Search This Blog

Monday, August 25, 2014

Virtual Security Remain Anathema to Many Organizations

PCI DSS 3.0 compliance deadline approaches. Will it make any difference? | Lessons learned from UPS Store breach

Network World Security

Forward this to a Friend >>>


Virtual Security Remain Anathema to Many Organizations
Next week, the IT industry will gather in San Francisco to discuss all things cloud and virtualization at VMworld.  The discussion will center on “software-defined data centers” which will quickly morph to “software-defined security” in my world (Writer’s note:  In my humble opinion, this is a meaningless marketing term and I don’t understand why an industry that should be focused on digital safety acts like its selling snake oil).  So we are likely to hear about the latest virtual security widgets, VMware NSX and OpenStack integration, virtual security orchestration, etc. This will make for fun and visionary discussions but there’s one critical problem:  While almost every enterprises has embraced server virtualization and many are playing with cloud platforms, lots of organizations continue to eschew or minimize the use of virtual security technologies – even though they’ve had years of experience with VMware, Hyper-V, KVM, Xen, etc.  According to ESG research, 25% of enterprises use virtual security technologies “extensively,” while 49% use virtual security technologies “somewhat,” and the remaining 25% endure on the sidelines (note: I am an ESG employee). To read this article in full or to leave a comment, please click here Read More


WHITE PAPER: Dropbox

The Truth About Cloud Security
"Security" is the number one issue holding business leaders back from the cloud. But does the reality match the perception? Keeping data close to home, on premises, makes business and IT leaders feel inherently more secure. But the truth is, cloud solutions can offer companies real, tangible security advantages. Learn more!

WHITE PAPER: Dell Software

Anatomy Of A CyberAttack
Do you know how to keep cyber-criminals out of your network? Cyber-criminals employ complex techniques to avoid detection as they sneak into corporate networks to steal intellectual property. Don't give the bad guys the keys to your network. Learn how to protect your organization from emerging threats in our e-book. Read Now

PCI DSS 3.0 compliance deadline approaches. Will it make any difference?
Don’t expect credit card security – or lack of it – to be magically transformed when the new year dawns on Jan. 1, 2015, the deadline for compliance with the Payment Card Industry Data Security Standard (PCI DSS) 3.0.The standard, which sets security requirements for all companies that access, store or transmit cardholder data (CHD) and personally identifiable information (PII), was published nearly a year ago, on Nov. 7, 2013, and has technically been in effect all of this year.Yet high-profile breaches of credit card data continue with alarming regularity.MORE ON NETWORK WORLD: Free security tools you should try Retailer Target suffered one of the largest breaches in history – 40 million credit card numbers and 70 million personal information records – last December, less than a month after the latest version of the standard was published.To read this article in full or to leave a comment, please click here Read More

Lessons learned from UPS Store breach
The security breach discovered at a few dozen franchises of the UPS Store, a subsidiary of United Parcel Service, provides a number of lessons for other retailers.The UPS Store reported Wednesday that malicious software was found within the in-store cash register systems of 51 franchises in 24 states, or about 1 percent of the 4,470 U.S. stores.The compromise exposed customer names, postal and email addresses and payment card information. How many people were affected was not disclosed.MORE ON NETWORK WORLD: Free security tools you should try Malware infections on so-called point-of-sale systems were also discovered in a string of breaches reported by other major retailers, including Michaels, Neiman Marcus, P.F. Chang's, Sally Beauty, Target and, more recently, the Albertsons and Supervalu supermarket chains.To read this article in full or to leave a comment, please click here Read More


WHITE PAPER: Skyhigh Networks

Cloud Adoption & Risk Report Reveals Top 20 Cloud Services
Based on anonymized data from over 10 million users across over 200 companies, the Skyhigh Cloud Adoption and Risk Report has become the de-facto data source on cloud adoption and risk View Now>>

Microsoft engineer: 'Definitely problems' with test process after crippling Windows patch
A week after Microsoft pulled a Patch Tuesday update that crippled an unknown number of Windows 7 PCs, the company has yet to provide a working fix for either the original vulnerability or the resulting problem for people affected by the broken update.Nor has Microsoft, which still retains a reputation for more transparency around security events than its rivals, including ultra-secretive Apple, issued any public statements outside the narrow confines of the MS14-045 "bulletin" that accompanied the three-patch update.MORE ON NETWORK WORLD: 7 things on Microsoft's 2014 to-do list But someone claiming to be a Microsoft employee stepped up to fill some of the information void.To read this article in full or to leave a comment, please click here Read More

