Translating IT risk to business risk: Symantec adds Risk Manager to IT GRC suite

IT governance, risk and compliance (GRC) is a challenge to every large organization struggling with the complexity of IT policies and controls and communicating IT risk to management in terms of actual risk to the business. The IT GRC market has appeared and grown in recent years as enterprises try to manage this almost unmanageable task across...

Read more

DDoS in defense of (insert cause) is still criminal

Are hacktivists protesters or criminals? The question is not a matter of semantics; it has real bearing on how we respond, not as members of the security community, who are responsible for protecting IT information and services against attack, but as a society, particularly in the realm of criminal prosecution. My take is that...

Read more

Trusteer identifies “factory outlet sales” of stolen login credentials in the underground economy

I love factory outlet sales. Just last week I bought a brand name mattress for pennies on the dollar. Of course, I had to travel to a dingy part of town and wander through a cavernous old warehouse with mattresses stacked to the ceiling to find my great bargain. Last night I enjoyed a great night of sleep on my plush new pillow-top mattress, and...

Read more

Second half of 2011 reflects shifting trends in cyber crime business, M86 reports

The percentage of email messages containing malicious links or attachments is high, even as the volume of spam has dropped sharply in the last year, according to a report by web security company M86. The report provides some good insight into the techniques and, if you will, the shifting business trends in the cyber criminal community. Those...

Read more

Implement user security awareness training — or don't

“Users. Can’t live with them, can’t live without them.” I heard that line more than once in my stint as the non-IT guy in the IT department at a newspaper company (I liked to think of myself as the poet laureate of the IT department). None of us, neither hardcore techniks nor geekish dilettante, were thinking much about...

Read more

More Posts