- Hackers try to blackmail plastic surgeon after stealing 500,000 patient records
- How to keep your smartphone (and its data) secure
- Espionage outpacing financial crime as better reporting improves security picture: Verizon
- Web apps and point-of-sale were leading hacker targets in 2013, says Verizon
- Google introduces Chrome 'factory reset' pop-ups to tackle extensions hijacks
Cloud in pictures
Some cloud storage providers who hope to be on the leading edge of cloud security adopt a "zero-knowledge" policy in which vendors say it is impossible for customer data to be snooped on. But a recent study by computer scientists at Johns Hopkins University is questioning just how secure those zero knowledge tactics are.
For the last couple of years CIOs and CSOs have been fighting to manage the rising tide of personal devices entering the enterprise. But that's changing as people start to bring their own cloud apps and services into the enterprise. BYOC – Bring your own Cloud – is the new challenge.
Given the billions of dollars that have been invested in security over the last decade or so, you'd expect that malware distributors and data thieves to be scurrying away with their tails between their legs. But that's simply not the case.
Technology advances have made it easier to detect subtle, anomalous end-user behavior, such as installation of unusual apps on endpoint devices, or suspicious deviations from baseline activity. This roundtable discussion examines methods to build monitoring, control and context into enterprise insider threat protection efforts – both when dealing with privileged users and regular employees.
Trend Micro has been pushing their Vision 2020 theme for some time now. The online video series "2020" is the story about the near future based on an ICSPA report entitled Project 2020. Rik Ferguson is Trend Micro's Vice President for Product Research. We spoke to him at RSA Conference 2014 about whether the vision of 2020 is coming true.
Going into 2014, a whirlwind of security start-ups are looking to have an impact on the enterprise world. Most of these new ventures are focused on securing data in the cloud and on mobile devices. Santa Clara, California-based Illumio, for example, founded earlier this year, is only hinting about what it will be doing in cloud security. But already it's the darling of Silicon Valley investors, pulling in over $42 million from backer Andreesen Horowitz, General Catalyst, Formation 8 and others.
In the IDG Enterprise Interview Series, you'll hear from technology CIOs and CEOs on today's burgeoning trends, ongoing headaches and upcoming product plans. Check out this informative series from IDG Enterprise Chief Content Officer John Gallant and his team of editors.
As more organisations leverage the Cloud for critical business applications, they are discovering one of the greatest challenges is combining existing internal controls with cloud protection efforts.
If 2013 is the year enterprises begin implementing their hybrid Cloud strategies, as the experts are predicting, then it follows that this will also be the year when hybrid Cloud security takes center stage.
Users and security consultants familiar with the process of securing hybrid clouds have one steady piece of advice to offer: the only way to go is one step at a time.
Whitepapers about Cloud
Cloud computing has fundamentally changed the way businesses and consumers use computers and technology and the way Information Technology (IT) professionals manage those resources. While the cloud has delivered a multitude of benefits to technical and non-technical people alike, there have also been significant downsides to reliance on cloud technology, including unplanned outages and even outright cyberattacks and data theft.
Sign up now »
Ultimate protection for your small or medium-sized business
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.