Moving Beyond Pure Disaster Recovery: How to Pull Through with Business Continuity Plans
This article examines some of the major challenges of software security risk management and introduces the concept of Software Security Total Risk Management (SSTRM), an innovative programmatic approach by which enterprises can apply software security development and assessment best practices in order to meet the twin goals of enhancing business revenues and protecting against business losses.
Cybercrime's Financial and Geographic Growth Shows No Slowdown during the Global Economic Crisis
Symantec Corp.'s new Internet Security Threat Report highlights key trends in cybercrime from Jan.1, 2009 to Dec. 31, 2009. In a year bookended by two very prominent Cyber attacks--Conficker in the opening months of the year and Hydraq at the very end--the report reveals continued growth in both the volume and sophistication of cybercrime attacks.
The Sarbanes-Oxley Act and Its Aftereffects
The focused and effective management of exposure has been conspicuously absent among companies who have become embroiled in scandals and bankruptcies. This highlights the importance of the quality of corporate governance as a crucial consideration for all organizations, with management ethics, internal control, and the audit function being at the kernel of an evaluation. News items in the first years of this century highlighted the problems of poor accountability and of management malfeasance in large listed companies. However, the underlying issues are just as prevalent in smaller listed and unlisted firms. Moreover, because external auditors looked the other way in some of these scams, their role came under public scrutiny.
Exploiting Software Vulnerabilities
Once you understand the identity, goals, and motivations of potential attackers, you need to understand the various ways for software exploits to be delivered as an attack and some of the issues that surround those delivery mechanisms. The most clever and talented of attackers with an innovative exploit still have to find a way to get that exploit to the systems they wish to attack. Because these are only the delivery mechanisms, the actual content delivered varies greatly.
Unified Access and Optimization: Integrating Security, Availability, and Application Acceleration Services to Enable Context-Aware Networking
Employers disperse workers all over the globe with a variety of trusted and un-trusted devices used to request access to corporate resources from different types of networks. Users need fast, secure, and reliable access to the corporate infrastructure. Simultaneously, IT departments struggle with multi-vendor access solutions and systems, enforcement of policies, regulation of access, security threats and vulnerabilities. IT also needs to ensure that content is delivered quickly, reliably, securely, and economically. The days of expensive, single-point products that only provide an isolated solution are waning, and customers are now looking to consolidate their deployments for easier management and better ROI and TCO. This article addresses enterprises' need for unified and converged access and policy management in a globally distributed environment for wireless and public connections; managed service providers' need for differentiation and virtualization to maximize investment; and users' need for unified, optimized, and secure access.
The Evolution of Cyber Fraud Techniques: Trojans and Toolkits
Trojans are the future of cyber fraud and are even beginning to dominate its present. Trojans automate what had previously been done by hand; Trojans simply download a victim's stored information or record the keystrokes, rather than rely upon a user to enter his or her information into a phishing page's fields. Trojan/phishing toolkits also allow users to customize multiple variants of Trojans, which through continuous variability makes them more successful and less immediately detectable. There are several basic categories of Trojans, differentiated here by their behavioral function, rather than by their design, that is, the manner in which they compromise a system, or distribution scheme.
What's Not Right with Information Security
There are two base assumptions about what is not right about information security: 1) Most organizations are not doing enough to truly secure themselves and 2) Not only are organizations not doing enough, they are convincing themselves and the people around them to the contrary. This chapter discusses the underlying or root causes behind these issues in an organizational setting and identifies the issues and challenges associated with achieving true security within an organization.
Symantec March 2010 State of Spam and Phishing Report
Hightlights this month's report include the Chilean Earthquake Spam with high levels of 419 and phishing scams, an automobile recall spam, online auction phishing, and spam messages with .cn URLs decrease, while .ru URLs increase. There is also a section highlighting unique international spam and phishing trends.
Assessing and Reducing Information Exposure
As someone responsible for security, you should ask yourself several questions to determine how much of your corporate information is at risk. While it may sound simple, many organizations don’t take the time to examine information from all sides, including both an internal view and an external view. As information traverses networks, applications, endpoints and people, an information exposure assessment of actual data loss risk across networks, Web applications, storage and endpoints can help companies determine how exposed their information might be. Gleaning visibility into your organization’s internal and external exposures provides a good view of digital and critical assets.
Cloud Security Challenges
Although virtualization and cloud computing can help your company accomplish more by breaking the physical bonds between an IT infrastructure and its users, heightened security threats must be overcome in order to benefit fully from this new computing paradigm. This is particularly true for the SaaS provider. Some security concerns are worth more discussion. For example, in the cloud, you lose control over assets in some respects, so your security model must be reassessed. Enterprise security is only as good as the least reliable partner, department, or vendor. Can you trust your data to your service provider? This excerpt discusses some issues you should consider before answering that question.
