Thursday, January 22, 2009

Don't just talk about security - do something!

The best way for users to learn security best practices
Network World logo

Security Strategies Alert

NetworkWorld.com | Security Research Center | Update Your Profile


Sponsored by AMD
rule

See the power of the new Quad-Core AMD Opteron(TM) processor.
Virtualization is a proven engine that drives business performance. The fusion of the Quad-Core AMD Opteron(TM) processor and virtualization - It's a match made in the data center. Find out more:

rule

Spotlight Story
Don't just talk about security - do something!

M. E. Kabay By M. E. Kabay
Last time, I reviewed disheartening research showing that in general, our security-awareness efforts don't work. Most people seem to blame poor communications or the obtuseness of users. In contrast with this standard view of the failure of compliance with sensible advice, scientists at Carnegie Mellon University (CMU) have been studying why people fail to follow perfectly good advice on how to avoid phishing scams. Read full story

M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services. CV online.

Related News:

Users don't get it (but it's human nature) "Why don't employees just PAY ATTENTION and FOLLOW OUR RULES?!?" Doesn't that sound like the cry from the heart of security managers the world 'round? Well, there's hope. Follow me today and next time on an excursion into current research findings and I'll show you a simple principle that will change the way you implement security awareness.

IT security lacking in best practices The need for best practices knowledge was identified by 16% of respondents as the top IT security challenge affecting organizations today, according to a recent survey of 322 IT security professionals, undertaken by the ...

VoIP requires strict attention to security best practices VoIP exploits are troublesome but not incurable nor unique to VoIP.

Using log event management to combat insider threats Previously we wrote about CERT and the "13 best practices for preventing and detecting insider threats." Now we'll dig deeper into best practice No. 5: "Log, monitor, and audit employee online actions," and we'll look ...

13 best practices for preventing and detecting insider threats When you think of IT security, you probably think of keeping the bad guys out of your IT systems. But what if the “bad guy” is authorized to use those IT systems? Insider threats are real and not so uncommon. A survey conducted by the United States Secret Service, the CERT Coordination Center (CERT/CC), and CSO Magazine found that in cases where respondents could identify the perpetrator of an electronic crime, 20% were committed by insiders.

Most switches help in complying with secure management best practices In assessing switch management and security, we sought to answer three questions: Did devices follow current best practices by default? Could users configure switches to follow these best practices? And could switches ...

FAQ: How to protect your PC against the Downadup worm Security experts say it's the biggest worm attack in years, call it "amazing" and report that it infected nearly 9 million PCs in just two weeks.

Cisco PIX to ASA configuration migration tool, time is running short Cisco releases a free migration tool for PIX to ASA migration ahead of the end-of-life for PIX on July 28.

Top 10 YouTube hacking videos Hacking for fun, profit and to meet women. These 10 YouTube hacker videos range from the humorous to the downright frightening. Some of them demonstrate live hacks, while others demonstrate the use of hacker tools.

January giveaways from Cisco Subnet and Microsoft Subnet
Up for grabs: Two Cisco training courses from Skyline-ATS worth up to $6,990, a Microsoft training course from New Horizons worth up to $2,500, 15 copies each of the hot book titles Microsoft SQL Server 2008 Management and Administration, IPv6 Security and Chained Exploits: Advanced Hacking Attacks. Get all the entry details here.


IT Outlook '09
Products of the WeekIn-depth analysis of the latest enterprise strategies, start-ups to watch, people to know, and more.

9 hot technologies for '09
9 hot technologies for '09Our annual rundown, plus a tip or two about how to approach each hot technology.

Sponsored by AMD
rule

See the power of the new Quad-Core AMD Opteron(TM) processor.
Virtualization is a proven engine that drives business performance. The fusion of the Quad-Core AMD Opteron(TM) processor and virtualization - It's a match made in the data center. Find out more:

rule

Preparing for IPv6.
Get concrete facts on what IPv6 adoption means for your organization in this Executive Guide. Learn how IPv6 and IPv4 can coexist and the role of NAT devices in this new world. Find out if you need to develop a business case today and how to get started.
Download this Executive Guide now.


Take Control of Network TCO by Automating IPAM
Join ESG and Infoblox to learn about reducing network TCO while boosting network availability by automating IPAM.
Review this information-packed webinar today.

 

01/22/09

Today's most-read stories:

  1. Court rules Kentucky does not own the Internet
  2. Juniper expected to cut jobs amid weak demand
  3. Belkin fake reviews case raises broad questions
  4. How to protect your PC against the Downadup worm
  5. Sony: There's no way Xbox 360 will win in the end
  6. WLAN sniffers pass the sniff test
  7. F5 attempts to lure Nortel Alteon customers
  8. Cisco CTO could be tapped by Obama
  9. Top 10 YouTube hacking videos
  10. Obama's BlackBerry equals national security threat


The Evolution of Network Security
Zero in on the hottest security technologies you need to know about in this Executive Guide. Better protect your IT environment with NAC, data leakage prevention controls and auditing tools.
Learn more.



IT Buyers guide

 


This email was sent to security.world@gmail.com

Complimentary Subscriptions Available
for newsletter subscribers. Receive 50 issues
of Network World Magazines, in print or
electronic format, free of charge, Apply here.

Terms of Service/Privacy

 

Subscription Services Update your profile
To subscribe or unsubscribe to any Network
World newsletter, change your e-mail
address or contact us, click here.

Unsubscribe

Network World, Inc., 492 Old Connecticut Path, Framingham, MA 01701
Copyright Network World, Inc., 2009

www.networkworld.com

 

 



No comments:

Post a Comment