Category: News

The most recent movement comes from BT Group, global provider of communications solutions and managed services, which announced that it acquired Counterpane Internet Security, a provider of managed network security services.

In late September 2006, SecureWorks and LURHQ merged under the SecureWorks name.

In late August, IBM announced that it had reached a deal to acquire Internet Security Systems (ISS) for $1.3 billion in cash.

If Perimeter wants to be acquired, its own recent acquisitions make it ripe for that possibility. SurfControl announced two new managed security services offerings for Web and email protection. The merger and acquisition trends fit with industry analyst projections for increasing interest in the overall managed services sector.

http://www.windowsitpro.com/WindowsSecurity/Article/ArticleID/94176/WindowsSecurity_94176.html

Blum will talk about this and other security trends in his “Security Landscape: Market in Flux” session on Monday at the Computer Security Institute’s 33rd Annual Conference and Expo in Orlando, Fla.

This integration is also expected to simplify security oversight, with fewer tools and easier management of all that data they generate. “If you had one vendor provide everything for you, then it wouldn’t [be able to easily] keep up with change and new attacks,” he says. “And if you have too many different vendors’ products, you can’t keep up with the burden of integrating” it all and you’re probably not getting the best bang for your buck because you’ll also have to invest in integrating the tools.

The key is not getting trapped on a treadmill of having to buy a new security tool every time a new attack vector is discovered, or a new compliance requirement comes along, he says.

Meanwhile, there’s still no easy way to manage — nor sift through the false alarms — the data security tools generate. Today’s network operations centers don’t typically encompass all of an organization’s security management, “Most of us don’t have security in the NOC. You see security teams playing more strategic roles than operations, such as compliance, high-level risk management, etc. And they need to be able to exert control through distributed points as well… You can’t do it all from one NOC.”

http://www.darkreading.com/document.asp?doc_id=109786&WT.svl=news1_3

Windows Vista is due out to consumers at the end of January 2007, and incorporates several security technologies including PatchGuard, which prevents third parties from modifying the core system software.

“With antitrust concerns temporarily satisfied, Microsoft may feel less pressure to make kernel modifications quickly,” MacDonald wrote.

A number of security companies have taken Microsoft to task for its PatchGuard protections, because it limits their ability to offer enhanced security for 64-bit computer systems, which are being quickly adopted by consumers and corporations.

http://www.securityfocus.com/brief/335

“Your problem is no longer how do I avoid being attacked, but how do I find where I’ve been compromised.”

Last year, computer emergency response groups in the U.K., Canada and Australia warned of such attacks. While the United States Computer Emergency Readiness Team (US-CERT) did not issue a warning, security firms confirmed at the time that U.S government agencies and companies had already been targeted by such malicious software.

A major problem for large companies, government agencies and other potential targets is that antivirus software is not good at stopping low-volume attacks aimed at single companies. Traditional antivirus programs detect widespread attacks based on matching to a known pattern and do not fare well against low-volume Trojans. “There is no value whatsoever in having signature-based antivirus when facing a targeted attack,” said Joshua Corman, host protection architect for Internet Security Systems (ISS).

Military agencies, human rights organizations and pharmaceutical companies are some of the types of groups that are being targeted by specifically aimed attacks.
timate programs as potential threats.

http://www.securityfocus.com/news/11418

Businesses need to look at integrated security solutions under a single console which deliver protection against a full range of threats while at the same time being cost effective and easy to manage,” said McAfee’s European director of system security Aminah Gianfrancesco.

One of the main difficulties for businesses with multiple software solutions from a variety of vendors is keeping the whole security shebang up-to-date, and this means managing the deployment of patches.

Italian businesses are the biggest patchers with 67 per cent admitting to deploying patches at least once a day, closely followed by German businesses. Regardless of multiple IT security systems, only 23 per cent of respondents said they are completely satisfied with the level of security across their systems and network.

http://www.theregister.co.uk/2006/10/02/eu_biz_security_confusion/

Security firms such as McAfee and Symantec believe Microsoft’s actions around security for Vista amounts to a similar anti-competitive stance.

Last month the European Union competition commissioner, Neelie Kroes, accused Microsoft of orchestrating a “co-ordinated campaign” to discredit her. It added: “If Microsoft wants to make Vista more secure, it should provide equal access to the platform that its own developers have to ensure that security vendors can continue to innovate on the platform, and to ensure that consumers and manufacturers can continue to choose the best security solutions for the platform.”

http://news.bbc.co.uk/1/hi/technology/5399534.stm