infosec Archive
The following is possibly the most arresting opening paragraph I have yet read in a security article: ‘The wave of cyberprobes or cyberattacks against Pentagon networks and government computer systems in France, Germany, New Zealand and the United Kingdom this …
An entertaining interview with Bruce Schneier in IT Security. He sets out in typically forthright style his view on big questions such as ‘Is security a solvable problem?’ He says, “Organizations need to be liable if they expose our personal …
Two items here nicely illustrate the fact that IT leaders need to understand the business, not the other way around. Michael Farnum gives some examples that demonstrate it takes maturity on the part of infosec and IT professionals to realise …
David Lacey has a good post on his ComputerWeekly blog, questioning whether it makes sense to combine responsibility for both physical and information security. He highlights the potential benefits, but rightly points out that virtually nobody has all the skills …
Given the increasing desire of businesses to be certified to ISO27001, risk assessment has emerged as an important skill for the infosec professional. While it is well-established in other areas, risk assessment is new to many in technology and requires …
As expected, blended threats continue to grow significantly. ComputerWeekly reports that in 2006 a company called ScanSafe encountered spyware growth of over 250 percent. What is more: “Not only did we see relentless growth in spyware throughout the year, but …
I would have thought by now that infosec professionals would have been aware of the extent to which spam is part of the malware armoury – but this article identifies the need to ensure that staff are also appropriately trained …
Here’s the tip of a nasty iceberg for all those multinationals that have happily offshored various functions in recent years. You sort of expect a bank to get its security right, don’t you? Maybe not…HSBC is now in pursuit of …
As we know from the countless surveys that flood the industry, the good news is that an increasing number of companies are adopting a professional approach to information security; the bad news is that there are still many, many organisations …
IDC has done some polling amongst IT managers and established that one of their top worries remains getting staff to play ball and follow IT security policy. As I have written before, the most thoroughly conceived corporate ISMS can be …
