The New York Times’ Nicole Perlroth filed an alarming account of government and corporate network vulnerabilities that comes across like a briefing dossier read by James Bond aboard a Heathrow-Beijing flight. But it does the good work of putting a critical technology issue before a broad audience.
“Traveling Light in a Time of Digital Thievery” (NYT, Feb. 10) details extraordinary counter-espionage precautions taken in China by prudent travelers and their organizations. Many now leave their usual notebooks, smartphones and tablets safe at home. Some say a device taken into China is never again permitted to touch their corporate network.
Read More »
Tags: cyber security, cybercrime, cybersecurity, data, data deluge, government, security
The axiom “Quality, not quantity” has been adopted by everyone from stock pickers to those trying to successfully navigate the online dating scene. Now cybercriminals are also putting this philosophy to practice.
The fundamental shift away from mass spam attacks to more targeted threats with potentially bigger payoffs is top of mind to me. This trend is detailed in a new report by Cisco’s Security Intelligence Operation (SIO).
Specifically on the issue of spam, Cisco’s research reveals that mass spam volumes dropped from 300 billion daily spam messages to 40 billion between June 2010 and June 2011. Although 40 billion is still a huge number, signifying that spam is still an issue, the trend that’s most alarming is the threefold increase in spearphishing and the fourfold increase in personalized scams and malicious attacks such as malware.
Read More »
Tags: advanced persistent threats, APT, cybercrime, security, security top of mind, spam, targeted attacks
Yes, the question is “Are you really secure?” Now that I’ve asked a loaded question, let me get to the point.
The term “secure” sure has a lot of different meanings depending on the context in which it is used. If we take it from a corporate security perspective, your options are somewhat limited to physical security, as in video surveillance or physical access, or logical security, as in your laptop or data access. But, when you ask a security professional if they are secure, they will most certainly take that in the context of what they can control, and will most likely answer “yes”.
Well, what about the things you cannot control? You can control which products you buy to provide security, you control how they are installed and configured, and you control the processes and procedures that identify how they are managed and updated. But, can you control how they are manufactured?
Read More »
Tags: cloud security, cyber security, cybercrime, data center, information security, network security, privacy, RSA, secure information, secure-id, security, virtualization