Symantec 2010 State of Enterprise Security Study Shows Frequent, Effective Attacks on Worldwide Business
Symantec Corp. just released the findings of its global 2010 State of Enterprise Security study. The study found that 42 percent of organizations rate security their top issue. This isn't a surprise, considering that 75 percent of organizations experienced cyber attacks in the past 12 months. These attacks cost enterprise businesses an average of $2 million per year. Finally, organizations reported that enterprise security is becoming more difficult due to understaffing, new IT initiatives that intensify security issues and IT compliance issues. The study is based on surveys of 2,100 enterprise CIOs, CISOs and IT managers from 27 countries in January 2010.
Designing Backup for Recovery
Our goal in this article is to discuss how a backup system needs to be designed to facilitate recoveries. The purpose of a backup is to provide a mechanism to recover, and therefore it follows that the backup system must be designed to allow those recoveries to take place with as little effort or cost as possible.
Securing SaaS Applications: A Cloud Security Perspective for Application Providers
Software as a Service (SaaS) is rapidly emerging as the dominant delivery model for meeting the needs of enterprise IT services. However, most enterprises are still uncomfortable with the SaaS model due to lack of visibility about the way their data is stored and secured. This article focuses on security considerations, while architecting SaaS applications, and mitigation strategies for meeting the security challenges. The adoption of these security practices can help SaaS providers instill enterprises with a degree of confidence in their security by eliminating security vulnerabilities and ensuring the safety of sensitive data.
Five Ways to Increase Operational Efficiency with Alert Management
An alert management platform empowers companies to target actionable information from IT applications and systems automatically to the employee who can resolve the issue--escalating as necessary. Effective alert management provides the tools to access internal systems and address events from a mobile workbench as well as resolve issues from any web-enabled mobile device. Process acceleration and service improvements can help resolve incidents an average of 40 percent faster, saving up to millions of dollars annually. There are five ways that implementing alert management can immediately increase operational effectiveness across the enterprise--including process and efficiency improvements in incident, service, and change management--while significantly reducing costs.
Ten Steps to Sarbanes-Oxley Compliance
One problem with the implementation of SOX is that it tends to set a standard for compliance that may be inadequate. Meeting SOX standards--i.e., passing 404--does not imply that a firm or an IT department has the processes in place required to manage its business. Nor does it mean that an optimal level of control exists anymore than having a pulse signifies good health. SOX compliance is the minimum standard, not an optimum standard. Regardless of your firm’s current maturity level, you will need to demonstrate SOX compliance efficiently and honestly. This article describes the typical steps required to pass section 404.
Getting Started with Vulnerability Management
Vulnerability management (VM) is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. This is a broad definition that has implications for corporate or government entities. It is not a new discipline, nor is it a new technology. This vital function has been a normal part of hardening defenses and identifying weaknesses to systems, processes, and strategies in the military and in the private sector. With growing complexity in organizations, it has become necessary to draw out this function as a unique practice complete with supporting tools. Listen as Park Foreman discusses how to get started.
Rogue Security Software Dupes Users
According to the Symantec Report on Rogue Security Software, 43 million users fell victim to rogue security software scams between June 2008 and June 2009. During this period, Symantec observed 250 distinct security software programs that were marketed and advertised as legitimate but that were, in fact, rogue security applications. Users either installed this software manually, believing it to be legitimate, or the software automatically installed when the user visited a malicious website. To avoid becoming the next victim of a rogue security software scam, your users can use these tips to identify such threats and know how to mitigate their risk.
Stretching the IT Budget: Look Beyond the Obvious
IT departments willing to look beyond the surface and the obvious can often eliminate apparent tradeoffs without having to choose one side or the other. When faced with a situation that appears to force a tradeoff, try to examine the problem from a different angle. Taking this fresh-thinking perspective can stretch the IT budget to achieve goals that you might otherwise forgo in an environment of severe financial constraints.
The Evolution of Video Surveillance Systems
This excerpt from Intelligent Network Video: Understanding Modern Video Surveillance Systems by Fredrik Nilsson and Axis Communications outlines the evolution of video surveillance systems. It explains different system configurations, from fully analog to fully digital, along with the benefits of each configuration. The systems described in Sections 2 and 3 constitute partly "digital" video systems. Only the systems described in Sections 4 and 5 are true network video systems in which video streams are continuously being transported over an IP network, providing full scalability and flexibility.
The Keys to Intergenerational Harmony
Most of what's been written about multiple generations working side by side has come from those of us who are considerably older (and more experienced) than our Gen X and Gen Y counterparts. In this article, Sheryl Lindsell-Roberts and Nancy Settle-Murphy sought the perspectives of some of their Gen X and Gen Y colleagues. After all, for all of the wisdom we older generations think we have to offer, the Gen X and Y folks of the world have a lot to teach us, too.
12 Dangers of Endpoint Security
2010 promises to be filled with new technologies giving SMBs access to a growing variety of IT tools to improve productivity, such as netbooks, smartphones and cloud computing-based services. But without adequate endpoint security best practices in place, a business leaves itself open to external and internal threats that can cripple it. To enable SMBs to get maximum benefit in 2010 from these technologies, Symantec has developed a list of the "12 Dangers of Endpoint Security" to help SMBs and their solution providers identify and thwart them.
Why Are Information Technology Controls and Audit Important?
The role of IT control and audit has become a critical mechanism for ensuring the integrity of information systems and the reporting of organizational finances to avoid and hopefully prevent future financial fiascos such as Enron and WorldCom. Global economies are more interdependent than ever and geopolitical risks impact everyone. Electronic infrastructure and commerce are integrated in business processes around the globe. For the IT auditor, the need for audit, security, and control will be critical in the areas of IT and will be the challenge of this millennium. There are many challenges ahead; everyone must work together to design, implement, and safeguard the integration of these technologies in the workplace. The chapter from Information Technology Control and Audit, Third Edition by Frederick Gallegos and Sandra Senft explains why.
The Internet Security Landscape: A Look Back at 2009 and Predictions for 2010
It's been said we should learn from the past, live in the present and plan for the future. Symantec Security Response's top researchers analyzed the data they researched over the past year and compiled a list of the top security trends they saw from 2009. In their quest to stay ahead of the bad guys and anticipate security protection needs for its customers, they also theorized on what they expect to see in 2010. One thing is for certain, Internet security threats are not diminishing or going away-we expect to continue to see an increase in sophistication of security threats and social engineering tactics in an attempt to victimize computer users.
Improving Performance in Troubled Times through Distance Learning
This article maps out several important steps to creating a successful multifaceted distance learning program. The starting premise: Simply throwing a slide presentation onto a website, while it may be fast and inexpensive, almost never achieves the intended results. Instead, it is a thoughtfully-created program that encompasses a variety of learning activities that can cultivate skills and accelerate time to practical application.
Introduction to Risk Analysis
Risk management is a process that provides management with the balance of meeting business objectives or missions and the need to protect the assets of the organization cost effectively. In this period of increased external scrutiny due to the myriad questionable management decisions and the corresponding legislative backlash, risk management provides management with the ability to demonstrate actively due diligence and how they are meeting their fiduciary duty. This chapter from How to Complete a Risk Assessment in 5 Days or Less by Tom Peltier examines how risk analysis helps managers meet their due diligence requirements.
Crime Prevention through Environmental Design
This is an introduction to crime prevention through environmental design (CPTED), which is the "proper design and effective use of the built environment that can lead to a reduction in the fear and incidence of crime, and an improvement in the quality of life." CPTED encompasses (1) the criminal offender perspective regarding an environment and the risk of getting caught when committing a crime and (2) the social dynamics, sense of ownership of the environment, and their associated protective actions by persons who work, live, or traverse the environment en route to another destination.
Data Protection: Where the Problems Lie
This article looks back at the foundations of data protection. It discusses how the introduction of RAID technology changed data protection and why RAID alone is not enough. It then discusses what needs to be done to provide better logical data protection. It closes with why disaster continuity faces issues related to cost, distance, and under protection and some recommendations for improvement.
The Insider Threat: A View from the Outside
Most employees and contractors are trustworthy and contribute their energy everyday towards the company mission. However, unexpected, disappointing events can cause individuals to perform criminal activities and they are sometimes unaware of the magnitude or the consequences of their actions. To provide adequate information assurance, special attention to the insider threat should be built into our security programs.
Secure Database Design Principles
This chapter from Database and Applications Security: Integrating Information Security and Data Management
by Bhavani Thuraisingham describes design principles for Multilevel Secure Database Management Systems (MLS/DBMS). In particular, it provides a taxonomy for the various designs for a MLS/DBMS. It provides information on mandatory access control for DBMS and discusses the Bell-LaPadula security policy model and its interpretation for MLS/DBMS. The taxonomy essentially provides various security architectures to design MLS/DBMS.
Basic IPv6 Security Considerations
This covers the topics of flows, ICMPv6, neighbor discovery, routing headers, and DNS issues in IPv6.
