Podcast: Why ex-employees are stealing your data Dr. Larry Ponemon talks with Tim Greene about a study that showed 59% of employees who had quit, were fired or laid off admitting to stealing company data. What's being stolen? How can companies stop this? Ponemon and Greene discuss these issues. (15:09) Techies end-run feds on DNS security The Internet engineering community is forging ahead with an alternative approach to allow DNSSEC deployment without the DNS root zone being signed. Known as a Trust Anchor... Three months, three breaches at Florida university For the second time in three months, the University of Florida in Gainesville has acknowledged a major data breach -- and a statement posted on the University's Web site indicates that there was a third, less public, breach discovered by the school during the same period. 10 Steps for Mitigating Data Risk During a Merger Merger and acquisition activity stands to increase as global markets struggle to stay afloat during the worst economic slowdown in decades. What will you do when you find out you're about to acquire or consolidate with another firm or division? Are you aware of the risks you may be inheriting? What data is going to demand the highest availability? What IT regulations will you have to address and how do you know if existing controls already address them? Starbucks sued after laptop data breach A Chicago-area Starbucks employee has brought a class-action lawsuit against the coffee retailer, claiming damages from an October 2008 data breach. Arrests soar after new wiretap law Criminal arrests made under more powerful wiretapping laws have increase by 96% following reforms that make it easier for police to intercept and access telecommunications. Another payment processor said to suffer data breach Just weeks after Heartland Payment Systems disclosed what may be one of the largest breaches of payment card data thus far, news is emerging of what could be another major breach involving a payment processing ... BigFix hits rivals with 50% price chop Tough times could be driving increased competition in enterprise software with the news that BigFix is to undercut its rivals' patch management renewal licensing by up to 50%. Fed agencies push new security audits Several federal agencies today expressed backing for the "Consensus Audit Guidelines," a set of proposed 20 cybersecurity controls, that could end up as network and application security requirements for federal agencies and their contractors. Juniper SRX 5800: Biggest firewall ever If the Guinness Book of World Records had an entry for "biggest firewall ever," Juniper's new SRX 5800 would certainly qualify. How we tested Juniper's SRX 5800 We assessed the Juniper SRX 5800 in terms of performance, features and usability. Because the product is marketed as a security appliance, our tests focused on security performance. We did not look at router metrics, such as BGP performance, although the SRX-5800 does have the full multiprotocol and multilayer JunOS 9.3 routing engine inside. Our security performance tests included separate sets of measurements using stateful TCP and stateless UDP traffic. For both sets of tests, we offered test traffic to 16 10-gigabit Ethernet interfaces. Manageability problems with Juniper's firewall Our woes with Netscreen Security Manager began when we tried to use it to manage the SRX 5800. With eight years of experience using NSM in Opus One’s labs, we were looking forward to the unification of JunOS and ScreenOS management. We started out needing to change IP addresses, a common enough task. For a ScreenOS system, this takes three clicks: two clicks to see a summary interfaces and IP addresses, and third to begin editing. Controversial data-security rules slow to take hold in state Massachusetts officials this month gave companies a second reprieve on complying with new regulations aimed at any entity that stores the personal data of state residents. They also softened a particularly contentious provision requiring businesses to ensure that third parties handling such data are in compliance with the rules. Cutting Through the Fog of Cloud Security Daniel Flax, CIO at New York-based investment banking and financial services firm Cowen and Co. , relies on cloud computing to automate his company's sales activities. While he's satisfied with cloud technology's potential to lower upfront costs, decrease downtime and support additional services, he admits that he has had to work hard to get a handle on the emerging technology's security weaknesses . "Security is one of the things we've had to come to grips with," he says. The scourge of the Internet: Malformed Messages A malformed message is a protocol message with wrong syntax and VoIP systems are not immune. Cisco Subnet blogger explains one favorite type, Protocol Fuzzing. An unhackable payment and ID managment system? Cisco Subnet blogger Jamey Heary has ventured into the land of science fiction to give you a glimpse if IT -- and its security -- in the year 2109 based on the science of today. February giveaways from Cisco Subnet and Microsoft Subnet Up for grabs: One American Express gift card worth $250 from Global Knowledge; One Microsoft training course worth $2,995 from Global Knowledge; 15 copies each of the hot book titles Voice over IP Security, and CCNA Wireless Official Exam Certification Guide and 15 copies of Exchange Server 2007 How-To: Real Solutions for Exchange Server 2007 SP1 Administrators. Get all the entry details here. |
No comments:
Post a Comment