Reading through a Windows security log or any other log can be very difficult and time consuming, so a lot of companies have created their own tools to analyze windows event logs. But before you start going commercial, there is a tool that will get you going without any cost. Against all odds, it’s a tool made by Microsoft!
On October 28th President Obama signed into law the National Defense Authorization Act for Fiscal Year 2010. OK, so more people are needed. Now, let’s talk money. How much money is provided in the 2010 Defense Authorization Act for Cyber Defense? A lot.
Once a predator uses your Internet connection to go to into the bowels of the web, your Internet Protocol address, which is connected to your ISP billing address, is now considered one that is owned by a criminal. If law enforcement happens to be chatting with that person, who’s using your Internet connection to trade lurid porn, then someone may eventually knock on your door at 3 AM with a battering ram. And in freakish and relatively new twist, hackers can use a virus to crack your network and gain remote control access, and then store illicit porn on your hard drive.
The question is not lack of process but whether or not security is being used to help enforce business process in the relevant areas of product safety, customer service, employee workplace security and information protection in business-to-business relationships.
Hackers are spreading their operational bases further around the world, according to threat analysis from managed security firm, Network Box. Not only should we all be wary about what links we click on in emails, social networking sites and IM, but we should examine what data we put online.
Identity theft is preventable. As with any other crime, the risk will always be there. But there are many things people can do to minimize that risk, both online and offline. The National Foundation for Credit Counselors, which sponsors Protect Your Identity Week, has compiled a number of identity theft myths.
There are four pillars to the cyber war realm: intelligence, technology, logistics, and command. By understanding these factors IT security practitioners can gauge the threat to their own organization from cyber war and perhaps take steps to prepare for either direct attacks or the fallout from an outbreak of cyber hostilities between nations.
A Rhode Island Hospital was fined $150,000 after a surgeon operated on the wrong finger of a patient, and now the hospital must install video cameras in all of its operating rooms. Of course video surveillance will not PREVENT such incidents from happening, but knowing such recordings are being made will likely make surgeons much more careful…
The short answer for persons leaving a company is to be very careful and to have a very clear understanding with the employer about what can and cannot be taken. The increasing involvement of government authorities in enforcing remedies involving trade secrets certainly signals a new level of risk for those who may be considering taking or copying trade secrets.
Symantec isn’t the only company to forecast improved enterprise IT spending based on quarterly results in the past few weeks; executives at EMC, IBM, and Intel all spoke positively about IT budgets rebounding in the coming months.
As we all approach the inevitable chaos of the holidays with shopping, company parties, and client gift lists - all on top of Q4 and 2009 reports and wrap ups - please take care care to protect yourself and your family from possible tragedy due to simple oversight...
During this week’s Federal Executive Forum taping, Navy CIO Robert Carey discussed his views on cloud computing. Stating that the NGEN and CANES (Navy Consolidated Afloat Networks and Enterprise Services) programs will both leverage cloud computing, he also describes a future of “grey clouds” on each ship.
With the threat of aftershocks in the US Stock market, continued bank closings and takeovers by the FDIC, serious consideration needs to be given to changing the current reporting, auditing and oversight regulations, and the public needs to pressure elected officials into action before our entire country is taken off financial life support.
In terms of speed, Retina performed much faster. In terms of scan depth, Nessus has a small advantage, since it includes a web mirroring tool that is very helpful in HTTP. In a direct comparison, Nessus wins simply because Retina manifested erroneous results on repeat scans.
Regardless of what you feel should or should not be private, we all have a right to set expectations that we trust will be met. And as technologists, we have the capability to improve the state of privacy in the face of technological advances that might otherwise undermine it. Privacy is not an Illusion, it is a challenge.
This is the first cogent look at the efficacy of waging strategic cyber war and I hope will serve to slow the rhetoric coming from the US Defense community about acquiring cyber offensive capability: “Can cyberattacks disarm cyberattackers? In a world of cheap computing, ubiquitous networking, and hackers who could be anywhere, the answer is no.”
Forget about vampires, ghouls and zombies. You were much more likely to receive a fright this year from something lurking in your e-mail. There were the usual crop of Trojan horses and phishing expeditions, and as the surprising list points out, some of the scares go all the way up to White House and the FBI.
ISA/AIA webinar - Testing In A Real Environment Leads to Faster Cyber Security Innovation; Electronic Self-Help - White Hats, Black Markets, and Grey Laws; Software Assurance Forum; ICSJWG 2009 Fall Conference; ISA/AIA Webinar - Supply Chain Issues in Cyber Security…
I recently saw an article entitled Compliance is the New Security Standard. The basic thesis of the blog post was that since companies have to spend money on compliance, they might as well spend the money once and rename the effort “security”. This is an interesting notion – although perhaps “placebo security” might be a cheaper approach. Compliance is not equivalent to security for several fundamental reasons…
Oops, I just argued from scenario. Pundits often extrapolate from the current state of vulnerability of systems to predictions of massive power outages, financial collapse, and loss of command and control are falling into the scenario syllogism trap. Posing scenarios to support your anti-cyber war position can be just as dangerous…
