January 2004 – Page 3 – CyberSecurity Institute

An IT Manager

Posted on January 21, 2004December 30, 2021 by admini

Surveys show that any large organisation lose between 3-5% of their laptops every year.

Relaying laptop theft stories in the local pub is almost as common-place as people boasting how much their houses have shot-up in price over the last two years. However, with an increasingly mobile workforce, often using privately bought mobile devices, the board and IT departments have to take greater notice of who is carrying what around with them and take a rain check of the damage that could be caused if this information was lost and broadcast to the outside world.

[i]One[/i] You must have a mobile Use policy or ensure that your corporate IT security policy has specific provision for mobile devices and you update it whenever you adopt new hardware categories such as combined PDA/phones.
[i]Two[/i] Take the responsibility of IT security away from the end-user and centrally manage and deploy it.
[i]Three[/i] Invest in a solution which is usable and flexible.
[i]Four[/i] Have a blanket approach to security by owning every mobile device that leaves your office and make access control and encryption mandatory.
[i]Five[/i] Be realistic with passwords
[i]Six[/i] Become a realist

Check Point launches dewormer for internal networks

Posted on January 20, 2004December 30, 2021 by admini

Nick Lowe, Check Point director for Northern Europe, says his firm’s approach scores over Cisco’s Network Admission Control program by avoiding the need to install client software.

InterSpect appliances are based on Check Point’s Stateful Inspection and Application Intelligence technologies and designed specifically to inspect the protocols and applications used on internal networks.

According to Check Point, InterSpect is better than products designed for perimeter security within Intranet environments because of its greater awareness of internal applications and protocols (such as database protocol SQL).

More info: [url=http://www.theregister.co.uk/content/55/35003.html]http://www.theregister.co.uk/content/55/35003.html[/url]

Outsourcers need industry savvy

Posted on January 15, 2004December 30, 2021 by admini

The outsourcing providers–which included IBM, Accenture, Electronic Data Systems and Hewlett-Packard–are all technically competent, Meta analyst Dean Davison said.

A customer choosing between them should consider factors such as industry-specific knowledge and how their corporate cultures mesh with its own, he suggested.

IBM, Electronic Data Systems, Computer Sciences, Accenture and Science Applications International Corp. all made it into Meta’s category of outsourcing “leader.”

More info: [url=http://zdnet.com.com/2100-1104_2-5141899.html]http://zdnet.com.com/2100-1104_2-5141899.html[/url]

Target-based IDS muffles the noise to take aim on the alerts that count

Posted on January 14, 2004December 30, 2021 by admini

Most commercial NIDSes depend on attack signatures to identify malicious or out-of-policy activity. Signature-based NIDS is a very CPU-intensive technology. Before comparing packets against the NIDS database of a thousand or more signatures, the sensors also have to perform a variety of compute-intensive operations such as HTTP normalization, converting URLs in HTTP data streams to a canonical format so that they can be compared against a list of known bad traffic. To keep from losing packets, NIDS signature writers generally only match against the minimum amount of data needed to validate an attack.

Some IDS vendors are working on making their signature and detection engines smarter, but others are taking a different path: target-based IDS. Take additional information about systems and change the signal-to-noise ratio to increase the signal and decrease the noise. You’d still get an alert for an attack packet, but if the attack were simply noise, the alert would be given a low priority.

Early entries in this field include Tenable Network Security’s Lightning Console, Cisco Systems’ Cisco Threat Response (CTR) and Internet Security Systems’ Fusion. These products combine traditional network scanning and vulnerability analysis with IDS alerting consoles. They all take in the raw alerts from your IDS consoles, but they “qualify” each alert based on whether your system is actually vulnerable.

The result: Far fewer alerts and analysis in minutes instead of hours.

This article takes a look at the nature of the beast these new tools are trying to tame.

More info: [url=http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci944401,00.html]http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci944401,00.html[/url]

VENDOR CONTRACTS GET MORE COMPLEX WITH NEW BANKING REGULATIONS

Posted on January 14, 2004December 30, 2021 by admini

The rise of technology over the last decade has exacerbated this issue as each new or updated technology solution brings with it a new set of risks. This is the nature of technology as it serves an ever-fluid existence of rapidly maturing software and hardware remedies to challenging business requirements. The speed that both new products appear and new enhancements to existing products are applied make evaluating and monitoring technology risk a daunting task.

For example, the Sarbanes-Oxley Act is only a year old yet already dozens of manufacturers have released software products to help bank management comply with it. All of these products were also developed with expediency to capitalize on the new market the act instantly created. How about security, was there time to incorporate an active security plan within the development process?

This is why technology partners need to be just that, partners.

Banks just have to remain continually mindful that the current market rewards those third parties who react the fastest, not necessarily the best. Bank managers must also remind themselves that, under current law, outsourcing to vendors does not transfer the bank’s responsibility to satisfy regulations.

As more vendors become savvy to the implications of newer regulations, we are witnessing more of them add clauses and addendum’s in the contract to either limit accountability or sidestep participation altogether.

Today, contracts with vendors must be specific about the bank’s regulatory obligations, they can no longer be left unmentioned or implied.

More info: [url=http://www.bankinfosecurity.com/?q=node/view/461]http://www.bankinfosecurity.com/?q=node/view/461[/url]

THE GRAMM-LEACH-BLILEY ACT

Posted on January 14, 2004December 30, 2021 by admini

The document serves as a guide for management and hopes to clarify some of the ambiguities bank management has to confront.

On January 17, 2001, the banking regulatory agencies adopted guidelines implementing the security and privacy requirements for Section 501b of the GLBA. The guidelines require financial institutions to establish a comprehensive and coordinated information security program, appropriate to the size of the bank and the complexity of its operations. However, many bank managers are still struggling with what exactly is expected of their financial institutions to satisfy these requirements.

This is further complicated by the fact that the examiners themselves are still learning how to address these new regulations causing inconsistencies among various regional areas and regulatory agencies. This will soon change and banks are in need of a better roadmap so as not to be caught off guard at their next examination.

GLBA mandates that banks ensure the security and confidentiality of customer records. These records have become more accessible to patrons and business partners with the advent of online banking, ATMs, and email.

Just as banks have taken numerous steps to assure physical security, they need to take steps to prevent network intruders from copying sensitive data and using or distributing it.

GLBA is the call for financial institutions to take the steps to seek out and prevent these acts.

More info: [url=http://www.bankinfosecurity.com/?q=node/view/457]http://www.bankinfosecurity.com/?q=node/view/457[/url]