admini – Page 284 – CyberSecurity Institute

Checklist brings clarity to Web Application Firewalls

Posted on July 19, 2005December 30, 2021 by admini

NetContinuum has created the checklist in order to help IT managers focus and prioritize the needs of IT management by identifying 27 distinct operations, covering both traffic delivery and security inspection including enforcement operations that are potentially applied to every transaction hitting a website.

“The Secure Application Delivery Checklist offers guidance to help them understand all the steps in the HTTP transaction lifecycle required to fully secure and manage application traffic and determine the product that best fits their needs,” Mr. Abrams added.

http://www.ebcvg.com/articles.php?id=808

Calculate Security and Compliance Cost, Benefits

Posted on July 19, 2005December 30, 2021 by admini

As they review their process, further refinements with more specific company data will enable a clear view of the costs to the IT organization.

As they create IT security compliance strategies and identify their potential impact to productivity and tangible costs, new data can be used to provide a calculation of the financial benefits of implementing security that closely reflects actual financial impact.

This enables organizations to create “what if” scenarios and to validate potential compliance strategies by creating a snapshot of the potential benefits associated with each one.

The Compliance IT Security Cost/Benefit Calculator shows the cost savings associated with productivity gains in security management, compliance management, and mitigating security risks with a long term view. “This Compliance IT Security Cost/Benefit Calculator contains tangible and intangible benefits to provide an assessment of the potential return on IT security compliance spending. The results are completely private and organizations can come back to the calculator as often as needed to update and fine-tune their requirements and planning.”

http://www.apani.com/calculator
http://www.ebcvg.com/articles.php?id=809

Cost of US cyber attacks plummets

Posted on July 18, 2005December 30, 2021 by admini

Virus attacks continue as the source of the greatest financial pain, making up 32 per cent of the overall losses reported.

But unauthorized access showed a dramatic increase and replaced denial of service as the second most significant contributor to cybercrime losses. Unauthorised access was fingered for a quarter (24 per cent) of losses reported in the CSI/FBI Computer Crime and Security Survey 2005.

Meanwhile losses from theft of proprietary information doubled last year, based on the survey of 700 computer security practitioners in various US corporations, universities and government agencies.

The study found fears about negative publicity are preventing organisation from reporting cybercrime incidents to the police, a perennial problem the CSI/FBI study reckons is only getting worse.

Assuming that this isn’t true of what respondents also told CSI’s researchers (academics from the University of Maryland), the study presents a picture of reducing cyber crime losses that contrasts sharply with vendor-sponsored studies.

Chris Keating, CSI Director, said its study suggests that organizations that raise their level of security awareness but warns against complacency in the face of a changing cybercrime threat. “Individual users are more exposed to computer crime than ever, due to the growth in identity theft schemes. We can’t help but note the shift in the survey results toward more financial damage due to theft of sensitive company data. This is an ominous, though not unexpected, development and underscores the need to insist that enterprise networks be properly safeguarded,” he said.

The CSI/FBI Computer Crime and Security Survey aims to help determine the scope of computer crime along with promoting security awareness.

http://www.theregister.co.uk/2005/07/18/csi_fbi_security_survey/

Computer virus infections on the rise globally

Posted on July 17, 2005December 30, 2021 by admini

The trend in the last four years saw the number of infections increase slightly after the first quarter, then decrease to lower levels in the last quarter.

But this quarter’s 10,248,989 infections is a big leap from the last quarter and this number is expected to increase in the next two quarters.

North America, which is the home to many large and prominent industries, remains as the favourite target of Malware authors in the past quarters. This may be due to the new trend of Malware slanting on profit more than destructiveness, it said.

http://www.zeenews.com/znnew/articles.asp?aid=229353&ssid=29&sid=env

Microsoft Plans Security Alliance

Posted on July 17, 2005December 30, 2021 by admini

Microsoft is keeping details under wraps until the program is finalized, yet executives say it is planning to require partners to gain industry-standard certifications such as one from the International Information Systems Security Certification Consortium.

“Becoming a Gold partner and qualifying for the security competency have done a lot, but Microsoft certifications are not enough and we will be adding industry-respected certification,” said Mike Nash, corporate vice president of the Security Business and Technology Unit at Microsoft, Redmond, Wash.

http://www.crn.com/showArticle.jhtml;jsessionid=Q20WOK44VGIHOQSNDBNSKH0CJUMEKJVN?articleID=165702774

Wi-Fi Watchdog 5.0 Tracks Wi-Fi Users By Location

Posted on July 16, 2005December 30, 2021 by admini

Newbury said it believes it is the first company to use “precise location technology to deliver intrusion prevention, rogue containment, client protection and intrusion detection with a full set of location-specific security alerts, security-related compliance reports and enhanced graphical views for IT/Security personnel to identify and pinpoint security threats.”In an interview, Newbury Networks’ director of product management Brian Wangerien said Wi-Fi wireless networks are growing so rapidly that many organizations institute a “no Wi-Fi policy,” because they can’t control security on wireless networks.

“Many companies aren’t ready to deploy Wi-Fi,” he said. “Access points can be all over the place. So some start with ‘no Wi-Fi’ but then they gradually build out.” He added that Wi-Fi Watchdog 5.0 enables IT managers to gradually build out their wireless networks.

A network of sensors constantly monitors all access points on networks, establishing RF fingerprinting or RF pattern matching solutions. “Each physical location has a different pattern and (network operators) are able to track them very accurately,”When an unauthorized person attempts to enter the network he or she is blocked and users who wander off from the network are likewise “sniped” from the network.Wangerien said the Watchdog product has been successfully used by early adopters including the U.S. Air Force and Boston-based MFS, an investment banking firm.

In the Air Force application network operators have tight security over wireless access points ranging from commanders’ offices to fighter planes.

In the MFS application, control easily moves from different floors, even when non-MFS floors interspersed between MFS offices different floors.The server-based software Wi-Fi Watchdog 5.0 can stop threats that aren’t addressed by authentication and encryption technologies.

Wi-Fi Watchdog has long been able to classify the nature of attacks, but by identifying the physical location of attacks, the measure can eliminate false positives in most attacks, the firm noted.”IT and security personnel can visualize where the threats and attacks are originating in an easy-to-use graphical viewer,” Newbury stated.

http://informationweek.com/story/showArticle.jhtml?articleID=164903156