• Cybersecurity summit pays little attention to control system's security

    Despite threats of infrastructure attacks, scant attention was paid to control systems during a global security conference; the problem is safeguarding infrastructure’s control systems against attackers is that such protection requires a different approach to securing PCs or networks; Windows-based security products will not help; says one expert: “All the devices that sense things — temperature, pressure, flow, and things like that — are not Windows, those are proprietary, real-time or embedded, and there’s no security there”

  • Infosec 2010: Prepare for the information security revolution

    New PwC report shows how information security threats will evolve until 2020; the huge increase in the amount of data available on the Web is largely the result of the number of people who have internet access. This will mean more money is transacted online, which will attract cyber criminals

  • New research offers security for virtualization, cloud computing

    Virtualization allows the pooling of the computational power and storage of multiple computers, which can then be shared by multiple users; problem is, gains in efficiency and cost-saving are offset by increased cyber vulnerability; researchers have now developed software, called HyperSafe, that leverages existing hardware features to secure hypervisors against such attacks

  • Passwords may be passé, but biometrics is not yet viable for portable devices

    Passwords may be heading toward extinction, but biometric identification is not yet a viable means of authentication for mobile devices; smart phones and other portable devices do not currently have the sophistication to be adapted easily for biometric technology, and users are likely to be reluctant to carry yet another device and its electrical charger along with their smart phone simply to login to their bank account when not at their desktop computer

  • Data protection manager for the cloud

    More and more companies begin to offer cloud security solutions; Iron Mountain offers CloudRecovery links into DPM; Seagate’s i365 business has launched the EVault for DPM 2010 backup and recovery appliance

  • Companies ignore cloud security

    New study finds that few businesses build security into cloud contracts; in fact, three-quarters of businesses surveyed said they had no procedures and policies for using cloud computing; Sixty-eight percent said end users and business managers — not the organization’s IT professionals — are made responsible for evaluating cloud computing vendors

  • Floating security tools make the cloud more secure

    Cloud computing offers efficiency and economy — but the Achilles Heel of the technology is security; where there is a security need there is a business opportunity, and some companies begin to offer cloud security tools, hoping to enjoy the benefits of first movers

  • Cybersecurity incidents in industrial control systems on the rise

    The good news is that only about 10 percent of U.S. industrial control systems are actually connected to the Internet; the bad news is that even with minimal Internet access, malware and breaches are increasingly occurring in utility, process control systems; cybersecurity incidents in petroleum and petrochemical control systems have declined significantly over the past five years — down more than 80 percent — but water and wastewater have increased 300 percent, and power/utilities by 30 percent

  • Congress to address important cybersecurity initiatives

    Congress is setting to tackle important cybersecurity-related issues — including the confirmation hearing on Army Lt. Gen. Keith Alexander to be military cyber commander, markup sessions on bills to fund cybersecurity research and development, and realign the National Institute of Standards and Technology’s (NIST) laboratories

  • First computer forensics private investigation firm opens in Nevada

    Expert Data Forensics is the first computer forensics-only PI firm in the state of Nevada; the firm says it has already helped in almost a hundred clients get the electronic evidence used to make a difference in the outcome of their cases; the data is retrieved from cell phones, PDAs, and computers

  • The 2010 Security Treasure Hunt cybersecurity competition launched in California

    California on Tuesday launched the 2010 Security Treasure Hunt; the online competition is part of a national effort to identify young men and women with the potential to become world-class cybersecurity professionals

  • To avoid cyberwar and protect infrastructure -- fight cybercrime first

    Fighting cybercrime is the first step to avoiding cyberwar, protecting infrastructure; Christopher Painter, the White House’s senior director for cybersecurity: “There are a couple of things we need to do to harden [critical infrastructure] targets” — “But the other thing you need to do is reduce the threat. And the predominant threat we face is the criminal threat — the cybercrime threat in all of its varied aspects”

  • Cybersecurity companies weather the economic downturn

    Cybersecurity companies may have suffered during the economic downturn — but they suffered less; some companies even saw an increase in revenues; “The things that we’re delivering have become more of a necessity than a nice to have,” says the president of an Iowa-based company which provides technical support and corporate security for desktop computers — and which increased its annual revenue by 41 percent in 2009

  • U.S. government encounters shortage of skilled cyber-security workers

    DHS and the FBI, among other government agencies, are now posting job openings in cybersecurity, describing the chief responsibilities of these jobs as preserving the nation’s freedoms and securing the homeland; the recruitment campaign is going slowly because the pool of truly skilled security professionals is a small one, and the government is only the latest suitor vying for their talents

  • More employers track their employees' every digital move

    More and more companies are more and more interested in what their employees are doing with their PCs, laptops, and smartphones while in the office; sophisticated tracking and monitoring solutions allow employers to monitor any information its employees post publicly on Facebook and Twitter, and read e-mails and instant messages (even those you typed but decided not to send)