While the number of vulnerabilities found in software essentially has plateaued, the flaws are increasingly easy to exploit and, more often than not, quite severe, according to a new report.
Report: Rise in virus attacks costs firms dearly
The Computer Virus Prevalence Survey found that last year, almost a third of the hundreds of businesses polled worldwide had suffered a virus “disaster,” defined as 25 or more computers infected by a single virus in the same incident.
The report was released on Friday by the ICSA Labs subsidiary of security firm TruSecure. The survey polled 300 randomly selected companies and found that 92 had had major virus incidents in 2003, up from 80 in the year before. Almost all of the companies surveyed said that at least 90 percent of their desktops have antivirus protection, but still a third of the companies suffered virus disasters.
The servers had to be taken down for an average of 17 hours as a result, the report said.
http://zdnet.com.com/2100-1105_2-5176420.html
Symantec to launch network gatekeeper
Each product in the Gateway Security 300 Series will include six integrated security functions, along with an option for a secure wireless access point for LANs (local area networks), according to Symantec.
The devices integrate firewall, intrusion prevention, intrusion detection, antivirus policy enforcement, content-filtering and VPN capabilities.
They are designed to analyze information packets and their destinations, to block malicious packets, to monitor computers for viruses, and to automatically update Symantec antivirus software.
Each appliance also includes an automatic-dial back-up feature, designed to ensure that a company’s Internet connection isn’t lost if a main broadband connection falters.
The products will hit the market in late April, with a starting price of about $400 for the low-end models, such as the Gateway Security 320, which can accommodate roughly 50 users, according to Symantec.
http://news.com.com/2100-7347_3-5175678.html?tag=nefd_top
Microsoft Reissues Office XP Fix
As Microsoft continues to release a torrent of bulletins and fixes for Office XP and Office 2003, IT administrators and service providers that run customer networks are looking forward to Microsoft’s upgraded Software Update Services 2.0 (SUS 2.0) patch-management solution, which extends support for patches beyond Windows to Office and other applications.
http://www.techweb.com/wire/story/TWB20040310S0014
CIOs Say Security Is Top Priority
In the survey of more than 950 CIOs from organizations in North America, Latin America, Europe, Asia/Pacific, the Middle East, India, and South Africa, Gartner EXP found that the corporate heads of IT anticipate a technology spending increase of just 1.4 percent during 2004. About 40 percent believe that this increase won’t happen until the second half of the year.
“Even though the global economy is on the up-turn, CIOs still show a lot of caution,” said Marcus Blosch, a vice president and research director for Gartner EXP. “They’re being very conservative, laying down the foundations of growth, but not aggressively pushing for it. “Call it a shifting of gears,” he added, “from a dampened mode to a growth mode.” Global IT spending won’t substantially increase, he added, until CIOs are confident that the recovery is real, and sustainable.
Among the priorities that the CIOs outlined to Gartner EXP, the top one in 2004 will be security, which held the number two spot last year.
“Anything to do with security, data security management, and data privacy and protection will get emphasized by CIOs this year,” said Blosch. With purse strings still tight, CIOs will fight to spend on BI, he said, because “they think that it will help them understand their markets and customers much better.
And the hot-button issue of outsourcing — hot at least with voters and lawmakers in the U.S. — will only get hotter, as CIOs continue to press for lower costs, which leads them to shift services overseas. “Outsourcing is set to continue, and grow quite significantly,” Blosch concluded from the survey. “But while it’s a key initiative in many companies, business process outsourcing remains a bit of a blind spot for many CIOs.”
Rising spam levels are beginning to test the technology we had implemented. It’s out of hand, and implementing a successful solution is a top-5 IT priority for us.
http://informationweek.securitypipeline.com/news/18311537
Cisco Software Zeros In on DoS Attacks
The new additions to Cisco’s product line come less than two months after one of the company’s main competitors, Juniper Networks Inc., paid nearly $4 billion to acquire NetScreen Technologies Inc., a maker of integrated security appliances. The company has added a feature called the IP Source Tracker that can help administrators find the entry point through which a denial-of-service attack is coming into the network.
The VPN 3020 can support up to 750 IPSec tunnels and 200 SSL connections and goes for $9,995. Cisco officials said that the current trend in the industry of turning SSL VPNs into standalone products is not one they intend to follow.
http://www.eweek.com/article2/0,4149,1545800,00.asp?kc=EWRSS03119TX1K0000594