Do we need vendor allies in the malware arms race?
The complexity of today’s SOC functions means you probably can’t hire and keep a staff with all the necessary training.
The complexity of today’s SOC functions means you probably can’t hire and keep a staff with all the necessary training.
Holiday travel is no time to drop your guard, especially if you take any electronic devices along.
Is the government desperate, feigning desperation or just staggeringly inept?
The government will press any advantage it gains in its quest to access a terrorist’s phone in ways that threaten privacy for all of us.
Security in the U.S. power sector is taken very seriously. But of course security can always be tighter.
There’s something about a New York cab that lends itself to imparting lessons on technology and security.
At least we’re finally officially in the transition period, but it could last for years.
But we never should have assumed otherwise. Any product can have security holes, and security vendors aren’t exempt.
It’s a matter of getting product developers to overcome their naïveté, ignorance and laziness. Harsh? Yeah, but the truth hurts.
There's so much fear, uncertainty and doubt in the information security world today that many people have become pessimistic about the possibility of keeping all of the bad stuff that's out there out of our systems and networks, or at least detecting it in time to eradicate it before any great harm is done. I'm not one of them. I believe that with the right mix of attitude and aptitude, building a secure enterprise is within anyone's grasp. Will the security be perfect? Of course not. But I think it will be capable of meeting the challenges faced in today's threat environment.
It's always a good idea to point the car in the right direction before pressing the gas pedal, right? Why is it, then, that so many people lose sight of that simple concept?
January 2015 is already winding down, but it's not too late to think about the lessons of 2014. For anyone in information security, 2014 was a year marked by spectacular breaches. It ended with Sony Pictures Entertainment getting its clock cleaned by hackers, <a href="http://www.computerworld.com/article/2865330/fbi-director-again-points-to-north-korea-for-sony-attack.html">quite possibly from North Korea</a>. Wouldn't it be great if 2015 doesn't include the same sort of clock cleaning at your company?
Well that stinks, doesn't it? <a href="http://www.computerworld.com/article/2857134/hackers-demand-sony-pull-the-plug-on-the-interview.html">Sony Pictures goes and scrubs the launch of a $44 million movie</a> after being hacked, potentially by North Korea. Almost reads more like a James Bond plot than a news story, but there it is. And this time, it doesn't seem likely that Bond, James Bond, is going to show up at the eleventh hour to save the day.
Oh no, another zero day is out! No one goes home until it's fixed!
Don't look now, but we've failed to anticipate our attackers' next moves --- again.