Items Tagged with "Network Security"
October 22, 2012 Added by:Bill Gerneglia
Rogue IT is the name given to the informal, ad hoc software and electronic devices brought by employees into their workplace. If IT managers are warming up to and in fact embracing BYOD are they as accepting of Rogue IT in the office? Is Rogue IT simply an extension of BYOD?
October 21, 2012 Added by:Paul Kenyon
Considering most universities must accommodate a network of thousands of desktops and laptops, in addition to end-users ranging from students, developers, researchers, academics and admin staff – it’s no wonder balancing security and productivity is such a complex endeavor...
October 20, 2012 Added by:Pierluigi Paganini
This is significant because very few companies or organizations have the necessary network infrastructure to deal with such attacks. There might be some companies with popular websites such as Google or Facebook that are able to handle such high-bandwidth floods, but most companies are not...
October 17, 2012 Added by:Infosec Island Admin
I would like to clear the air here a bit on these terms and how they do really apply to the world of INFOSEC that we in this business now find ourselves in, one littered with military and spook terms that you may not be really familiar with. First off, lets look at the terms that have been thrown around here...
October 15, 2012 Added by:Gary McCully
A while back I was on a wireless assessment in which I was able to compromise the client’s primary Windows Domain from their guest wireless network. My hope in writing this article is that organizations will take their network design, wireless security, and password policies a little more seriously...
October 11, 2012 Added by:Paul Kenyon
Users with admin rights are loose cannons -- you just don’t know when or where they are going to strike, and the results can be devastating to the company’s security infrastructure. Once a problem occurs, it often unravels into a downward spiral taking your business - and reputation - down with it...
October 11, 2012 Added by:Ben Rothke
The Stuxnet computer worm of mid-2010 was a huge wake-up call for the energy industry. It also catapulted SCADA from an obscure term to the forefront of industrial security. But nearly two years later, it is unclear if the energy sector is adequately prepared for sophisticated information security threats...
October 11, 2012 Added by:Brent Huston
I was recently engaged with some critical infrastructure experts on Twitter. We were discussing a quick and dirty set of basic tasks that could be used an approach methodology for helping better secure the power grid and other utilities. There was a significant discussion and many views were exchanged...
October 10, 2012 Added by:Ian Tibble
Most businesses don’t even know they were hacked until a botnet command and control box is owned by some supposed good guys somewhere, but all talk of security is null and void if we acknowledge reality here. So let’s not talk reality...
October 10, 2012 Added by:Joel Harding
The discussions we had back in the mid-90s are still ongoing, we still don’t have a proper information sharing cybersecurity bill and people still don’t trust the government to maintain their privacy. Please, members of congress and business leaders, work on cybersecurity as if our lives depend on it...
October 09, 2012 Added by:Mikko Jakonen
How come banks are telling people to maintain their security better, without putting their OWN reputation and capabilities in line with the DIRECT consequences of the change paradigm towards ‘webalized’ approach we have witnessed for years, has now resulted as poor operational security...
October 09, 2012 Added by:Tripwire Inc
In the corporate world, we talk a lot about corporate goals & objectives. In the US Government, you hear a lot about “The Mission,” which is the unifying goal that ties an agency (or multiple agencies) together in a shared sense of purpose. I’m a big believer in connecting our actions as information security professionals to The Mission...
October 04, 2012 Added by:Jim Palazzolo
Is it the legal structure that makes it taboo, or the ambiguity of the target? What are the implications? Could a corporation accidentally set off a cyber flashpoint by attacking targets in other countries? And, is it an organization’s legal right, like an individual, to defend itself?
October 04, 2012 Added by:Brent Huston
Once we’ve embraced the fact that we need better detection and response mechanisms, we start to see how honeypots can help us but also how creating better awareness within our users can be the greatest investment an organization might make in detection...
October 03, 2012 Added by:Stephen Marchewitz
In order to mitigate this threat, ISPs will need to combine their efforts. It would take a global effort on the part of the ISPs. Until then, the capabilities are there to deal with the issue when it arises on a per incident basis...
October 01, 2012 Added by:Infosec Island Admin
The cyberwar is upon us and we had best start taking it seriously because people in power are making plans, and like biological warfare, it seems perhaps there could be unforeseen circumstances that could trigger bigger and worse things. Plan accordingly and think a bit more cogently...