Author: admini

Michael Balboni, deputy secretary for public safety in New York state, described “a huge threat out there” against everything from banking institutions to water systems and dams.

Henry said terrorist groups aim for an online 9/11, “inflicting the same kind of damage on our country, on all our countries, on all our networks, as they did in 2001 by flying planes into buildings.”

Russian hackers allegedly mounted huge assaults on internet networks in Estonia and Georgia last year, while Palestinian sympathisers have orchestrated attacks against hundreds of Israeli websites in the last few days.

Evan Kohlmann, an investigator with Global Terror Alert, based in Washington, said websites and social networking tools already allow underground Islamist leaders and militant organisations to recruit and communicate in safety worldwide.

http://www.merit.edu/mail.archives/netsec/msg03055.html

The survey focused on determining the trends for allocating IT budgets in 2009 compared to 2008.

38% of all respondents stated that they do not expect a change in their 2009 IT budgets, while 34% indicated that they expect them to be Slightly smaller – reflecting the general declining trend in corporate budgets.

Organizations are trying to get the most out of their spending and reduce the Total Cost of Ownership (TCO) of their IT investments – efficiency being the name of the game.

While 2008 saw IT security departments facing new challenges in protecting valuable business data against an ever-increasing wave of cybercrime attacks, 2009 is adding a further economic challenge to the mix.

http://www.net-security.org/secworld.php?id=6915

Companies have to rely on staff to observe reasonable security practice, on partners not to pass on malware, and so on. Just like the financial markets, a big part of security is trust. Because complex networks and security deployments throw out Gigabytes of log data every day.

A recent IBM survey of 700 European IT managers highlighted the scale of the issue. Over 45% received more than 4,000 security events per second.

Although they’re vital, security systems such as IPS, IDS, firewalls and anti-virus also create problems by generating false positive alerts, often hiding emerging threats from the IT team. This volume of data swamps IT teams, and makes it almost impossible to prioritise potential threats. Perhaps the most critical issue is delayed action.

The biggest cause is insufficient alert context. Firewalls and intrusion systems don’t understand the business importance and vulnerabilities of all systems within the organization. For example, an attempted malware infection of a web server may be reported as a high-priority event by the firewall, even if systems have already been patched against it.

This is the ultimate aim of security management: understanding and prioritizing reported activities in context. This gives the IT team the ability to filter the noise, and focus on real threats.

A SIEM solution automates the collection, correlation and contextualization of security log data and events, which puts what’s happening on the network into perspective — removing the irrelevant noise, and enabling focus on the important events.

http://www.net-security.org/article.php?id=1195&p=1