Security6 - Security news on IT threats, vulnerabilities

Peter Kuper: VCs renewing their love affair with security companies

security6 — Sat, 19 May 2012 16:23:49 +0000

Information security spending is thought to be recession proof, but does it have the legs to outrun the current downturn? In-Q-Tel partner Peter Kuper thinks so, but there are still some rough times ahead

Continue reading here:
Peter Kuper: VCs renewing their love affair with security companies

Division of CISO responsibilities may prevent burnout

security6 — Sat, 19 May 2012 16:23:39 +0000

Chief information security officers (CISOs) have a lot on their plate. Between data protection, malware detection, compliance regulations, social media security, mobile device management (MDM) and many more areas that fall into the realm of the security team, the CISO is obliged to wear many hats each day. A recent survey by IBM highlighted this multitude of CISO responsibilities

Link:
Division of CISO responsibilities may prevent burnout

Praise, criticism for retiring cybersecurity coordinator Howard Schmidt

security6 — Thu, 17 May 2012 13:14:10 +0000

Security experts say some issues haven?t been adequately addressed by the White House security chief.

See the original article here:
Praise, criticism for retiring cybersecurity coordinator Howard Schmidt

Securely implement and configure SSL to ward off SSL vulnerabilities

security6 — Wed, 16 May 2012 05:47:01 +0000

Recent SSL vulnerabilities have renewed questions about the protocol’s security. Expert Nick Lewis covers how to implement and configure SSL securely

Organizations lagging on cloud security training, survey shows

security6 — Sun, 13 May 2012 21:21:21 +0000

Symantec recently released some interesting findings from a survey the company conducted with the Cloud Security Alliance at the CSA Summit in February. The survey went beyond the usual sorts of basic questions to delve into organizations’ knowledge of cloud security

Excerpt from:
Organizations lagging on cloud security training, survey shows

Going after the middlemen in the fight against financial cybercrime

security6 — Sun, 13 May 2012 21:21:12 +0000

In the world of financial cybercrime , there are three primary groups of fraudsters at work. First up are the developers who write the applications to grab credit card and bank account data. In the middle are the “carders” who sell the ill-gotten data to, if you will, end users.

More here:
Going after the middlemen in the fight against financial cybercrime

BeyondTrust acquires eEye Digital Security for vulnerability management

security6 — Thu, 10 May 2012 06:27:15 +0000

Analysts say eEye?s vulnerability and configuration management capabilities are a good fit with BeyondTrust?s privilege management and AD integration.

View article:
BeyondTrust acquires eEye Digital Security for vulnerability management

Virtualization security best practices in wake of ESX hypervisor code leak

security6 — Tue, 08 May 2012 02:05:15 +0000

As security pros wait for more details about the VMware ESX hypervisor source code leak , should they be panicking? Well no, not yet, anyway. Without knowing exactly what source code was leaked, it’s hard to know the extent of the threat, security experts have said

Link:
Virtualization security best practices in wake of ESX hypervisor code leak

Creativity makes information security awareness training stick

security6 — Tue, 08 May 2012 02:05:04 +0000

It often seems security pros place great expectations on users, and are amazed when they fall for an obvious security trap or common social engineering attack . But instead of being amazed, the more appropriate response may be to recognize that traditional information security awareness training programs often don’t work

See the original article here:
Creativity makes information security awareness training stick

Gary McGraw: Eliminating badware addresses malware problem

security6 — Mon, 07 May 2012 06:26:39 +0000

Bad software and malicious software are two different issues that are easily confused, says software security expert Gary McGraw.

Continue reading here:
Gary McGraw: Eliminating badware addresses malware problem