Search This Blog

Wednesday, June 25, 2014

Former NSA director defends data collection, cloud security

Why you should still worry about Heartbleed | 10 things to know about the smartphone kill switch

Network World Security

Forward this to a Friend >>>

Former NSA director defends data collection, cloud security
Former National Security Agency director Gen. Keith Alexander claims the media leaks by Edward Snowden about how the NSA conducts cyber-espionage have undermined national security …. and he ardently defends those NSA bulk collection practices. But that was just one theme Alexander took up in his keynote address at the Gartner Security and Risk Management Summit here today: He’s also bullish on cloud security and spoke about some experiences the NSA has had with it. Just retired from the NSA in March, Alexander has also set up a new consultancy called IronNet Cybersecurity. Without mentioning former Snowden or any specific news organization, Alexander said the revelations about the tools and processes the NSA uses to conduct mass surveillance have had a “devastating” impact on national security. “It’s devastating not only for our country but for Europe,” he said, adding he thinks that Islamic militant terrorist organizations seem “to be learning from these leaks” and evading some detections.To read this article in full or to leave a comment, please click here Read More

WEBCAST: HP

Meg Whitman presents Unlocking IT with Big Data
Today, the industry is at an inflection point - driven by a triple storm of Big Data, cloud, and mobility; and in this new environment, security is paramount. The New Style of IT is about how businesses and IT leverage this rapid change for enterprise growth. Learn More
WHITE PAPER: IBM

Five Steps to Achieve Success in your App Security Program
This white paper provides a general framework your organization can use to create or build upon an application security program. It includes guidelines that can be useful at different stages of your security program's maturity. Read Now

Why you should still worry about Heartbleed
Patching of Internet-connected systems that contain the Heartbleed bug has slowed to a snail's pace, and security experts are advising companies to take extra precautions to avoid a security breach.Errata Security scanned the Internet late Friday and found roughly 309,000 sites with the bug, which is in the secure sockets layer (SSL) library of the OpenSSL Project. That number was only about 9,000 less than what Errata found a month ago.When Hearbleed was discovered in April, Errata found more than 600,000 vulnerable systems on port 443, which is used by default for SSL-secured communications between clients and servers.To read this article in full or to leave a comment, please click here Read More

10 things to know about the smartphone kill switch
Apple already has one, Microsoft and Google say they’ll build one, Minnesota will demand it from next year and it could soon be the law in California and maybe nationwide. The smartphone kill switch appears to be on its way to every handset sold in the U.S. so what’s all the fuss about? Here’s a look at the main points of the technology.What is it?For more than a year, law enforcement officials across the U.S. have been pressuring the telecom industry to do more to combat smartphone theft and the kill switch has been proposed as the answer. It’s a piece of software installed in every new phone that can disable a stolen handset.To read this article in full or to leave a comment, please click here Read More

WHITE PAPER: Juniper Networks

Security in the Next-Generation Data Center
This white paper examines these trends, and it reveals the key capabilities that today's security teams require to effectively ensure that vital corporate assets remain secure, while at the same time optimizing access, cost, and administrative efficiency. View Now

Facial recognition proposal lacks privacy protections, advocate says
A facial recognition trade group’s proposals for privacy standards are an “extreme” departure from U.S. expectations on how personal data should be handled, a privacy advocate said Tuesday.A set of recommendations from the International Biometrics and Identification Association suggest that the industry believes it should have few limits, said Chris Calabrese, legislative counsel for the American Civil Liberties Union.The IBIA document “refutes fundamental American values in a way that would actually be harmful to our Democracy,” Calabrese said.To read this article in full or to leave a comment, please click here Read More

Researchers expect large wave of rootkits targeting 64-bit systems
Following a downward trend during the past two years, the number of new rootkit samples rose in the first quarter of this year to a level not seen since 2011, according to statistics from security vendor McAfee.The sudden spike in rootkit infections during the first three months of the year was caused primarily by a single rootkit family that targeted 32-bit Windows systems. However, new rootkits designed for 64-bit systems will likely lead to a rise in this type of attack in the future, researchers from McAfee said in a report published Tuesday.Rootkits are malware programs designed to hide other malicious applications and activities from users. They typically run inside the OS kernel with the highest possible system privileges, making their removal and detection hard for security products.To read this article in full or to leave a comment, please click here Read More

