Corporate IT security

  • CybersecuritySmall, medium businesses suffer record levels of cyber attacks

    More small businesses than ever are facing the threat of losing confidential information through cyberattacks, according to research published today by the Department for Business, Innovation and Skills (BIS).

    The 2013 Information Security Breaches Survey has shown that 87 percent of small businesses across all sectors of the U.K. economy experienced a breach in the last year. This is up more than 10 percent and cost small businesses up to 6 percent of their turnover, when they could protect themselves for far less.

  • CybersecurityGovernments, businesses should be “cyber-risk intelligent”

    Cyber-threats must require governments and businesses to be “cyber-risk intelligent.” Three general flows of information determine an organizational frame for cyber-risk intelligence: one that encompasses the awareness of the IT enterprise and its apparent health; a second that brings internal business activities into view; and a third that encompasses broader geopolitical and economic forces.

  • China syndromeU.S. weighing retaliatory measures against China for hacking campaign

    As incontrovertible evidence emerged for the role of Chinese government in initiating and orchestrating the massive, sustained Chinese hacking campaign against U.S. private companies, government agencies, and critical infrastructure assets, the administration has intensified discussions of retaliatory measures the United States may take against China.

  • Safety & Security Asia (SSA) 2013SSA 2013 will attract 600 exhibitors and more than 10,000 attendees

    Safety & Security Asia (SSA) 2013 is back for its 24th biennial presentation in Singapore on 7-9 May 2013 at Marina Bay Sands, Singapore. The Safety & Security Asia series is the most established event of Southeast Asia’s security market in the last twenty-four years, making it the a valuable platform for security technology companies to showcase their products and solutions to the region’s market, especially in the cyberspace arena. SSA 2013 will attract 600 exhibitors from thirty countries and more than 10,000 attendeesfrom forty countries.

  • CybersecurityPromoting mistrust: thwarting spear phishing cyber threats

    Information security experts say that the most challenging threat facing corporate networks today is “spear phishing”; generic e-mails asking employees to open malicious attachments, provide confidential information, or follow links to infected Web sites have been around for a long time; what is new today is that the authors of these e-mails are now targeting their attacks using specific knowledge about employees and the organizations they work for; the inside knowledge used in these spear phishing attacks gains the trust of recipients

  • CybersecurityCybersecurity company using hackers own devices against them

    A California cybersecurity start-up, marketing itself as a private cyber intelligence agency, works to identify foreign attackers who are attempting to steal corporate secrets; it does so by  using the attackers’ own techniques and vulnerabilities against them; the company also collects data on hackers and tricks intruders into stealing false information

  • CybersecurityCyber criminals target small businesses

    A recent study conducted by the National Cyber Security Alliance and Symantec found that 77 percent of small business owners in the United States think their company is safe from cyber criminals; trouble is, 83 percent of them do not have a cyber security plan

  • CybersecuritySen. Rockefeller asks Fortune 500 CEOs for cybersecurity best practices

    Last month, Senator Jay Rockefeller (D-West Virginia) sent a letter to the CEOs of fortune 500 companies asking them what cybersecurity practices they have adopted, how these practices were adopted, who developed them, and when they were developed; many saw Rockefeller’s letter as an admission that the Obama administration does not have a basis for trying to impose cybersecurity practices on the private sector through the Cybersecurity Act of 2012, now stalled in Congress

  • Cloud securityMore companies adopt cloud disaster recovery solutions

    More and more companies adopt a cloud disaster recovery solution; in a recent 2012 TechTarget Cloud Pulse survey, a majority of the 926 companies that responded have said they are now using a cloud disaster recovery system or plan to in the next six months

  • PasswordsNew solution helps thwart “smash-and-grab” credential theft

    Of the data breaches investigated in 2011, servers were among the primary target assets in 64 percent of investigations and those accounted for 94 percent of compromised records; a new solution from RSA scrambles, randomizes, and splits authentication credentials across multiple servers, data centers, and the cloud

  • CybersecurityNew NIST publication provides guidance for computer security risk assessments

    The National Institute of Standards and Technology (NIST) has released a final version of its risk assessment guidelines which can provide senior leaders and executives with the information they need to understand and make decisions about their organization’s current information security risks and information technology infrastructures

  • Insider threatNew study probes insider threat in financial services sector

    New study found that those committing insider fraud are taking a “low and slow” approach, escaping detection for long periods of time and costing targeted organizations an average of $382,000 or more, depending on how long the crime goes undetected; managers and accountants cause the most damage from insider fraud and evade detection longer

  • Mobile securityMobile device necessitate “stateless” IT security architecture

    I n a new report, Forrester analysts say that to stay ahead of evolving mobile business requirements, security and risk (S&R) and infrastructure and operations (I&O) executives cannot rely on the old approach of end-to-end control over the data path, device, and applications; instead, they must embrace a “stateless” architecture in which IT decouples security controls from the devices and the infrastructure, derives trust dynamically, and avoids costly new investment of in-house applications and infrastructure

  • Malware threatsMalware intelligence system allow organizations to share threat information

    As malware threats expand into new domains and increasingly focus on industrial espionage, researchers are launching a new tool to help battle the threats: a malware intelligence system which will help corporate and government security officials share information about the attacks they are fighting

  • IT securityHow govt. can achieve IT savings, innovation

    Innovative shifts in technology can springboard government into a new era of efficiency, effectiveness, and transparency;  lawmakers urged to focus not only on technology infrastructure to achieve savings and efficiencies, but also consider how the government procures and delivers