Security Management


Federal Agencies Lag in Security Preparedness

When it comes to ensuring compliance with information security rules or best practices, a substantial minority of federal agencies still aren’t making the cut

Latest Compliance Regulation Tackles Identity Theft for Enterprises Large and Small

Firms that extend credit to consumers and small businesses must comply by November 1

Security's Future: Letting the Good Guys In

It may not be long before businesses differentiate themselves on the basis of security

Security: Batten Down the (IM) Hatches

IM attacks are on the rise, in part because organizations are deploying unified communications platforms without first hardening them against attacks

Bugs Are Up, Microsoft Security Report Says

Report, covering late 2007, found a 300 percent increase in Trojan bugs.

Web Attacks on the Rise; E-mail Attacks Decline

During the first three months of 2008, security researcher Sophos identified about 15,000 freshly infected Web pages every day

Oracle, Apple Issue Security Fixes

Microsoft isn't the only vendor issuing security "<em>mea culpa</em>"s lately. Oracle and Apple got into the action last week, too.

How Identity Management Complements ERP

Enterprise resource planning (ERP) applications can automate business processes but do nothing to solve security problems. Identity management software, working in tandem with ERP, can help.

Trusted Web Sites Attract Malicious Activity, Symantec Report Reveals

The Global Internet Security Threat Report shows that as networks are more strongly protected, attackers have shifted tactics and targets.

Windows XP SP3: T-Minus Four Weeks and Counting?

Industry watchers speculate that the third service pack for Windows XP -- complete with security-related features -- could appear soon

Report Urges IT: It’s Time to Guard against the "Millennial" Threat

New IT consumers are more comfortable with, and knowledgeable about, technology, and that’s a problem

Grocery Chain’s Data Breach Extends Security Debate

Over 1,800 known cases of fraud result from data breach

Web 2.0 Pushes Need for Defensive Application Development

The Web 2.0 paradigm shift is fraught with both promise and danger

Trustworthy Computing: Examining Trust

Microsoft’s Trustworthy Academic Advisory Board has been keeping tabs on security issues -- external as well as internal -- that continue to challenge Microsoft’s developers. We take a look at the board, which is now five years old.

Laptop Security: Hackers Attack Encrypted Data on Chips

Sleeping laptops may be the next way hackers steal encrypted information

Hackers Using Time-Tested Methods, Not Fancy Technology

ID theft usually involves time-tested methods such as telephone fraud than blockbuster data breaches

Reported Drop in Security Threats Masks Their Severity

The number of new vulnerabilities disclosed by researchers actually declined in 2007 -- the first time that’s happened since 2003 -- but it’s not all good news.

Rogue Trader Highlights Need to Mind Your Controls

In an age of Sarbanes-Oxley and similar regulatory measures, how could a single rogue trader have racked up more than $7 billion in losses?

Enterprise Security: The Human Factor

Why organizations need to get serious about security awareness training

Why Securing Mobile Devices Keeps CIOs Up at Night

With mobile security, the devil you don’t know can hurt you much more than the devil you think you know