WHITE PAPER: HP

Why you need a next-generation firewall
This white paper explores the reasons for implementing NG firewalls and lays out a path to success for overburdened IT organizations. Learn More

Decoding threat intelligence
There is a scene in HBO's adaption of Game of Thrones where a character counsels the king to dismiss the rising power of one of his rivals because "curiosities on the far side of the world" are no threat. A season later, that rival has three dragons and an army under her control.Oops.[Information overload: Finding signals in the noise]In my travels and meeting with 400 CISOs a year, I find there is much confusion around threat intelligence. Many that need it do not have the foundational elements and maturity to consume the information to make it actionable. It’s critical to know what intelligence is, what kind you need, and how to build the organization to consume it.To read this article in full or to leave a comment, please click here Read More

10 tech support requests you never want to hear from your family
"Image by Archiboldian licensed under CC BY 2.0If you’re a techie it’s likely that someone in your family will ask you a question about their cell phone, their computer, their iPad, their you-name-it … and not long after the whole family will use you as their personal tech support. You become the go-to guy for every tech question. I’s hard to turn down a plea from your mother or sweet Aunt Mabel. While some problems are easily solved (“There’s no ‘any’ key, Mom, it means just press any key”) there are other questions that will make your blood run cold. Here are the worst of the worst family support requests. If you have favorite family support requests, please comment below then follow me on Twitter, App.net, and Facebook.To read this article in full or to leave a comment, please click here Read More

End users must be part of cybersecurity solutions
As the old infosec adage goes, “people are the weakest link in the cybersecurity chain.” Clearly, enterprise security professionals agree with this statement. In a recent ESG research survey, enterprise security professionals were asked to identify the factors most responsible for successful malware attacks. It turns out that 58% point to “a lack of user knowledge about cybersecurity risks” – the most popular answer by far (note: I am an employee of ESG).This data is not unusual; security professionals often bemoan end-user cybersecurity behavior. They don’t pay attention in training classes, they click on suspect links, they are easily fooled by social engineering tactics, etc.To read this article in full or to leave a comment, please click here Read More


SLIDESHOWS

5 potential Facebook killers

Outside of the obvious suspects – LinkedIn, Twitter and Google+ – who has the potential to unseat Facebook? Here are five possibilities.

JOIN THE NETWORK WORLD COMMUNITIES

As network pros you understand that the value of connections increase as the number of connections increase, the so called network effect, and no where is this more evident than in professional relationships. Join Network World's LinkedIn and Facebook communities to share ideas, post questions, see what your peers are working on and scout out job applicants (or maybe find your next opportunity).

Network World on Facebook

Network World on LinkedIn

MOST-READ STORIES

1. 10 CEOs who took drastic pay cuts

2. Gartner: Top trends in IT security technology

3. Why Facebook's SDN switch won't affect Cisco's customers

4. SDN system controls hundreds of Cisco routers; saves contractor time, money

5. The 10 baddest supercomputers on Earth

6. Will perimeter firewalls give way to 'RASP'?

7. Microsoft introduces Interflow: Sharing cybersecurity threats in near real-time

8. Oracle says Oregon governor spiked Obamacare site for political reasons

9. Encrypted Web traffic can reveal highly sensitive information

10. Microsoft cuts OneDrive prices, increases capacity


Do You Tweet?
Follow everything from NetworkWorld.com on Twitter @NetworkWorld.

You are currently subscribed to networkworld_security_alert as security.world@gmail.com.

Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy

If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com

To contact Network World, please send an e-mail to customer_service@nww.com.

Copyright (C) 2014 Network World, 492 Old Connecticut Path, Framingham MA 01701

** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)