Security typically tops the list of priorities for IT executives, but a recent survey conducted by the Ponemon Institute reveals that at least one area of IT data security is being overlooked. Off-network security -- or the technologies and policies that ensure data is protected on devices after being removed from the network -- doesn't rank as high as Larry Ponemon, founder and chairman of the Ponemon Institute, says it should.
A honeypot is simply a "closely monitored computing resource that we want to be probed, attacked or compromised," Niels Provos and Thorsten Holz tell us in their new book, Virtual Honeypots.
At IBM Internet Security System's, the company's primary security research organization is called X-Force. Kris Lamb, director of X-Force, says his group is charged with knowing where potential threats will arise and deliver product, services and education to customers about how to stay ahead of the risk. Recently Lamb discussed with Network World Senior Editor Denise Dubie what he sees as the most critical challenges and opportunities facing enterprise IT security managers today.
Security has been a bit of a black art at Google. Unlike rival Microsoft, which publishes detailed information on its monthly patches and has openly evangelized the steps it takes to secure software, Google has generally been quiet when it comes to talking about security and it has kept the team that keeps Google's Web sites secure under wraps. Douglas Merrill, Google's vice president of engineering and chief information officer explains what Google gets from its security investments, and why his company believes that locking down the enterprise PC is not the way to go.
<a href="http://www.usenix.org/events/woot07/"> The First Usenix Workshop on Offensive Technologies </a> is coming to Boston on Aug 6. It's hard to resist an event called WOOT, even though we weren't quite sure what it was all about. So we shot an e-mail to Tal Garfinkel, a Ph.D graduate student in Stanford University's computer science department and one of WOOT's program chairs, and asked him to explain.
As the fourth new president at McAfee in the past six years, and its newest CEO, former EMC executive, David DeWalt, will face a lot of questions about how and why he will succeed where those before him did not. And he will face tough questions about how McAfee can translate its current role as one of the few remaining pure-play security vendors into a viable future.
Security technology isn't new for CA, but this year at its 12th CA World user conference in Las Vegas the company identified security as one of three focal areas (the others are governance and management). Denise Dubie sat down with Bilhar Mann, senior vice president and general manager of CA security management, to learn more.
Russian security professionals Eugene and Natalya Kaspersky discussed the Russian mafia, the latest in hacker tricks and their view that the bad guys are winning.
[[ArtId:1592845665|Last month]], Stefan Esser, an independent security consultant and a founder of both the Hardened-PHP Project and PHP Security Response Team (which he has since left), launched his <a href="http://www.php-security.org/">Month of PHP Bugs </a>as a way of improving the security of PHP by outing flaws in its source code.
On Monday at 6 a.m., Dave DeWalt stood in front of McAfee's Plano, Texas, offices to greet employees with coffee, doughnuts and a handshake. "They were wondering, 'Who's the guy in the suit?'" says the former EMC vice president who became McAfee's CEO on April 2.
Jeff Jonas, the chief scientist and distinguished engineer at IBM's entity analytic solutions group, has developed a means of sharing corporate data without revealing what that data contains.
Microsoft's Ben Fathi has a new job now that Vista has shipped, but the man who led the company's Security Technology Unit is still focused on keeping the bad guys away from your PC.
Microsoft finally rolled its Vista operating system out the door billing it as its most secure operating system ever, but what are the security features that will really matter to enterprise users?
With phishing scams masquerading like the flu and malware attacking from new fronts such as Websites, USB keys and mobile devices, IT security professionals are expected to be human firewalls. Throw in the need to regulate compliance over new and encrypted communication channels like IM or P2P, plus the security concerns of Vista and its easy to see why IT security management is getting tougher. Richard Cullen, distinguished engineer (who researchers emerging security threats and methodologies) from security software vendor Surfcontrol explains the concerns of today's IT security professional.
Symantec launched a new online software licensing program on Nov. 6, about the same time it unveiled Veritas Backup Exec 11d. Users are complaining that they have to wait for Backup Exec upgrade notices because of a backlog of people trying to register on the new licensing site. Symantec's CIO, David Thompson, and public relations manager, Cris Paden, told Computerworld that the new licensing system is necessary to help thwart a "humongous" piracy ring that has been costing Symantec more than US$10 million every year. Excerpts from the interview follow:
<i>ARN</i> invited a select group of integrators to talk about challenges and opportunities in the IP telephony market. Brian Corrigan chaired the discussion.
Like many industry analysts, Gartner's John Pescatore got his start working hands-on with technology. He began his career at government agencies, including the U.S. Secret Service, then spent 11 years at GTE. Now a vice president and Gartner fellow, covering security and privacy, Pescatore recently discussed his beginnings in IT with Denise Dubie and revealed how he has watched the hot market evolve over more than 25 years.
The cool reception from Wall Street after EMC's announcement that it would buy RSA Security had EMC executives feeling a bit flummoxed -- like the guy who elopes, only to find out that his friends didn't like his girlfriend to begin with.
A lack of adequate internal controls can compromise the otherwise solid security offered by IBM's vaunted System i platform, according to a recent study by The PowerTech Group in Washington. The study, based on an audit of 188 System i computers at 177 sites over the past year, showed that a majority of users surveyed failed to properly restrict access to the data contained in the systems. Ian Jarman, product manager for the System i at IBM, talked about the findings in an interview.
Avalanche Technology's Peter Cameron talks to ARN