Security spending gets boost from mobile, social and cloud, says Gartner
The increased adoption of mobile, social and cloud computing is driving growth in security spending among organizations that are also becoming more aware of threats on all those fronts.Worldwide spending on information security will top US$71 billion this year, an increase of 7.9 percent over 2013, with the data loss prevention segment recording the fastest growth at 18.9 percent, research firm Gartner said Friday.Research director Lawrence Pingree pointed to what he called the “democratization” of security threats, with malicious software tools that can be used to launch advanced attacks now more broadly available online via an underground economy. While this has made life even more difficult for CISOs, it has also resulted in increased awareness. Security is no longer seen as just an IT function or a cost center, he said.To read this article in full or to leave a comment, please click here Read More


: Sungard AS

SunGard AS Cloud Security Digital Spotlight
The scalability of cloud computing depends on sharing resources that were never shared before, creating a new set of risks and demanding a new set of security best practices. Read More

Ten tech products that died on arrival
Proof that no matter how much time, effort, and money you put into something, it may sink like a stone and stay at the bottom Read More

The behemoths of the World Tank Biathlon
"Image by REUTERS/Maxim ZmeyevWhen you think of a biathlon you usually envision chiseled athletes not big lumbering tanks. But at last week’s World Tank Biathlon, bigger and bulkier was better. The tank biathlon requires each steel behemoth to cover around 20 kilometers (12.4 miles) in the shortest time possible while shooting at various targets and making it through a variety of obstacles. Armenia, Kazakhstan, China, Serbia, Belarus, Kyrgyzstan, India, Mongolia and Kuwait all competed in the challenge which Russia ultimately won.To read this article in full or to leave a comment, please click here Read More

NIST taking input for mobile security guidelines
A new NIST publication aims to alert enterprises of potential security dangers within commercial apps Read More


SLIDESHOWS

Top techs the CIA thinks are hot

Through its investment firm called In-Q-Tel, the CIA funds companies, mostly start-ups, to push forward technologies deemed useful to government intelligence agencies.

JOIN THE NETWORK WORLD COMMUNITIES

As network pros you understand that the value of connections increase as the number of connections increase, the so called network effect, and no where is this more evident than in professional relationships. Join Network World's LinkedIn and Facebook communities to share ideas, post questions, see what your peers are working on and scout out job applicants (or maybe find your next opportunity).

Network World on Facebook

Network World on LinkedIn

MOST-READ STORIES of 2014

1. Does Microsoft Really Love Open Source?

2. Is Wi-Fi killing us...slowly?

3. A review of Swing Copters: Under no circumstances should you play this game

4. The Linux desktop-a-week review: Ubuntu Unity

5. The top 14 hidden features in Windows, iOS, and Android

6. Internet of Overwhelming Things

7. 2014's Hottest IT Certification

8. Why TCP/IP is on the way out

9. 11 Big Data Certifications That Will Pay Off

10. Ten tech products that died on arrival

JOIN THE IDG CONTRIBUTOR NETWORK

The IDG Contributor Network is a collection of blogs written by YOU -- leading IT practitioners -- about the technology, business opportunities and challenges you face everyday. We invite you to become a contributor or participate by joining the conversations your peers spark.

Apply now to become a member


Do You Tweet?
Follow everything from NetworkWorld.com on Twitter @NetworkWorld.

You are currently subscribed to networkworld_security_alert as security.world@gmail.com.

Unsubscribe from this newsletter | Manage your subscriptions | Subscribe | Privacy Policy

When accessing content promoted in this email, you are providing consent for your information to be shared with the sponsors of the content. Please see our Privacy Policy for more information.

If you are interested in advertising in this newsletter, please contact: bglynn@cxo.com

To contact Network World, please send an e-mail to customer_service@nww.com.

Copyright (C) 2014 Network World, 492 Old Connecticut Path, Framingham MA 01701

** Please do not reply to this message. If you want to contact someone directly, send an e-mail to customer_service@nww.com. **


No comments: