Cyber Security Institute

Saturday, January 31, 2009

Archer Technologies Acquires Brabeion Software

Archer Technologies, a provider of enterprise governance, risk and compliance (GRC) solutions, today announced that it has reached a definitive agreement to acquire Brabeion Software Corporation, a market-proven provider of IT-GRC management software.  The acquisition solidifies Archer’s acknowledged IT-GRC industry leadership and will strengthen the company’s ability to deliver outstanding enterprise GRC solutions.  With the acquisition, Archer will leverage Brabeion’s industry-leading content library to further enhance its best-in-class Policy Management solution.


Friday, January 30, 2009

During Layoffs, Superior ID Management Is an Imperative

More than 125,000 people have lost their jobs in the last month alone, and not all will have the best of intentions toward their former employers.  Companies reducing their work forces must lock down user accounts, and solution providers can assist with identity management solutions.  Under pressure from sagging earnings, the premium coffeehouse earlier this week announced that it would close 300 stores and lay off more than 7,000 workers.  Microsoft, Boeing, AstraZeneca, Sprint and Home Depot are among the household-name companies to slash thousands of jobs this week alone.  Regardless of industry or size, all companies reducing their work forces share something in common—-all of their employees have some level of access to networks or applications.


Thursday, January 29, 2009

McAfee highlights perils of offshoring sensitive data

Global companies may have lost over $1tn (£696bn) worth of intellectual property last year owing to data theft, according to new research from McAfee presented today at the World Economic Forum in Davos.  Respondents to the study indicated that they lost a combined $4.6bn (£3.2bn) worth of intellectual property last year, and spent around $600m (£418m) repairing damage from data breaches.


Tuesday, January 20, 2009

Data breach study ties fraud losses to Hannaford, TJX breaches

A recent data breach study commissioned by the state of Maine sheds light on the losses banks experienced as a result of the data breaches at TJX and Hannaford Brother’s supermarkets.  The state’s banks said they incurred $2.1 million in expenses related to data breaches since January 1, 2007.  The Hannaford breach had the largest impact, affecting 71 financial institutions and incurring $1.6 million in expenses according to the Maine Data Breach Study.  Adam Shostack, blogger and author of The New School of Information Security, said the expenses turn out to be about $450 for each breached account, which is inline with the estimated figures on for sales of pilfered account data on the black market.


Friday, January 16, 2009

New Report Predicts Increased Security Spend

Hot on the heels of Forrester Research’s recent prediction that enterprise businesses will increase security spending from 11.7 percent to 12.6 percent of their overall IT budgets during 2009, gateway filtering specialists Finjan have published results of a survey that highlights even more optimistic growth estimates.  Hot on the heels of Forrester Research’s recent prediction that enterprise businesses will increase security spending from 11.7 percent to 12.6 percent of their overall IT budgets during 2009, gateway filtering specialists Finjan have published results of a survey that highlights even more optimistic growth estimates.


Wednesday, January 14, 2009

Encryption told to stop ignoring encryption

Brocade is warning companies to reassess their security priorities for data centres and stop ignoring encryption, after a survey found that half of respondents had experienced security breaches during 2008.  The Brocade commissioned survey of 4,500 senior European IT decision-makers in the UK, France and Germany was carried out during late 2008, across a number of verticals (public sector, health, finance, retail, manufacturing/logistics, telco, media etc).  Four out of five agreed that data security is one of the biggest challenges facing their organisation, after 50 percent of respondents admitted experiencing data loss/theft in 2008.  Last week, a report from the Identity Theft Resource Center (ITRC) also said that there had been a sharp rise in the number of reported data breaches in 2008.


Gartner EXP Worldwide Survey of More Than 1,500 CIOs Shows IT Spending to Be Flat in 2009

As enterprises face a challenging economic environment, IT spending budgets will be essentially flat with a planned increase of 0.16 percent in 2009, according to results from the 2009 CIO survey by Gartner Executive Programs (EXP).  The worldwide survey of 1,527 CIOs was conducted by Gartner EXP from September 15 to December 15 2008 and represents CIO budget plans reported at that time.  Flat IT budgets were found across enterprises in North America and Europe, with slight increases in Latin America and a slight decrease in Asia/Pacific.


Symantec virtualization tech turns 1 PC into 3

Symantec is turning to virtualization and cloud computing to protect Web surfers and let them access Web-based applications from one site.  The company demonstrated the technologies, along with another one designed to block malware from getting into corporate networks, to reporters and briefed them on its research and development strategy at an event it dubbed “Innovation Showcase” on Wednesday.  Virtualization technology that essentially creates different machines on the same computer offers a good platform for securing PCs by providing different protected environments, said Joe Pasqua, vice president of research at Symantec Research Labs.  Taking advantage of this trend, the company has developed Virtualization-based endpoint security, VIBES, technology that works with machines already running virtualization hardware and software to isolate three different areas on a computer for doing activities that require different levels of security.


Tuesday, January 13, 2009

Identity and access management 2009: Staff cuts, insider threats

What challenges will 2009 bring for identity and access management professionals?


Monday, January 12, 2009

Cyber attacks ranked 3rd danger behind nuclear war

Cyber attacks pose the greatest threat to the United States after nuclear war and weapons of mass destruction - and they are increasingly hard to prevent, FBI experts say.  “Other than a nuclear device or some other type of destructive weapon, the threat to our infrastructure, the threat to our intelligence, the threat to our computer network is the most critical threat we face,” he added.  US experts warn of “cybergeddon”, in which an advanced economy - where almost everything of importance is linked to or controlled by computers - falls prey to hackers, with catastrophic results.


IT security spending will increase to match cybercrime threat in 2009

In light of the economic downturn and rising cybercrime attacks as indicated in Finjan’s Web Security Trends Report Q4 2008, Finjan conducted an online survey among 200 IT and security professionals.


Friday, January 09, 2009

SIEM: the Answer to Awkward Security Questions

What’s the one security question that you don’t want to be asked about your company?  The author believe it’s the same question that Her Majesty the Queen raised when she visited the London School of Economics in November 2008.  Describing the global credit crunch as “awful”, she asked an LSE professor: “Why did nobody notice what was happening?”  This exchange neatly sums up a key IT security problem.


Thursday, January 08, 2009

Verizon’s enhanced service, which begins this month, is offered at no additional cost to Verizon customers now using its risk-correlation managed security services. Verizon’s managed security services include one-time fees that start at US$1,000, plus recurring fees that start at $1,200 per month, based on number of monitored devices.


Monday, January 05, 2009

Cyber Security Reaches “Tipping Point” in 2008; Attacks on Critical Infrastructure Systems and Cyber

The year 2008 was a time security threats and malicious activity reached a tipping point, and 2009 stands to be the year critical infrastructure systems become prime targets for cyber criminals and the global financial crisis will be exploited for a variety of malicious activities, according to a new report released today from VeriSign (NASDAQ: VRSN) iDefense Security Intelligence Services.