IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
20 Dec 2024
Top 10 data and ethics stories of 2024
Here are Computer Weekly’s top 10 data and ethics stories of 2024 Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
19 Dec 2024
Latest attempt to override UK’s outdated hacking law stalls
Amendments to the Data Bill that would have given the UK cyber industry a boost by updating restrictive elements of the Computer Misuse Act have failed to progress beyond a Lords committee Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Feb 2007
New storage IPOs report losses
Of the 2006 "graduating class" of storage IPOs, two reported losses this week in their first quarter as public companies. Continue Reading
By- SearchStorage.com Staff
-
News
08 Feb 2007
Roundup: Vista security, breakability touted at RSA Conference
At RSA Conference 2007, Microsoft extolled the security virtues of its new operating system, but others weren't afraid to demonstrate how Vista security is lacking. Continue Reading
By- SearchSecurity.com Staff
-
News
07 Feb 2007
Briefs: Vulnerabilities found in Trend Micro, Firefox browser
This week, Trend Micro released a fix for a flaw in its antivirus engine, while no fixes are available for two newly discovered Mozilla Firefox browser flaws. Continue Reading
By- Edmund X. DeJesus, Contributor
-
News
07 Feb 2007
EMC plans array-based encryption via PowerPath
EMC's next security move will be array-based encryption through PowerPath by 2008, according to internal documents obtained by SearchStorage. Continue Reading
By- Beth Pariseau, Senior News Writer
-
News
05 Feb 2007
VoIP security, unified communications need questioned
VoIP security issues and questions about the business need for unified communications have stalled adoption of both technologies, according to CompTIA's recent survey. Continue Reading
By- Kate Dostart, Associate Editor
-
News
05 Feb 2007
Rootkit dangers at an 'all-time high'
Industry experts at RSA Conference 2007 say not only have rootkits become the weapon of choice for malicious hackers, but they've also emerged as useful tools for legitimate businesses trying to exert control over users. Continue Reading
-
News
05 Feb 2007
Symantec chief: Consumer confidence in data protection is key to online growth
In his keynote at RSA Conference 2007, Symantec CEO John W. Thompson said Big Yellow is ready for the shifting dynamics in the information security market, and implied that Microsoft's growing presence in security is a conflict of interest for its customers. Continue Reading
By- Rob Westervelt, News Editor
-
News
05 Feb 2007
Acopia hypes heterogeneous snapshot
The file virtualisation startup is blustering about a demonstration of heterogeneous snapshot technology, but is being coy about releasing a product. Continue Reading
By- SearchStorage.com Staff
-
News
05 Feb 2007
Coviello: In 3 years, no more stand-alone security
RSA President Art Coviello says today's patchwork of monolithic security devices will disappear in the next three years as security is integrated into the larger IT infrastructure. Continue Reading
By -
News
05 Feb 2007
CA backup bug exploitable on Vista
In what appears to be the first exploit for a third-party app running on Vista, a previously patched buffer overflow vulnerability in CA BrightStor ARCserve Backup has been exploited. One security firm says ISVs aren't taking advantage of Vista's new security features. Continue Reading
By- Michael Mimoso, TechTarget
-
News
05 Feb 2007
Gates touts secure access anywhere
Microsoft's chairman tells RSA Conference 2007 attendees that a combination of authentication and access management strategies is what it takes to protect corporate data, but information security pros are willing to wait for the proof. Continue Reading
By- Michael Mimoso, TechTarget
-
News
05 Feb 2007
RSA Conference 2007: Product announcements
RSA Conference 2007: Product announcements Continue Reading
-
News
04 Feb 2007
Vista exploitable, researcher says
