Last week, we saw that Defensive Security is not enough to solve the $1
trillion Intellectual Property and IT theft and cybercrime problem.
This week, more about Preventive Security.
Preventive Security is a set of technologies and processes used to prevent
security incidents from even being attempted. These include awareness and
training programs, establishment of proper policies and procedures and the
use of technology solutions in support of existing laws.
In fact, this is not very different from "regular" crime and how we deal with
it. We arm ourselves with the means to catch the bad guys, we severely punish
crimes and we let people know that crime is bad, that jail is also bad and
that if they try and commit the crime they will be caught. This prevents most
people from getting into trouble.
So how severe are punishments for IT crimes?
In a case tried in March o... (more)
This article discusses some of the main defensive security solutions used
today and explains the reasons why employing a Log Management and
Intelligence solution is critical to complement these protection methods.
Let's first look at the most common defensive security solutions that have
been popular these past few years. This is not an exhaustive list of all
existing technologies, but rather a high-level view of some of the prevalent
These corresp... (more)
Another hack attack hits the headlines http://tinyurl.com/yebvj8p
Big deal. This stuff happens every day now right? Wrong. Not on this scale
it doesn’t. The Kneber Bot has penetrated 75,000 systems, 2,500 companies
across in 196 countries. This is not a straightforward Trojan - a simple
smash and grab. This one’s a game changer.
Systems compromised by this botnet provide the attackers with not only user
credentials and confidential information, but remote access inside the
compromised network. Just some of the data stolen includes:
68,000 corporate log-in credentials Access to ... (more)
Back from SecureCloud 2010 in Barcelona
I’ve been in information and system security for almost 20 years. Yes
it’s possible! At the time Gopher was the killer app and NCSA Mosaic was in
the making; I was working on Arpanet and Internet wasn’t born; and
information security was a non-issue, all my friends, colleagues, coworkers
and family were telling me “don’t even try and make a living out of this
dead-end information security thingy stuff”.
But somehow I was convinced that it would be a great ride, that it would be
fun and that I had to do it. My crystal ball was crystal clear,... (more)
ISACA, the Information Systems Audit and Control Association just surveyed
1 529 of its members across 50 countries in EMEA.
It turns out that UK businesses are leading Europe on Cloud Adoption 40% to
33%. But a whopping 35% of respondents do not plan to use Cloud for any IT
services (actually 35.6% in Europe and 31.8% in the UK). This is a huge
impediment to the growth of ItaaS – IT as a Service, such as SaaS, IaaS and
PaaS respectively Software as a Service, Infrastructure as a Service and
Platform as a Service.
Let’s spin this another way: 60% of respondents are not using Clou... (more)