Sign up for Continuity Briefing
Never miss a news story: signup for our free weekly email newsletter.

REGIONAL PORTALS
Continuity Central currently offers three regional business continuity portals:
North America
United Kingdom
Asia Pacific / Australasia

SunGard

INFORMATION SECURITY MANAGEMENT

APT attacks clarified
APT attack Confusion exists as to what exactly an advanced persistent threat is and, even more importantly, how to manage the risks associated with APTs. Christos K. Dimitriadis provides some help.

>> Read more
How the biggest DDOS attack in history highlights interdependencies
Spamhaus attack shows how interdependent networks have become		 Cyber threats require a risk management approach
Information security programs that rely on defensive measures are no longer adequate.
Latest news

Majority of organizations underestimate scope of privileged account security risk: survey
Despite the repeated abuse of privileged accounts in cyber-attacks, organizations continue to have a difficult time identifying and managing these critical vulnerabilities.

CPNI publishes research into insider threats
UK Centre for the Protection of National Infrastructure recently conducted a study into insider threats and has now released a summary report.

NIST issues major revision of core computer security guide
SP 800-53 update takes a more holistic approach to information security and risk management and calls for maintaining ‘cybersecurity hygiene’.

Printers, routers and other Internet-enabled devices being hijacked to participate in cyber attacks
New Prolexic white paper explains how to secure your devices and infrastructure from SNMP, NTP and CHARGEN attacks.

Results of the 2013 Information Security Breaches Survey published
81 percent of respondents reported that senior management had not been able to put in place effective security, even though it was classed a high priority.

The State of Network Security 2013
Poor change management processes lead to network and application outages.

ENISA analyses the Spamhaus attack
Main conclusion is that Internet service providers are failing to apply BCP38 and BCP140 best practice recommendations.

An increase in mobile targeted threats is putting organizations at risk of cyber-espionage
Mobile enterprise management tools are failing to prevent spyware infecting smartphones.

UK government launches public-private sector information sharing partnership on cyber security
The Cyber Security Information Sharing Partnership.

Cyber attacks – a new edge for old weapons
EU cyber agency warns that urgent action is required to combat emerging cyber-attack trends.

US GAO reports on cybersecurity
‘A better defined and implemented national strategy is needed to address persistent challenges.’

Oil and gas process control systems increasingly at risk from cyber attacks
Oil and gas firms globally are increasingly exposed to cyber threats as a result of converging technological, terrorism and political risks, says Marsh.

Cyber attacks on Australian business more targeted and coordinated
The 2012 Cyber Crime and Security Survey Report published this week.

One in five enterprises have experienced an APT attack: ISACA survey
94 percent say APTs represent a credible threat to national security and economic stability, yet most enterprises are employing ineffective technologies to protect themselves.

European Commission publishes cybersecurity strategy
‘An Open, Safe and Secure Cyberspace’ represents the EU's vision on how best to prevent and respond to cyber disruptions and attacks.

Many companies do not give sufficient attention to cyber risks
According to the Meeting the Cyber Risk Challenge report.

Radware releases global security report
Reveals new cyber attack methods uncovering blind-spots unrecognized by security professionals and organizations.

>> More news

 Latest articles

Emulating the enemy
Threat emulation is a critical technique in achieving more effective network security. Terry Greer-King explains why.

Consensus at RSA Conference 2013: PKI is under attack
At the recent RSA Conference 2013 in San Francisco, a clear consensus emerged: attacks on the trust established by cryptographic keys and certificates are on the rise and important element in today’s threat landscape.

Five easy steps for implementing a data classification policy
Without classification as the foundation of the information protection strategy, it’s impossible for organizations to know what to protect, says Stephane Charbonneau.

A tiered approach to BYOD control
The practice of employing a layered security model can and should be applied to BYOD says Scott Gordon.

The low hanging fruit of IT security
How smaller organizations can remain secure on limited budgets. By Chris Stoneff.

Could your employees detect and deflect a spear phishing attack?
Why are spear phishing attacks increasing and what can organizations do to prevent falling victim?

Running lights out management without putting your organization’s lights out permanently
LOM is a potent technology which has its uses; however it also poses some potential risks which every enterprise must be aware of.

Digital forensics and its role in protecting the enterprise
Paul Kenyon examines the difference between proactive and reactive digital forensics.

BYOD: it’s time to throw out the rule book
Banning employee devices is not the answer to the BYOD information security challenge, says Grant Taylor.

Information management at the crossroads: is it time for ‘corporate information responsibility’?
Could CIR enhance information risk management?

So you think SharePoint is secure? Think again!
Jamie Bodley-Scott looks at the insecurities Sharepoint introduces and suggests a three dimensional model to stem the resultant flow of data.

Do as I say, not as I do...
Could you bring your company to its knees?

What’s missing from DLP?
Data loss prevention solutions don’t provide an information security panacea but adding PICWIC enhances them, says David Gibson.

The new EU data protection guidelines
Christian Toon overviews planned changes to European data protection laws and their implications for data handling and management.

How to detect and stop corporate espionage
The key to successfully preventing espionage is to not just focus on information security. By Michael Podszywalow, MBA, CISSP, CISM, CISA, CEH.

Smartphones and enterprise security
Smartphones raise key security issues, which many organizations have yet to address.

Understanding the correlation between data leakage and the security mission
In many apparently very secure organizations, data leakage enabled by advanced evasion techniques is a potential disaster just waiting to happen.

>> More articles

IT CONTINUITY NEWSLETTER
Sign up for a free e-mail newsletter.

Adam Continuity

Cyber security needs to be a board level issue
Calculating recovery time objectives Tom Neaves and John Yeo describe a recent research project that looked at whether company boards have explicitly itemised cyber security as a material risk to the business.

>> Read more

Certificate management explored
Mobile security Calum MacLeod highlights twelve classic mistakes which can result in certificate-related downtime and IT security breaches.

>> Read more

How to advertise How to advertise on Continuity Central.

ITPG

Phoenix

Business continuity software

Adam Continuity

Capital Continuity

Business continuity software

To submit news stories to Continuity Central, e-mail the editor.