tag:blogger.com,1999:blog-127846722024-03-08T06:02:18.092+02:00Interesting, topical & pertinent IT security industry developments for executive & IT management, analysts, strategists, consultants & IT proffesionals who wish to keep abreast of events that could shape the security landscape.Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.comBlogger421125tag:blogger.com,1999:blog-12784672.post-6416905382781909732008-05-15T15:19:00.001+02:002008-05-15T15:21:29.427+02:00

Top-level managers and chief executives often do not realise the impact that IT-security incidents can have on their organisations, according to influential group the British-North American Committee.In a report entitled Cyber Attack: A Risk Management Primer for CEOs and Directors, launched on Wednesday, the British-North American Committee (BNAC) said that chief executives underestimate the

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-74354754829142373222008-05-15T10:37:00.004+02:002008-05-15T11:22:19.069+02:00

The IOS vulnerability threat just ratcheted up a notch with another first - someone has actually developed a malicious rootkit for any version of IOS that runs on Cisco's routers, a development that has placed increasing scrutiny on the routers that make up the majority of the Internet and corporate networking infrastructure. The researcher will unveil his work on May 22 at the EuSecWest

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-30288241206953210482008-04-11T18:39:00.004+02:002008-04-11T18:46:56.115+02:00

Researchers who launched an experimental cyber attack caused a generator to self-destruct, alarming the federal government and electrical industry about what might happen if such an attack were carried out on a larger scale.Some experts fear bigger, coordinated attacks could cause widespread damage to electric infrastructure that could take months to fix. In a previously classified video of the

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-91990474108868438802008-02-28T09:03:00.004+02:002008-02-28T09:26:08.706+02:00

Leading economists have recently increased their projections of a likelihood of an economic recession in the United Kingdom, Japan and the United States. These countries together comprise 42% of the world's gross domestic product (GDP). Even though many other economies are growing quite vigorously it is inevitable they will feel the effects and themselves could be facing difficult economic times

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-56906802604411056232008-02-26T17:56:00.002+02:002008-02-26T18:02:49.346+02:00

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-63994913092614935672007-10-08T17:15:00.000+02:002007-10-08T17:21:21.814+02:00

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1176370836413378702007-04-12T11:20:00.000+02:002007-04-12T11:59:03.996+02:00

I have concluded an analysis of the latest data from the not-for-profit Privacy Rights Clearinghouse. Since February 2005 they have been recording a Chronology of Data Breaches that have been made public since the very first US Data Breach disclosure laws have come into effect.Whilst they are the only worldwide organisation to do this sort of thing (and I'm pretty sure that the US data breach

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com2tag:blogger.com,1999:blog-12784672.post-1156409673358131682006-08-24T10:01:00.000+02:002006-08-24T23:31:35.743+02:00

OPINION PIECEIt was inevitable that ISS would eventually be acquired. As network, systems and security management are all converging, and security technology starts becoming assimilated by the gorillas into networking fabric (Cisco) and operations systems (Microsoft), and the lines between security & network management start to blur, it stands to reason that ISS on its own would eventually be

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1154434635973874792006-08-01T11:17:00.000+02:002006-08-01T14:17:16.286+02:00

We haven't posted something about Ciscogate for quite a while now. However I came across this BlackHat posting dated April 25th 2006 which was quite interesting. It was written by a BlackHat member that works for Gartner.Traditional, monolithic IOS is a proprietary operating system that runs Cisco routing and most switching devices. It has required an image replacement and reboot to upgrade. IOS

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1154423820770920532006-08-01T10:51:00.000+02:002006-08-01T11:17:01.540+02:00

On July 30th, SOX turned four years old. Here is an interesting list of stories associated with SOX over time:Happy birthday, SOXSOX clock ticking for overseas businesses$6Bn US bill for Sarbanex OxleySecurity dominates SOX product spendSOX may push public firms to go privateSOX is too little, too late?Sarbox worsens your security stanceSOX weighs heavily on public companiesQualcomm shares 2

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1154422246665061382006-08-01T10:35:00.000+02:002006-08-01T10:50:46.683+02:00

An interesting 4 part series by Network World on the challenges faced by CISO's (Chief Information Security Officers) trying to promote and sell the merits of information security internally in their organisations. CISO's are having a hard time getting their ideas accepted from the board level down and are just "overpromoted technologists".Consultants suggest that the easiest and best way to

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1153316995486253782006-07-19T15:44:00.000+02:002006-07-19T15:49:55.723+02:00

Two-factor security tokens have always been thought of as the solution to password security woes. But now history has been made with man-in-the-middle attacks being used for the first time to circumvent token security being rolled out by banks at huge costs.Over the past few weeks, approximately 35 phishing Web sites have been set up that use the new attack. They attempt to trick users into

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1152716570252807552006-07-12T16:54:00.000+02:002006-07-12T17:02:50.253+02:00

The first time solution provider Chris Labatt-Simon mentioned network access control to a customer three years ago, the executive was so stunned by the cost and complexity of putting a client on every single machine in his corporate network that he actually burst out laughing. But a few weeks later, after the same customer's network was brought to its knees by a worm introduced from a

