Author: admini

Outsourcers need industry savvy

Posted on by admini

The outsourcing providers–which included IBM, Accenture, Electronic Data Systems and Hewlett-Packard–are all technically competent, Meta analyst Dean Davison said.

A customer choosing between them should consider factors such as industry-specific knowledge and how their corporate cultures mesh with its own, he suggested.

IBM, Electronic Data Systems, Computer Sciences, Accenture and Science Applications International Corp. all made it into Meta’s category of outsourcing “leader.”

More info: [url=http://zdnet.com.com/2100-1104_2-5141899.html]http://zdnet.com.com/2100-1104_2-5141899.html[/url]

Read more

Target-based IDS muffles the noise to take aim on the alerts that count

Posted on by admini

Most commercial NIDSes depend on attack signatures to identify malicious or out-of-policy activity. Signature-based NIDS is a very CPU-intensive technology. Before comparing packets against the NIDS database of a thousand or more signatures, the sensors also have to perform a variety of compute-intensive operations such as HTTP normalization, converting URLs in HTTP data streams to a canonical format so that they can be compared against a list of known bad traffic. To keep from losing packets, NIDS signature writers generally only match against the minimum amount of data needed to validate an attack.

Some IDS vendors are working on making their signature and detection engines smarter, but others are taking a different path: target-based IDS. Take additional information about systems and change the signal-to-noise ratio to increase the signal and decrease the noise. You’d still get an alert for an attack packet, but if the attack were simply noise, the alert would be given a low priority.

Early entries in this field include Tenable Network Security’s Lightning Console, Cisco Systems’ Cisco Threat Response (CTR) and Internet Security Systems’ Fusion. These products combine traditional network scanning and vulnerability analysis with IDS alerting consoles. They all take in the raw alerts from your IDS consoles, but they “qualify” each alert based on whether your system is actually vulnerable.

The result: Far fewer alerts and analysis in minutes instead of hours.

This article takes a look at the nature of the beast these new tools are trying to tame.

More info: [url=http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci944401,00.html]http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci944401,00.html[/url]

Read more

VENDOR CONTRACTS GET MORE COMPLEX WITH NEW BANKING REGULATIONS

Posted on by admini

The rise of technology over the last decade has exacerbated this issue as each new or updated technology solution brings with it a new set of risks. This is the nature of technology as it serves an ever-fluid existence of rapidly maturing software and hardware remedies to challenging business requirements. The speed that both new products appear and new enhancements to existing products are applied make evaluating and monitoring technology risk a daunting task.

For example, the Sarbanes-Oxley Act is only a year old yet already dozens of manufacturers have released software products to help bank management comply with it. All of these products were also developed with expediency to capitalize on the new market the act instantly created. How about security, was there time to incorporate an active security plan within the development process?

This is why technology partners need to be just that, partners.

Banks just have to remain continually mindful that the current market rewards those third parties who react the fastest, not necessarily the best. Bank managers must also remind themselves that, under current law, outsourcing to vendors does not transfer the bank’s responsibility to satisfy regulations.

As more vendors become savvy to the implications of newer regulations, we are witnessing more of them add clauses and addendum’s in the contract to either limit accountability or sidestep participation altogether.

Today, contracts with vendors must be specific about the bank’s regulatory obligations, they can no longer be left unmentioned or implied.

More info: [url=http://www.bankinfosecurity.com/?q=node/view/461]http://www.bankinfosecurity.com/?q=node/view/461[/url]

Read more

THE GRAMM-LEACH-BLILEY ACT

Posted on by admini

The document serves as a guide for management and hopes to clarify some of the ambiguities bank management has to confront.

On January 17, 2001, the banking regulatory agencies adopted guidelines implementing the security and privacy requirements for Section 501b of the GLBA. The guidelines require financial institutions to establish a comprehensive and coordinated information security program, appropriate to the size of the bank and the complexity of its operations. However, many bank managers are still struggling with what exactly is expected of their financial institutions to satisfy these requirements.

This is further complicated by the fact that the examiners themselves are still learning how to address these new regulations causing inconsistencies among various regional areas and regulatory agencies. This will soon change and banks are in need of a better roadmap so as not to be caught off guard at their next examination.

GLBA mandates that banks ensure the security and confidentiality of customer records. These records have become more accessible to patrons and business partners with the advent of online banking, ATMs, and email.

Just as banks have taken numerous steps to assure physical security, they need to take steps to prevent network intruders from copying sensitive data and using or distributing it.

GLBA is the call for financial institutions to take the steps to seek out and prevent these acts.

More info: [url=http://www.bankinfosecurity.com/?q=node/view/457]http://www.bankinfosecurity.com/?q=node/view/457[/url]

Read more

Engaging in worm warfare

Posted on by admini

Organizations ranging from the U.S. Marine Corps to CSX, one of the larger transportation companies in the world, found themselves temporarily out of business. At CSX, the Nachi worm took out the sprawling railroad’s signaling systems, stranding train traffic for nearly two days.

You need to stay on your toes and keep up with new techniques for dealing with these worms as they are developed. The best worm defense means doing what you’ve always done — keep your anti-virus software up to date, and patch, patch, patch — and backing it up with cultural changes that emphasize the value of security.

Worms do their damage quickly, and they’re getting faster. Worse, there is evidence reported by Symantec’s Deep Sight (currently being tested in InfoWorld’s labs) that penetration attempts are on the increase. Hameroff notes that “the time between disclosure of a vulnerability by a vendor and the malware that exploits it is getting shorter,” which is further evidence that worm creators are getting faster and better.

The best defense is to do as you’ve always done — but with increased vigilance. And while you’re at it, check for new security tools. This patching “consumes a lot of people resources,” says Ken Tyminski, chief information security officer at Prudential Financial, who notes that the company has been “very, very aggressive with patching.”

More info: [url=http://www.infoworld.com/article/04/01/09/02FEworms_1.html]http://www.infoworld.com/article/04/01/09/02FEworms_1.html[/url]

Read more

Buffer Overflow Plugged in Sun ONE Web Server

Posted on by admini

Independent research firm Secunia has rated the security hole as “moderately critical.”

The vulnerability affects the Sun ONE/iPlanet Web Server 6.0 Service Pack 5 and earlier versions on the HP-UX platform.

Sun has issued a new service pack to fix the flaw, noting that there are no workarounds.

More info: [url=http://www.internetnews.com/dev-news/article.php/3298031]http://www.internetnews.com/dev-news/article.php/3298031[/url]

Read more