Majority of organizations underestimate scope of privileged account security risk: survey
Despite the repeated abuse of privileged accounts in cyber-attacks, organizations continue to have a difficult time identifying and managing these critical vulnerabilities.
CPNI publishes research into insider threats
UK Centre for the Protection of National Infrastructure recently conducted a study into insider threats and has now released a summary report.
NIST issues major revision of core computer security guide
SP 800-53 update takes a more holistic approach to information security and risk management and calls for maintaining ‘cybersecurity hygiene’.
Printers, routers and other Internet-enabled devices being hijacked to participate in cyber attacks
New Prolexic white paper explains how to secure your devices and infrastructure from SNMP, NTP and CHARGEN attacks.
Results of the 2013 Information Security Breaches Survey published
81 percent of respondents reported that senior management had not been able to put in place effective security, even though it was classed a high priority.
The State of Network Security 2013
Poor change management processes lead to network and application outages.
ENISA analyses the Spamhaus attack
Main conclusion is that Internet service providers are failing to apply BCP38 and BCP140 best practice recommendations.
An increase in mobile targeted threats is putting organizations at risk of cyber-espionage
Mobile enterprise management tools are failing to prevent spyware infecting smartphones.
UK government launches public-private sector information sharing partnership on cyber security
The Cyber Security Information Sharing Partnership.
Cyber attacks – a new edge for old weapons
EU cyber agency warns that urgent action is required to combat emerging cyber-attack trends.
US GAO reports on cybersecurity
‘A better defined and implemented national strategy is needed to address persistent challenges.’
Oil and gas process control systems increasingly at risk from cyber attacks
Oil and gas firms globally are increasingly exposed to cyber threats as a result of converging technological, terrorism and political risks, says Marsh.
Cyber attacks on Australian business more targeted and coordinated
The 2012 Cyber Crime and Security Survey Report published this week.
One in five enterprises have experienced an APT attack: ISACA survey
94 percent say APTs represent a credible threat to national security and economic stability, yet most enterprises are employing ineffective technologies to protect themselves.
European Commission publishes cybersecurity strategy
‘An Open, Safe and Secure Cyberspace’ represents the EU's vision on how best to prevent and respond to cyber disruptions and attacks.
Many companies do not give sufficient attention to cyber risks
According to the Meeting the Cyber Risk Challenge report.
Radware releases global security report
Reveals new cyber attack methods uncovering blind-spots unrecognized by security professionals and organizations.
>> More news
Emulating the enemy
Threat emulation is a critical technique in achieving more effective network security. Terry Greer-King explains why.
Consensus at RSA Conference 2013: PKI is under attack
At the recent RSA Conference 2013 in San Francisco, a clear consensus emerged: attacks on the trust established by cryptographic keys and certificates are on the rise and important element in today’s threat landscape.
Five easy steps for implementing a data classification policy
Without classification as the foundation of the information protection strategy, it’s impossible for organizations to know what to protect, says Stephane Charbonneau.
A tiered approach to BYOD control
The practice of employing a layered security model can and should be applied to BYOD says Scott Gordon.
The low hanging fruit of IT security
How smaller organizations can remain secure on limited budgets. By Chris Stoneff.
Could your employees detect and deflect a spear phishing attack?
Why are spear phishing attacks increasing and what can organizations do to prevent falling victim?
Running lights out management without putting your organization’s lights out permanently
LOM is a potent technology which has its uses; however it also poses some potential risks which every enterprise must be aware of.
Digital forensics and its role in protecting the enterprise
Paul Kenyon examines the difference between proactive and reactive digital forensics.
BYOD: it’s time to throw out the rule book
Banning employee devices is not the answer to the BYOD information security challenge, says Grant Taylor.
Information management at the crossroads: is it time for ‘corporate information responsibility’?
Could CIR enhance information risk management?
So you think SharePoint is secure? Think again!
Jamie Bodley-Scott looks at the insecurities Sharepoint introduces and suggests a three dimensional model to stem the resultant flow of data.
Do as I say, not as I do...
Could you bring your company to its knees?
What’s missing from DLP?
Data loss prevention solutions don’t provide an information security panacea but adding PICWIC enhances them, says David Gibson.
The new EU data protection guidelines
Christian Toon overviews planned changes to European data protection laws and their implications for data handling and management.
How to detect and stop corporate espionage
The key to successfully preventing espionage is to not just focus on information security. By Michael Podszywalow, MBA, CISSP, CISM, CISA, CEH.
Smartphones and enterprise security
Smartphones raise key security issues, which many organizations have yet to address.
Understanding the correlation between data leakage and the security mission
In many apparently very secure organizations, data leakage enabled by advanced evasion techniques is a potential disaster just waiting to happen.
>> More articles
Sign up for a free e-mail newsletter.