Marc Maiffret, CTO and chief hacking officer of eEye Digital Security, said he has found a way to elevate system privileges by exploiting a flaw in Windows Vista. Continue Reading
By -
News
04 Feb 2007
CISOs mastering 'softer' skills
Why CISOs can no longer rely on technology skills alone and what businesses are looking for when recruiting their next information security leader. Continue Reading
By- Amber Plante, Assistant Managing Editor, Information Security magazine
-
News
04 Feb 2007
Email security buying decisions
Email security can be a daunting task for SMBs -- how do you go about finding the right product? This tip delves into three approaches to email security and the products available. Continue Reading
By- Joel Dubin, CISSP, Contributor
-
News
04 Feb 2007
Dozens of Web sites spread malicious Trojan
Update: The same malicious JavaScript keylogger that compromised the Dolphin Stadium Web site last week was found over the weekend on dozens of other high-profile Web sites. Continue Reading
By- Eric Parizo, Senior Analyst
-
News
04 Feb 2007
RSA Conference 2007: Special news coverage
Check out news, interviews, product announcements, podcasts and more live from the RSA Conference 2007 in San Francisco. Continue Reading
-
News
04 Feb 2007
HP fills in gaps with product updates
HP announced updates to several of its products, but analysts are wondering what its ultimate strategy will be for storage virtualisation. Continue Reading
By- Beth Pariseau, Senior News Writer
-
News
04 Feb 2007
Intrusion detection systems are alive and kicking
IPS hasn't overtaken intrusion detection systems just yet. Senior News Writer Bill Brenner reveals what customers want when they're shopping for IDS products. Continue Reading
By -
News
04 Feb 2007
HDS to acquire Archivas for up to $120M
HDS will acquire archiving software partner, Archivas for close to $120 million stepping up its effort to compete with EMC in this market. Continue Reading
By- Jo Maitland, TechTarget
-
News
04 Feb 2007
New zero-day attack targets Microsoft Excel
Microsoft says maliciously crafted Excel files may permit the execution of arbitrary code. Other Microsoft Office applications may be at risk. Continue Reading
By- Edmond X. DeJesus, Contributor
-
Feature
31 Jan 2007
New security vendors take on sophisticated attackers
IT Security vendors are developing technologies that show promise in preventing unknown attacks and protecting machines with zero-day vulnerabilities. Continue Reading
-
News
30 Jan 2007
Microsoft disputes Word zero-day report
Symantec is warning of a new zero-day vulnerability in Microsoft Word. But Microsoft doesn't believe the flaw is new. Continue Reading
By -
News
30 Jan 2007
Lawyers discuss e-discovery gotchas
During panel sessions at Legal Tech, lawyers provided their insights into the e-discovery process, retention policies and helping judges get up to speed. Continue Reading
By- Jo Maitland, TechTarget
-
News
30 Jan 2007
Symantec unveils 'universal ID system'
Symantec said the goal is to create a universally accepted identity system across all Web sites -- from online financial institutions to retailers -- for millions of consumers. Continue Reading
By- SearchSecurity.com Staff
-
News
30 Jan 2007
Using IAM tools to improve compliance
Provisioning and password management tools can ease complexity, reduce help desk calls and save money. But they also have an added benefit: they can help with your compliance woes. Continue Reading
-
News
29 Jan 2007
TJX faces lawsuit over data breach
A class action lawsuit against TJX accuses the retailer of negligence for not doing enough to secure customer data and for keeping quiet about the breach for a month. Continue Reading
By -
News
28 Jan 2007
IBM improves data recovery process for TSM users
Tivoli Storage Manager 5.4, released this week, establishes a disk cache for most recently backed-up files, improving the slow restore times associated with the product. Continue Reading
By- Jo Maitland, TechTarget
-
News
28 Jan 2007
IBM to acquire Softek, looks to pump up services biz
IBM says it intends to use Softek's Transparent Data Migration Facility within its Global Services business. Continue Reading
By- Beth Pariseau, Senior News Writer
-
News
25 Jan 2007
IBM tool makes online purchases anonymous
A new tool makes online purchases anonymous by using artificial identity information. Experts say enterprises need to adopt the technology before it can become a viable option. Continue Reading
By- Robert Westervelt, TechTarget
-
News
25 Jan 2007
Apple fixes Mac Wi-Fi flaw
The Mac OS X Wi-Fi flaw Apple fixed on 24 Jan was first disclosed as part of the Month of Kernel Bugs in November. Attackers could exploit it to crash the targeted system. Continue Reading
By -
News
25 Jan 2007
Symantec makes major update to Enterprise Vault
Symantec adds automated data classification and integration with security products in Version 7.0 of its Enterprise Vault archiving tool; EMC reports record earnings for the fourth quarter. Continue Reading
By- SearchStorage.com Staff
-
News
25 Jan 2007
Network-based attacks
The second tip in our series, "How to assess and mitigate information security threats." Continue Reading
-
News
25 Jan 2007
Balancing the cost and benefits of countermeasures
The final tip in our series, "How to assess and mitigate information security threats." Continue Reading
-
News
25 Jan 2007
How to assess and mitigate information security threats
Learn how to assess and mitigate information security threats, like rootkits, worms and Trojans in the tip series created in collaboration with Realtimepublishers and Dan Sullivan, author of The Shortcut Guide to Protecting Business Internet Usage. Continue Reading
-
News
25 Jan 2007
Information theft and cryptographic attacks
The third tip in our series, "How to assess and mitigate information security threats." Continue Reading
-
News
25 Jan 2007
Malware: The ever-evolving threat
The first tip in our series, "How to assess and mitigate information security threats" Continue Reading
-
News
24 Jan 2007
TJX data breach info used to make fraudulent purchases
Fraudulent purchases have been reported globally, according to a trade association that represents more than 200 banks in Massachusetts. Continue Reading
By- Robert Westervelt, TechTarget
-
News
24 Jan 2007
Microsoft investigates new Word zero-day
An unpatched memory-corruption flaw in Microsoft Word is the target of "limited" attacks in the wild, Microsoft confirmed Thursday. Continue Reading
By -
News
23 Jan 2007
Cisco fixes IOS flaws
Attackers could exploit three Cisco IOS flaws to cause a denial of service or launch malicious code. The networking giant has released fixes. Continue Reading
By -
News
23 Jan 2007
McAfee: Malware all about ID theft
The use of keylogger technology is surging and there's been a 100-fold rise in phishing attacks, according to a new report from McAfee. Continue Reading
By- Bill Brenner, Senior News Writer
-
News
18 Jan 2007
ID theft victim to TJX customers: Mind your data
Customers should guard their own data, says one ID theft victim. Meanwhile, some in the banking industry say TJX may have stored more data than necessary. Continue Reading
By -
Feature
18 Jan 2007
Vendors: Cut the hype, truth is what sells
Storage virtualisation technologies have been purchased and implemented successfully for years. The rest of the IT infrastructure must try to catch up and, ultimately, the only thing not virtualised within the datacentre will be the last guy standing. Continue Reading
By- Steve Duplessie, founder and senior analyst for the Enterprise Strategy Group
-
News
17 Jan 2007
Companies take IM threats seriously
Wesabe is a brand new money management community. It takes threats to IM as seriously as those targeting email and web applications Continue Reading
By -
News
17 Jan 2007
Data breach at TJX could affect millions
Retailer TJX Companies said a hacker gained access to its systems exposing the credit card data of millions of customers. Continue Reading
By- Robert Westervelt, TechTarget
-
Feature
17 Jan 2007
TJX breach: There's no excuse to skip data encryption
Companies complain that database encryption products are too expensive and difficult to manage, but customer loss and breach notification costs outweigh encryption expenses. Continue Reading
-
News
16 Jan 2007
Fortify Software to acquire Secure Software
The acquisition of Secure Software will allow Fortify to expand into the requirements and design phases of the software development lifecycle, the company said. Continue Reading
By -
Feature
15 Jan 2007
PatchLink offers solid flaw management
PatchLink Update 6.3 is a solid solution to the enterprise patch management problem and demonstrates its true power in a Windows environment. Continue Reading
By -
News
15 Jan 2007
Core Security offers powerful testing tool
We highly recommend Core Impact 6.0 to security engineers to verify the vulnerability of their networks. Continue Reading
By- Mike Poor, Contributing Writer
-
News
15 Jan 2007
Apere's IMAG 500 a tough sell
Product review: Apere says many of the issues we encountered are addressed in its next release, but mid-enterprise businesses may not have the tolerance for this product. Continue Reading
By -
News
14 Jan 2007
Storage management software finalists
Find out who was selected as finalists in the storage management software category for our storage products of the year Continue Reading
-
News
11 Jan 2007
Oracle emulates Microsoft with advance patch notice
Oracle will patch 52 security flaws across its product line Tuesday, according to its inaugural CPU advance notification bulletin. Continue Reading
By -
News
10 Jan 2007
Sophos acquires Endforce to add NAC
Antivirus vendor Sophos is rounding out its email Web and desktop security software with Endforce's network access control (NAC) software. Continue Reading
By- Robert Westervelt, TechTarget
-
News
09 Jan 2007
More users increase risk for Volkswagen AG
With 1.5 million users on the network, Volkswagen AG depends more than ever on strong ID and access management to safeguard intellectual property, according to its CISO. Continue Reading
By -
News
09 Jan 2007
Remote flaw in Vista could earn finder $8,000
VeriSign Inc.'s iDefense Labs is offering an $8,000 bounty to any researcher who finds a remotely exploitable flaw in Windows Vista. Continue Reading
-
News
09 Jan 2007
Network configuration management key to VoIP success
While companies spend millions on upgrading infrastructure for VoIP, little attention is given to solving the largest source of downtime – configuration-related outages due to human error. Continue Reading
By- Zeus Kerravala, senior vice president, Yankee Group
-
Feature
08 Jan 2007
Inside MSRC: Microsoft updates WSUSSCAN issue
Christopher Budd of the Microsoft Security Response Center is urging customers to deploy the latest versions of the Systems Management Server Inventory Tool for Microsoft Updates or Microsoft Baseline Security Analyzer to receive all the current software updates. Continue Reading
-
News
08 Jan 2007
Critical fixes for Excel, Outlook and Windows
Microsoft starts the year with security updates for Excel, Outlook and Windows. Three of the fixes are rated critical. Continue Reading
By -
News
08 Jan 2007
Attackers hide malicious code using new method
Attackers have designed a new way to thwart virus signatures from antivirus vendors, says a new report. Continue Reading
By- Robert Westervelt, TechTarget
-
News
08 Jan 2007
How far apart can SAN locations be?
Storage locations can potentially be very far apart, separated by thousands of miles, even around the globe. The real consideration in selecting distance is that of latency... Continue Reading
-
News
07 Jan 2007
Bug Briefs: OpenOffice vulnerable to attack
Other flaws were reported in Apple QuickTime, Mac OS X, Adobe Flash Player, VideoLAN VLC, the Opera Web browser, and Cisco Access Control Server. Continue Reading
By- SearchSecurity.com Staff
-
News
07 Jan 2007
Microsoft nixes four patch bulletins
Eight security updates were originally scheduled for Patch Tuesday , but Microsoft has decided to hold back on half of them. Continue Reading
By -
Feature
04 Jan 2007
Why don't we have clustered FC block storage?
Is it odd that the industry has made such serious strides toward incorporating clustering concepts in both file-based storage and IP -based storage, but not Fibre Channel storage? Continue Reading
-
Feature
03 Jan 2007
Adobe Reader flaws spook security experts
Security experts sound the alarm over Adobe Reader flaws that could be exploited for cross-site scripting attacks and other mayhem. Continue Reading
-
News
03 Jan 2007
Cisco bolsters security with IronPort buy
Cisco Systems agreed Thursday to buy Internet gateway security vendor IronPort Systems Inc. for $830 million. Continue Reading
By- Robert Westervelt, TechTarget
-
News
03 Jan 2007
Cisco software vulnerable to attack
Cisco's Clean Access software and Clean Access Manager are at risk to attack. A malicious user can access a database snapshot and download it without authentication. Continue Reading
By- Robert Westervelt, TechTarget
-
News
03 Jan 2007
Information security market 2006 year in review
In part two of our two-part special edition of Security Wire Weekly, site editor Eric Parizo reveals his picks for top information security interviews of 2006. Audio clips in this program include Andrew Braunberg of Current Analysis; Johannes Ullrich of the SANS Internet Storm Center; Mike Rothman of Security Incite and Brian Chess of Fortify Software. Continue Reading
By- SearchSecurity.com Staff
-
News
02 Jan 2007
Security pros grumble over spam increase
Spim and spam from unexpected sources is challenging enterprises in 2007. Some enterprises are taking action. Continue Reading
By- Edmund X. DeJesus, Contributor
-
Feature
01 Jan 2007
Security pros glean insight from '06
Corporate acquisitions, an abundance of spam, and the White House's take on cybersecurity mark 2006. Continue Reading
-
Feature
01 Jan 2007
Storage Outlook '07: Seeking better backups and archives
Tom Becchetti, senior infrastructure engineer for a major national financial services company, says compliance, backup and archiving will be top priorities in 2007. Continue Reading
By- Beth Pariseau, Senior News Writer
-
News
26 Dec 2006
Looking back at information security in 2006
In this special edition of Security Wire Weekly, senior news writer Bill Brenner reviews his top interviews of 2006. Continue Reading
By- SearchSecurity.com Staff
-
News
25 Dec 2006
Top 10 storage stories of 2006
SAN and NAS converged and shook up the industry, iSCSI went mission-critical, users conquered tiered storage and more. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Feature
20 Dec 2006
Top client security tips of 2006
A network user without the proper know-how is a ticking time bomb when it comes to security. Check out our top five client hardening tips of 2006 to get a head start on protecting yourself from potentially dangerous users. Continue Reading
-
News
20 Dec 2006
Top 10 storage acquisitions of 2006
Industry consolidation was fast and furious this year. We rank the deals by quality, not quantity. Continue Reading
By- Jo Maitland, News Director and Beth Pariseau, News Writer
-
News
19 Dec 2006
Microsoft releases Vista APIs to security vendors
Microsoft released a draft set of programming interfaces allowing security vendors to develop software using the Windows kernel on 64-bit systems. Continue Reading
By- Robert Westervelt, TechTarget
-
News
19 Dec 2006
Mozilla fixes multiple Firefox flaws
Digital miscreants could exploit flaws in Mozilla's popular Firefox browser to bypass security programs, access sensitive information and conduct cross-site scripting attacks. Continue Reading
By -
News
19 Dec 2006
Check Point gets big IDS boost from NFR deal
Analysts say Check Point would gain much-needed intrusion detection and prevention capabilities through its acquisition of NFR Security. The deal should erase bad memories of the aborted Sourcefire deal. Continue Reading
By- Bill Brenner Senior News Writer
-
Feature
18 Dec 2006
Top network security tips of 2006
The top Windows networking security tips of 2006 cover a range of topics, including network isolation, open source Windows security tools, VPN security and more. Continue Reading
-
News
18 Dec 2006
VoIP hacking exposed in new book
VoIP hacking is a reality, and in a new book, two VoIP security experts outline the tools and tricks to avoid a system-crushing hack. Continue Reading
By- Andrew R. Hickey, Senior News Writer
-
News
17 Dec 2006
Criminals find safety in cyberspace
A new report from McAfee shows how criminals are enjoying a sense of safety and anonymity in cyberspace that they never had on the street. And they're making more money. Continue Reading
By -
Feature
14 Dec 2006
Review: Reconnex's iGuard needs improvements
Reconnex's iGuard is maturing, though it still needs some usability improvements such as wizards, customisable reports and the ability to drill down on the graphs. Continue Reading
By -
Feature
14 Dec 2006
Review: Deep Security is a solid IPS
Third Brigade's Deep Security is a well-designed, effective product with strong configuration and policy control capabilities. Continue Reading
By- Steven Weil, Point B
-
News
14 Dec 2006
Schneier: Data breach at UCLA barely newsworthy
This week in Security Blog Log: Security luminary Bruce Schneier and others sound off on the UCLA data breach that exposed 800,000 people to identity fraud. Continue Reading
-
Feature
13 Dec 2006
Review: Lancope StealthWatch 5.5 offers more than IDS
Hot Pick: StealthWatch goes far beyond traditional intrusion detection, with powerful network-monitoring features. The optional IDentity-1000 is an essential addition. Continue Reading
By- Sandra Kay Miller, Contributing Writer
-
News
13 Dec 2006
Review: Sky's the limit with Skybox View 3.0
Hot Pick: Skybox View 3.0 offers a unique and flexible approach for assessing and managing specific threats and overall risk to your digital assets. Continue Reading
By- Brent Huston, Contributing Writer
-
Feature
13 Dec 2006
Hot technologies for 2007
"Storage" magazine's editors reviewed technology developments, product introductions and storage standards to come up with this short list of must-have technologies for 2007. Continue Reading
-
News
13 Dec 2006
Hosted VoIP eliminates cost, complexity
Hosted VoIP is being adopted at increasing rates as more and more companies look to avoid the excess costs and complexities of on-premise solutions. Continue Reading
By- Kate Dostart, Associate Editor
-
Feature
13 Dec 2006
Microsoft Vista could improve Internet security
Two new Microsoft Vista features -- Kernel Patch Protection and User Account Control -- could prove especially useful in preventing serious malware infections. Continue Reading
-
News
13 Dec 2006
Third zero-day found in Microsoft Word
For the third time in a week, a zero-day flaw has been found in Microsoft Word. Users should be cautious when opening attachments from unknown sources. Continue Reading
By -
News
13 Dec 2006
Host-based replication
While the lines of distinction among data protection technologies such as backup, continuous data protection and replication have blurred, host-based replication can play a key role in your overall data protection strategy. Continue Reading
-
News
12 Dec 2006
Symantec issues NetBackup security alert
Symantec issues an alert and patch to vulnerabilities in NetBackup 6.0, 5.1 and 5.0. Continue Reading
By- Jo Maitland, TechTarget
-
News
12 Dec 2006
Data breach at Boeing exposes 382,000 employees
The third theft of a Boeing laptop in the last 13 months has exposed the data of nearly 400,000 employees and retirees. Continue Reading
-
News
11 Dec 2006
Storage Decisions Session Downloads: Executive Track (LV 2006)
Our "Executive track" sessions give C-level technology executivesan idea of where their storage should be and ideas on where it's headed. Continue Reading
-
Feature
11 Dec 2006
Storage Decisions Session Downloads: Smart Shopper Track (LV 2006)
Very few storage managers have carte blanche when it comes to storage spending. Sessions in our "Smart Shopper track" help managers get the most bang for their storage buck. Continue Reading
-
Feature
11 Dec 2006
Storage IPOs, brilliant or brainless
Just when we thought the fast and loose spending of the dot-com bubble was well behind us, a few recent storage company IPOs remind us that we really haven't gotten a lot smarter. Continue Reading
By- Steve Duplessie is the founder and senior analyst for the Enterprise Strategy Group
-
Feature
11 Dec 2006
Inside MSRC: Visual Studio flaw, tool extensions explained
Christopher Budd of the Microsoft Security Response Center sheds detail about a flaw in Visual Studio 2005 and explains that support for Software Update Services 1.0 will be extended. Continue Reading
-
News
11 Dec 2006
IT pros look for ways to lock down IM
Special Report: To control growing IM threats, administrators are trying to limit which programs can be used or ban the technology altogether. But that's not always possible. Continue Reading
By -
Feature
11 Dec 2006
Infrastructure security: Remote access DMZ
An excerpt from Chapter 7: Infrastructure security from "How to Cheat at Managing Information Security," by Mark Osborne. Continue Reading
-
News
11 Dec 2006
Microsoft fixes two zero-day flaws
The December security update from Microsoft includes patches for zero-day flaws in Visual Studio and Windows Media Player, but two zero-day flaws in Word remain unfixed. Continue Reading
By -
Podcast
11 Dec 2006
Podcast: Mobile device threats are real, white-hat hacker says
Learn how easy it is for a hacker to gain access to a mobile device, whether employees are aware of security for their devices and why Bluetooth headsets should be turned off. Continue Reading
By- SearchSecurity.com Staff