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1152701405287148582006-07-12T10:26:00.000+02:002006-07-12T16:52:22.140+02:00

OPINION PIECEA lot is floating around on the Internet about this $2.1Bn aquisition. Some are for it and some are against it. EMC stock has taken a hammering and the management of both companies are having to answer a lot of tricky questions. See EMC/RSA aquisition draws mixed reviews.The main drivers for Storage companies wanting to get into security (such as this aquisition) or Security

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1151624759774469632006-06-30T01:40:00.000+02:002006-06-30T03:24:23.240+02:00

EMC late Thursday confirmed it plans to acquire RSA Security for some $2.1 billion.Under terms of the deal, Hopkinton, Mass.-based storage giant EMC will pay $28 a share for RSA, New Bedford, Mass. The companies anticipate the acquisition will close late in the third quarter or early in the fourth quarter, subject to regulatory approvals and other conditions.The deal is the third large-scale

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1150922095965966382006-06-21T22:21:00.000+02:002006-06-21T22:54:01.880+02:00

You can always tell something big is brewing that will shape our lives in security when the vendor market gets crowded with solutions before standards have been shaped. These 20 companies are giving Cisco Systems and Microsoft a run for their money by bringing network access control (NAC) products to market. The crowded market, coupled with gorillas like Cisco and Microsoft promoting propriatary

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1150899779772645202006-06-21T16:11:00.000+02:002006-06-21T16:22:59.803+02:00

Work pressure has resulted in a lengthy pause of postings, but we will be back shortly with three knowledgeable contributors to content instead of just myself.The 1st 5 months was a worthwhile experiment and vindicated the usefuleness of this blog to over 300 internal Dimension Data security line of business staff as well as over 500 other regular readers, so consider Phase-I complete and

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1139986001344046852006-02-15T08:25:00.000+02:002006-02-15T08:52:18.526+02:00

The most noticeable trends I observed today at the Exhibition centre was Apple iPod giveaways and NAC appliances. And of course over 400 exhibitors and 14,000 conference attendees.The keynotes were delivered by Bill Gates, Art Coviello and Scott McNealy. Gates took opportunity to demonstrate new security features in Vista and signalled the death of passwords as security measures. Nothing

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1139862044466355002006-02-13T22:17:00.000+02:002006-02-13T22:20:44.466+02:00

Faced with regulatory compliance requirements and grueling audits, network managers are turning increasingly to security event management systems (SEM) to detect when policies have been breached.SEM products - from e-Security, Network Intelligence, ScriptLogic, TriGeo and others - have data aggregation and event correlation features similar to those in network management software. These products

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1139861752756178352006-02-13T22:12:00.000+02:002006-02-13T22:15:52.760+02:00

Security products that perform health checks on desktop and laptop computers will be in abundance at this week's RSA Conference. But industry leaders Cisco Systems and Microsoft remain mum about a long-promised integration of their dominant network access control architectures, leaving IT managers wondering whether to go with one of the solutions that is already available or wait for an

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1139861537507099082006-02-13T21:57:00.000+02:002006-02-13T22:12:17.543+02:00

A data security breach involving an undisclosed California retail company has prompted Bank of America to cancel the debit cards of numerous customers, a spokesman for the US' largest bank said on Tuesday.Investigators have traced a recent rash of fraudulent debit-card transactions across the globe to the theft of as many as 200,000 debit records from an office-supply store in California,

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1139860647553925192006-02-13T21:40:00.000+02:002006-02-13T21:57:27.556+02:00

Russian criminal gangs have used sophisticated virus programs to steal more than £600,000 from personal bank accounts across France.The fraud was uncovered after police arrested a dozen Russian gang members and several Ukrainians in Moscow and St Petersburg, according to a report in the Guardian. Victims lost money after their computers became infected with a “sleeper virus" when they opened

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1139860143138521222006-02-13T21:36:00.000+02:002006-02-13T21:49:03.236+02:00

The security industry converges at the annual RSA Conference this week, an event that's moved far beyond its origins as a get-together for cryptogeeks and other insiders. Though still organized by RSA Security, a company with its roots in cryptography, the confab has developed into a showcase for security companies and an annual gathering for IT professionals. This year is the 15th anniversary of

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1139332408548509972006-02-07T19:10:00.000+02:002006-02-07T19:13:28.583+02:00

MOSCOW - Trading was suspended for an hour at Russia's main stock exchange because of a computer virus, officials said Friday. Data processing at the Russian Trading Systems, or RTS, was paralyzed late Thursday as specialists rushed to localize the virus and switch off the infected computer, according to the exchange. No permanent damage was caused and no information was lost.According to RTS

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0tag:blogger.com,1999:blog-12784672.post-1139331816956408682006-02-07T18:55:00.000+02:002006-02-07T19:03:36.956+02:00

Categories : 1cartoon

Dwainehttp://www.blogger.com/profile/12997537303866512369noreply@blogger.com0