December 2003 – Page 2 – CyberSecurity Institute

Interest in Online Banking Grows – Only Security could impede growth

Posted on December 22, 2003December 30, 2021 by admini

According to Jupiter Research, the number of online banking households will grow at a compound annual growth rate of 14 percent to 56 million over the next five years.

The reason for the jump is simple — more households will connect to the Internet. Once the purview of well-heeled consumers, online banking will see its strongest growth from lower and middle class households (defined in this study as those with income of $75,000 or less), which will use bank Web sites to manage credit cards and auto loans, Jupiter Research says.

Jupiter Research analysts say online banking has more to do with consumers’ choice of channel (the Internet, rather than the teller or telephone) than differences between rival banks offerings.

The report states “only possible threat” to increasing online bank usage is a security breach and concludes, “Security concerns are already a primary inhibitor of initial consumer adoption; if realized, they will be a serious drier of online attrition.”

More info: [url=http://www.internetnews.com/fina-news/article.php/3292001]http://www.internetnews.com/fina-news/article.php/3292001[/url]

US raises level of terror alert

Posted on December 21, 2003December 30, 2021 by admini

Secretary of Homeland Security Tom Ridge said the move followed a substantial increase in intelligence reports about possible threats.

Intelligence intercepts suggested that the threat now from al-Qaeda was greater than at any time since the attacks on New York and Washington, he added.

More info: [url=http://news.bbc.co.uk/1/hi/world/americas/3335595.stm]http://news.bbc.co.uk/1/hi/world/americas/3335595.stm[/url]

Editorial Comment: Is Virtual Turning in Real

Posted on December 20, 2003December 30, 2021 by admini

It has been said that games are the “bleeding edge” of computing. Could the games be changing how we value online property?

Look at iTunes and Walmart selling music throught the Internet.

As they say, I think we are starting to see the winds of change shifting again.

Cisco Warns of DoS Danger for Switch Users

Posted on December 19, 2003December 30, 2021 by admini

According to Cisco, “The Cisco FWSM may crash and reload due to a buffer overflow vulnerability while processing HTTP traffic requests for authentication using TACACS+ or RADIUS. If the user name and password are verified by the designated TACACS+ or RADIUS authentication server, the Cisco FWSM will allow further traffic between the authentication server and the connection to interact independently through the Cisco FWSM’s ‘cut-through proxy’ feature.”

The second occurs when the FWSM receives and processes an SNMPv3 message “when snmp-server host or snmp-server host poll is configured on the Cisco FWSM.”

More info: [url=http://www.eweek.com/article2/0,4149,1418087,00.asp]http://www.eweek.com/article2/0,4149,1418087,00.asp[/url]

Decru ships the first security appliance to support encryption for disk and tape

Posted on December 19, 2003December 30, 2021 by admini

Data security is a top concern for IT organisations worldwide and portable media like backup tapes pose unique security challenges. Tapes are small, easily concealed and frequently entrusted to third parties for offsite storage. When data is stored in cleartext, insiders, contractors or attackers can easily gain access to sensitive information.

Decru’s tape security appliances protect data with strong encryption, access controls and comprehensive auditing, ensuring that only authorised users can read sensitive data.

DataFort’s cryptographic host authentication prevents spoofing attacks, blocking unauthorised server access and enhancing fabric security.

More info: [url=http://www.securitypark.co.uk/article.asp?articleid=21945&CategoryID=]http://www.securitypark.co.uk/article.asp?articleid=21945&CategoryID=[/url]

Early Lessons of Identity Management Implementations

Posted on December 19, 2003December 30, 2021 by admini

Enterprises everywhere have fundamental concerns about the manner in which IT organizations can deliver an identity infrastructure that is both productive and efficient while also being secure. Compliance drivers (i.e., legal and regulatory) are also becoming increasingly important, as evidenced by recent legislation on all continents. These factors have combined to drive significant decision making among IT infrastructure planners regarding how best to manage the identity asset currently in use in the enterprise.

Lessons Learned: Planning for Identity Management

1. Managing Expectations Increases the Likelihood of Successful Implementations
2. Executive Sponsorship Is Not Optional
3. Identity Must Be Defined as a Strategic Asset and Used as the Basis for Planning
4. Identity Management Is Integration Management
5. Nothing Is As Political As identity
6. A Sound Identity Infrastructure Is a Prerequisite to Effective Identity Management Deployment
7. It