes, making governance vital to managing risk and adapting to take advantage of new opportunities.
Critical enterprise information is leaking onto mobile devices whose risk of loss or theft is much higher than it is for PCs at the office.
The ideal information security environment is different depending on who you talk to. Your typical security engineer may say it must have firewalls, intrusion detection or any number of security focused technologies. Meanwhile a security tester may suggest that it is conducting penetration testing to provide assurances that security widgets are working well.
Targeted attacks are penetrating standard levels of security controls and causing significant business damage to enterprises that do not evolve their security controls, according to Gartner vice president and analyst, John Pescatore.
A data-breach-investigations <a href="http://www.csoonline.com/article/679874/verizon-advanced-persistant-threat-is-overblown">report issued by Verizon</a> earlier this year found 71 percent of all <a href="http://www.csoonline.com/article/677537/industry-searches-for-lessons-after-rsa-breach">hacking attacks</a> on business take place using remote access or desktop service.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of</a>.
Wi-Fi is inherently susceptible to hacking and eavesdropping, but it can be secure if you use the right <a href="http://www.networkworld.com/topics/security.html">security</a> measures. Unfortunately, the Web is full of outdated advice and myths. But here are some do's and don'ts of Wi-Fi security, addressing some of these myths.
Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint
Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.
Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation
CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)
Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana