IT risk management
Risk management is an increasingly important discipline for IT leaders, with regulatory compliance an ever-present consideration and the amount of legislation and regulation concerning data security on the rise. We examine the issues around IT risk management and the best practices that IT managers need to know.
-
News
20 Nov 2024
Government issues strategic priorities for online safety regulator Ofcom
Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online Continue Reading
-
News
19 Nov 2024
AI readiness stalls in APAC
Despite significant investment in AI, only 15% of organisations in Asia-Pacific are ready to deploy the technology today, according to Cisco’s latest regional AI readiness survey Continue Reading
-
News
16 Jan 2007
Fortify Software to acquire Secure Software
The acquisition of Secure Software will allow Fortify to expand into the requirements and design phases of the software development lifecycle, the company said. Continue Reading
-
Feature
15 Jan 2007
PatchLink offers solid flaw management
PatchLink Update 6.3 is a solid solution to the enterprise patch management problem and demonstrates its true power in a Windows environment. Continue Reading
-
News
15 Jan 2007
Core Security offers powerful testing tool
We highly recommend Core Impact 6.0 to security engineers to verify the vulnerability of their networks. Continue Reading
-
News
15 Jan 2007
Apere's IMAG 500 a tough sell
Product review: Apere says many of the issues we encountered are addressed in its next release, but mid-enterprise businesses may not have the tolerance for this product. Continue Reading
-
News
14 Jan 2007
Storage management software finalists
Find out who was selected as finalists in the storage management software category for our storage products of the year Continue Reading
-
News
11 Jan 2007
Oracle emulates Microsoft with advance patch notice
Oracle will patch 52 security flaws across its product line Tuesday, according to its inaugural CPU advance notification bulletin. Continue Reading
-
News
10 Jan 2007
Sophos acquires Endforce to add NAC
Antivirus vendor Sophos is rounding out its email Web and desktop security software with Endforce's network access control (NAC) software. Continue Reading
-
News
09 Jan 2007
More users increase risk for Volkswagen AG
With 1.5 million users on the network, Volkswagen AG depends more than ever on strong ID and access management to safeguard intellectual property, according to its CISO. Continue Reading
-
News
09 Jan 2007
Remote flaw in Vista could earn finder $8,000
VeriSign Inc.'s iDefense Labs is offering an $8,000 bounty to any researcher who finds a remotely exploitable flaw in Windows Vista. Continue Reading
-
News
09 Jan 2007
Network configuration management key to VoIP success
While companies spend millions on upgrading infrastructure for VoIP, little attention is given to solving the largest source of downtime – configuration-related outages due to human error. Continue Reading
-
Feature
08 Jan 2007
Inside MSRC: Microsoft updates WSUSSCAN issue
Christopher Budd of the Microsoft Security Response Center is urging customers to deploy the latest versions of the Systems Management Server Inventory Tool for Microsoft Updates or Microsoft Baseline Security Analyzer to receive all the current software updates. Continue Reading
-
News
08 Jan 2007
Critical fixes for Excel, Outlook and Windows
Microsoft starts the year with security updates for Excel, Outlook and Windows. Three of the fixes are rated critical. Continue Reading
-
News
08 Jan 2007
Attackers hide malicious code using new method
Attackers have designed a new way to thwart virus signatures from antivirus vendors, says a new report. Continue Reading
-
News
08 Jan 2007
How far apart can SAN locations be?
Storage locations can potentially be very far apart, separated by thousands of miles, even around the globe. The real consideration in selecting distance is that of latency... Continue Reading
-
News
07 Jan 2007
Bug Briefs: OpenOffice vulnerable to attack
Other flaws were reported in Apple QuickTime, Mac OS X, Adobe Flash Player, VideoLAN VLC, the Opera Web browser, and Cisco Access Control Server. Continue Reading
-
News
07 Jan 2007
Microsoft nixes four patch bulletins
Eight security updates were originally scheduled for Patch Tuesday , but Microsoft has decided to hold back on half of them. Continue Reading
-
Feature
04 Jan 2007
Why don't we have clustered FC block storage?
Is it odd that the industry has made such serious strides toward incorporating clustering concepts in both file-based storage and IP -based storage, but not Fibre Channel storage? Continue Reading
-
Feature
03 Jan 2007
Adobe Reader flaws spook security experts
Security experts sound the alarm over Adobe Reader flaws that could be exploited for cross-site scripting attacks and other mayhem. Continue Reading
-
News
03 Jan 2007
Cisco bolsters security with IronPort buy
Cisco Systems agreed Thursday to buy Internet gateway security vendor IronPort Systems Inc. for $830 million. Continue Reading
-
News
03 Jan 2007
Cisco software vulnerable to attack
Cisco's Clean Access software and Clean Access Manager are at risk to attack. A malicious user can access a database snapshot and download it without authentication. Continue Reading
-
News
03 Jan 2007
Information security market 2006 year in review
In part two of our two-part special edition of Security Wire Weekly, site editor Eric Parizo reveals his picks for top information security interviews of 2006. Audio clips in this program include Andrew Braunberg of Current Analysis; Johannes Ullrich of the SANS Internet Storm Center; Mike Rothman of Security Incite and Brian Chess of Fortify Software. Continue Reading
-
News
02 Jan 2007
Security pros grumble over spam increase
Spim and spam from unexpected sources is challenging enterprises in 2007. Some enterprises are taking action. Continue Reading
-
Feature
01 Jan 2007
Security pros glean insight from '06
Corporate acquisitions, an abundance of spam, and the White House's take on cybersecurity mark 2006. Continue Reading
-
Feature
01 Jan 2007
Storage Outlook '07: Seeking better backups and archives
Tom Becchetti, senior infrastructure engineer for a major national financial services company, says compliance, backup and archiving will be top priorities in 2007. Continue Reading
-
News
26 Dec 2006
Looking back at information security in 2006
In this special edition of Security Wire Weekly, senior news writer Bill Brenner reviews his top interviews of 2006. Continue Reading
-
News
25 Dec 2006
Top 10 storage stories of 2006
SAN and NAS converged and shook up the industry, iSCSI went mission-critical, users conquered tiered storage and more. Continue Reading
-
Feature
20 Dec 2006
Top client security tips of 2006
A network user without the proper know-how is a ticking time bomb when it comes to security. Check out our top five client hardening tips of 2006 to get a head start on protecting yourself from potentially dangerous users. Continue Reading
-
News
20 Dec 2006
Top 10 storage acquisitions of 2006
Industry consolidation was fast and furious this year. We rank the deals by quality, not quantity. Continue Reading
-
News
19 Dec 2006
Microsoft releases Vista APIs to security vendors
Microsoft released a draft set of programming interfaces allowing security vendors to develop software using the Windows kernel on 64-bit systems. Continue Reading
-
News
19 Dec 2006
Mozilla fixes multiple Firefox flaws
Digital miscreants could exploit flaws in Mozilla's popular Firefox browser to bypass security programs, access sensitive information and conduct cross-site scripting attacks. Continue Reading
-
News
19 Dec 2006
Check Point gets big IDS boost from NFR deal
Analysts say Check Point would gain much-needed intrusion detection and prevention capabilities through its acquisition of NFR Security. The deal should erase bad memories of the aborted Sourcefire deal. Continue Reading
-
Feature
18 Dec 2006
Top network security tips of 2006
The top Windows networking security tips of 2006 cover a range of topics, including network isolation, open source Windows security tools, VPN security and more. Continue Reading
-
News
18 Dec 2006
VoIP hacking exposed in new book
VoIP hacking is a reality, and in a new book, two VoIP security experts outline the tools and tricks to avoid a system-crushing hack. Continue Reading
-
News
17 Dec 2006
Criminals find safety in cyberspace
A new report from McAfee shows how criminals are enjoying a sense of safety and anonymity in cyberspace that they never had on the street. And they're making more money. Continue Reading
-
Feature
14 Dec 2006
Review: Reconnex's iGuard needs improvements
Reconnex's iGuard is maturing, though it still needs some usability improvements such as wizards, customisable reports and the ability to drill down on the graphs. Continue Reading
-
Feature
14 Dec 2006
Review: Deep Security is a solid IPS
Third Brigade's Deep Security is a well-designed, effective product with strong configuration and policy control capabilities. Continue Reading
-
News
14 Dec 2006
Schneier: Data breach at UCLA barely newsworthy
This week in Security Blog Log: Security luminary Bruce Schneier and others sound off on the UCLA data breach that exposed 800,000 people to identity fraud. Continue Reading
-
Feature
13 Dec 2006
Review: Lancope StealthWatch 5.5 offers more than IDS
Hot Pick: StealthWatch goes far beyond traditional intrusion detection, with powerful network-monitoring features. The optional IDentity-1000 is an essential addition. Continue Reading
-
News
13 Dec 2006
Review: Sky's the limit with Skybox View 3.0
Hot Pick: Skybox View 3.0 offers a unique and flexible approach for assessing and managing specific threats and overall risk to your digital assets. Continue Reading
-
Feature
13 Dec 2006
Hot technologies for 2007
"Storage" magazine's editors reviewed technology developments, product introductions and storage standards to come up with this short list of must-have technologies for 2007. Continue Reading
-
News
13 Dec 2006
Hosted VoIP eliminates cost, complexity
Hosted VoIP is being adopted at increasing rates as more and more companies look to avoid the excess costs and complexities of on-premise solutions. Continue Reading
-
Feature
13 Dec 2006
Microsoft Vista could improve Internet security
Two new Microsoft Vista features -- Kernel Patch Protection and User Account Control -- could prove especially useful in preventing serious malware infections. Continue Reading
-
News
13 Dec 2006
Third zero-day found in Microsoft Word
For the third time in a week, a zero-day flaw has been found in Microsoft Word. Users should be cautious when opening attachments from unknown sources. Continue Reading
-
News
13 Dec 2006
Host-based replication
While the lines of distinction among data protection technologies such as backup, continuous data protection and replication have blurred, host-based replication can play a key role in your overall data protection strategy. Continue Reading
-
News
12 Dec 2006
Symantec issues NetBackup security alert
Symantec issues an alert and patch to vulnerabilities in NetBackup 6.0, 5.1 and 5.0. Continue Reading
-
News
12 Dec 2006
Data breach at Boeing exposes 382,000 employees
The third theft of a Boeing laptop in the last 13 months has exposed the data of nearly 400,000 employees and retirees. Continue Reading
-
News
11 Dec 2006
Storage Decisions Session Downloads: Executive Track (LV 2006)
Our "Executive track" sessions give C-level technology executivesan idea of where their storage should be and ideas on where it's headed. Continue Reading
-
Feature
11 Dec 2006
Storage Decisions Session Downloads: Smart Shopper Track (LV 2006)
Very few storage managers have carte blanche when it comes to storage spending. Sessions in our "Smart Shopper track" help managers get the most bang for their storage buck. Continue Reading
-
Feature
11 Dec 2006
Storage IPOs, brilliant or brainless
Just when we thought the fast and loose spending of the dot-com bubble was well behind us, a few recent storage company IPOs remind us that we really haven't gotten a lot smarter. Continue Reading
-
Feature
11 Dec 2006
Inside MSRC: Visual Studio flaw, tool extensions explained
Christopher Budd of the Microsoft Security Response Center sheds detail about a flaw in Visual Studio 2005 and explains that support for Software Update Services 1.0 will be extended. Continue Reading
-
News
11 Dec 2006
IT pros look for ways to lock down IM
Special Report: To control growing IM threats, administrators are trying to limit which programs can be used or ban the technology altogether. But that's not always possible. Continue Reading
-
Feature
11 Dec 2006
Infrastructure security: Remote access DMZ
An excerpt from Chapter 7: Infrastructure security from "How to Cheat at Managing Information Security," by Mark Osborne. Continue Reading
-
News
11 Dec 2006
Microsoft fixes two zero-day flaws
The December security update from Microsoft includes patches for zero-day flaws in Visual Studio and Windows Media Player, but two zero-day flaws in Word remain unfixed. Continue Reading
-
Podcast
11 Dec 2006
Podcast: Mobile device threats are real, white-hat hacker says
Learn how easy it is for a hacker to gain access to a mobile device, whether employees are aware of security for their devices and why Bluetooth headsets should be turned off. Continue Reading
-
News
10 Dec 2006
Zantaz buys data classification partner Singlecast
Email archiving player Zantaz has purchased data classification startup Singlecast, which can categorise and apply policies to data before an email takes up storage space. Continue Reading
-
News
10 Dec 2006
Microsoft suffers third zero-day in a week
A second zero-day flaw in Word has been uncovered, Microsoft said Sunday. It's the software giant's third zero-day in a week. Continue Reading
-
News
10 Dec 2006
Storage Decisions in the wild, wild west
Dedupe, iSCSI, backup, virtualisation and cowboys in Stetson hats -- Storage Decisions Las Vegas 2006 had it all. Continue Reading
-
News
07 Dec 2006
Dell, Microsoft tout joint NAS product
The new NX1950 product is vastly more expensive than its counterparts from HP and NetApp, but it scales higher, supports clusters and has redundant controllers. Continue Reading
-
Feature
07 Dec 2006
Zero-day tracker a hit, but IT shops need better strategy
This week in Security Blog Log: Reaction to eEye's new zero-day tracker is positive, but some experts say it won't help unless IT shops have a layered defense to start with. Continue Reading
-
News
06 Dec 2006
Microsoft to fix Visual Studio, Windows flaws
Microsoft plans to release five security updates to address vulnerabilities in Windows and a flaw in Visual Studio as part of its monthly security bulletin release cycle. Continue Reading
-
News
06 Dec 2006
Zero-day flaw found in Windows Media Player
Attackers could exploit a new zero-day flaw in Windows Media Player to cause a denial of service or launch malicious code. The threat is Microsoft's second zero-day flaw in a week. Continue Reading
-
News
06 Dec 2006
MP3 search site pushes spyware, watchdogs say
A Web site that gives users the ability to search for MP3s contains programs that behave like spyware, according to the Center for Democracy and Technology and StopBadware.org. Continue Reading
-
News
04 Dec 2006
IBM to acquire compliance software firm
IBM plans to acquire Consul Risk Management Inc., a Delft, Netherlands-based firm whose software tracks non-compliant behavior of employees. Continue Reading
- News 03 Dec 2006
-
News
30 Nov 2006
Terrorists may target financial sites
The U.S. government is warning of an al-Qaida call for a cyberattack against online stock trading and banking Web sites Continue Reading
-
News
30 Nov 2006
Symantec blames piracy for Veritas licensing snafu
Weekly compilation of storage news: Symantec says that software counterfeiting is throwing a wrench in tech support ; FRCP rules take effect. Continue Reading
-
News
30 Nov 2006
Oracle responds to security critics
Security Blog Log: Oracle takes on researchers who have criticised its security procedures in recent weeks. Meanwhile, Symantec warns of new zombie malware. Continue Reading
-
News
29 Nov 2006
Multiple flaws in Adobe Reader, Acrobat
Multiple flaws in Adobe Reader and Acrobat could allow attackers to execute malicious commands on victims' computers. Continue Reading
-
News
29 Nov 2006
Podcast: Security certifications pay could rebound in '07
Security certifications pay is languishing, according to skill and certifications pay expert David Foote of Foote Research. Foote examines the state of the IT security job market. Continue Reading
-
News
28 Nov 2006
Adware targets Mac OS X
As F-Secure notes what may be the first example of adware designed for Macs, researcher LMH reports more flaws in the operating system as part of the Month of Kernel Bugs. Continue Reading
-
News
28 Nov 2006
Symantec fixes NetBackup Puredisk flaw
An unauthorised user could launch malicious code by exploiting a flaw in Symantec's Veritas NetBackup PureDisk product. But a fix is available. Continue Reading
-
News
28 Nov 2006
Study: Some firms balk at mobile security
Companies are failing to safeguard sensitive data on employee mobile devices, according to a survey by the Business Performance Management Forum. Continue Reading
-
Feature
26 Nov 2006
Recordless email: magical or menacing?
A new startup promises recordless email. Is this a stroke of genius that will reward the company with billions of Internet bucks, or is it the end of the world as we know it? Continue Reading
-
News
23 Nov 2006
Commentary: We've never met a "thought follower"
A couple of days back, a vendor tried to convince us that their new security consultancy services should be of interest to you, our readers. Continue Reading
-
News
22 Nov 2006
Zango defying FTC agreement, researchers say
This week in Security Blog Log: Two researchers accuse Zango of unsavory adware tactics, despite the company's pledge to clean up its act. Continue Reading
-
News
21 Nov 2006
New Mac OS X flaw exposed
A Mac OS X flaw was exposed as part of the Month of Kernel Bugs. Also, a new Web site vows to follow the lead of researchers LMH and H.D. Moore with a week of Oracle zero-days. Continue Reading
-
News
21 Nov 2006
BakBone brushes up replication software
BakBone's NetVault Replicator version 5.0 includes automatic configuration of replication for remote sites, a capacity planning tool and a higher performance data movement engine. Continue Reading
-
News
20 Nov 2006
Insider security threats come in many forms
Insiders could be the greatest threat to a company's security. The best defense is to let them know Big Brother is watching and a plan to deal with troublemakers. Continue Reading
-
Feature
09 Nov 2006
Security Blog Log: Sailing a sea of spam
This week, bloggers struggle to purge their bloated inboxes. Their experiences lend weight to recent studies showing a breathtaking spike in spam. Continue Reading
-
Podcast
09 Nov 2006
Podcast: Tor peer-to-peer privacy could be hacked
In this edition of Security Wire Weekly, Andrew Christensen of FortConsult explains how the Tor peer-to-peer network can be hacked to track down user identities. Continue Reading
-
News
08 Nov 2006
Storage virtualization acquisitions need careful consideration
Storage virtualization alleviates traditional storage growth problems by implementing a layer of abstraction between applications and physical storage, allowing storage to be combined and treated as a ubiquitous resource, regardless of location. This buying guide helps you understand the most important considerations involved in storage virtualization product selection, identifies specific points of interest for software, hardware and VSAN product categories, and presents a series of basic product specifications that will start you pick the best product for your organization. Continue Reading
-
News
08 Nov 2006
Microsoft to patch critical zero-day flaws in Windows
Microsoft plans to repair five critical flaws in Windows and a flaw in XML Core Services as part of its monthly patch update next week. Continue Reading
-
News
07 Nov 2006
Mozilla fixes Firefox flaws
Attackers could exploit multiple flaws in Firefox, SeaMonkey and Thunderbird to crash machines, bypass security restrictions and launch malicious code. Continue Reading
-
News
06 Nov 2006
How to manage encryption keys
Encryption is an effective way to secure data, but the encryption keys used must be carefully managed to ensure data remains protected and accessible when needed. Continue Reading
-
News
06 Nov 2006
Agency improves security grades under CISO's watch
CISO Philip Heneghan has made security a way of life for the U.S. Agency for International Development (USAID). His work earned him a Security 7 award. Continue Reading
-
News
06 Nov 2006
Sourcefire IPO could fuel Snort, users say
Snort users frowned when Check Point tried to acquire Sourcefire last year. But they are more optimistic about Sourcefire's plans to go public. Continue Reading
-
News
05 Nov 2006
Mobile device encryption - a practice not often applied
Encryption is the best way to protect data on mobile devices -- but too few companies are actually deploying this critical technology. Continue Reading
-
Feature
02 Nov 2006
Security Blog Log: Dissecting Firefox 2.0
This week, bloggers examine the security features of Firefox 2.0 and come away with mixed reviews. Does it fare better than Internet Explorer 7? Continue Reading
-
Feature
02 Nov 2006
Review: Arbor Networks' Peakflow X 3.6
Hot Pick: Peakflow isn't cheap and requires an intimate understanding of data flows, applications and network infrastructure. But the investment will pay dividends. Continue Reading
-
Feature
02 Nov 2006
Review: Network Intelligence's enVision
enVision offers excellent value and is highly configurable, though typically that means you have to put a lot into it to get the most out of it. Continue Reading
-
News
02 Nov 2006
Review: SPI Dynamics' WebInspect 6.1
SPI Dynamics has created a powerful tool for novices as well as advanced users who will appreciate the time and effort it saves. Continue Reading
-
Feature
01 Nov 2006
Download Advanced Storage Guide Chapter 2: Backup/Data protection (PDF)
A printable version of our Advanced Storage All-In-One Guide. Download Chapter 2: Backup/Data protection in .pdf format now. Continue Reading
-
News
31 Oct 2006
E-vaulting's many faces can confuse IT efforts
E-vaulting is the process that describes how enterprise IT departments ship backup tapes and replicate data to remote disk arrays and VTLs. E-vaulting is not a new concept, but more recently it has grown to mean remote backups and replication for SMBs/SMEs using third-party services. This article examines e-vaulting, highlights the major considerations and roadblocks in implementation, examines the impact of e-vaulting on real-life users and looks ahead at future e-vaulting trends. Continue Reading
-
News
31 Oct 2006
Flaw found in Firefox 2.0
Attackers could exploit the security flaw to crash versions 1.5.0.7 and 2.0 of the browser, according to various security advisories. Continue Reading
-
Podcast
31 Oct 2006
Podcast: The state of Oracle security
In this edition of Security Wire Weekly, Oracle DBA Jon Emmons gives his observations about Oracle's new critical patch update format. Continue Reading
-
News
30 Oct 2006
Messaging Security School
SearchSecurity.com's Messaging Security School has brought together some of the most knowledgeable experts in the messaging security field to offer you personal instruction on how to secure the information handled by your organization's knowledge workers. Continue Reading
-
News
30 Oct 2006
Survey: Data breach costs surge
A new study by the Ponemon Institute finds a 31% increase in the costs associated with a data breach. Continue Reading
-
News
26 Oct 2006
Security Blog Log: The never-ending PatchGuard debate
This week, security vendor fright over the Windows Vista PatchGuard feature permeates the blogosphere. Is Microsoft the boogeyman, or just misunderstood? Continue Reading
-
News
26 Oct 2006
Achieving compliance: a real-world roadmap
A security manager's responsibilities extend beyond the technical aspects of the job. These days, effective governance and compliance are just as essential. Continue Reading
-
News
25 Oct 2006
Research shows massive botnet growth
Reports from McAfee and Microsoft show bot herders are gaining ground and threatening national infrastructure. Some suppliers hope to strike back by sharing resources. Continue Reading