News release: “The FCC is launching the Small Biz Cyber Planner, an online resource to help small businesses create customized cybersecurity plans. This is the result of an unprecedented public-private partnership between government experts and private IT and security companies, including DHS, NCSA, NIST, The U.S. Chamber of Commerce, The Chertoff Group, Symantec, Sophos, Visa,… Continue Reading
Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002
Category Archives: PC Security
NIST Publishes Guide for Monitoring Security in Information Systems
Information Security Continuous Monitoring (ISCM) for Information Systems and Organizations (NIST Special Publication [SP] 800-137) “Information security continuous monitoring (ISCM) is defined as maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. This publication specifically addresses assessment and analysis of security control effectiveness and of organizational security status in… Continue Reading
Research Study – All Your Clouds are Belong to us Security Analysis of Cloud Management Interfaces
All Your Clouds are Belong to us Security Analysis of Cloud Management Interfaces – Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Jörg Schwenk, Nils Gruschka, Luigi Lo Iacono. In Proceedings of the ACM Cloud Computing Security Workshop (CCSW), 2011. “Cloud Computing resources are handled through control interfaces. It is through these interfaces that the new… Continue Reading
Symantec Intelligence Report – August 2011
“Symantec Corp. announced the results of the August 2011 Symantec Intelligence Report, now combining the best research and analysis from the Symantec.cloud MessageLabs Intelligence Report and the Symantec State of Spam & Phishing Report. This months analysis reveals that once more spammers are seeking to benefit from fluctuations in the turbulent financial markets, most notably… Continue Reading
$15bn of preventable software costs found in organizations in the United States and United Kingdom
News release: 1E, the global leader in IT efficiency software today announced the results of an independent study of IT professionals in the United States and United Kingdom into software efficiency. The study, commissioned in association with the International Association of Information Technology Asset Managers (IAITAM) and the Federation Against Software Theft Investors in Software… Continue Reading
CDT: "Take Back Your Privacy's" Top 5 Privacy Tips
Cyrus Nemati, CDT: “If you’ve been following our Take Back Your Privacy campaign, you’ve seen our weekly privacy tips. Each week, we offer readers a new way to protect their privacy online through plug-ins, browser tricks, programs, and general privacy best practices. While each tip has merit in its own right, there are a few… Continue Reading
DOJ OIG: FBI's Ability to Address the National Security Cyber Intrusion Threat
DOJ OIG: The Federal Bureau of Investigation’s Ability to Address the National Security Cyber Intrusion Threat (Redacted Version), Audit Report 11-22, April 2011 “…Despite these efforts, the National Cyber Investigative Joint Task Force (NCIJTF) needs to continue to improve its capabilities to combat cyber attacks.” Continue Reading
Google Video Shows Use of Disk Crushers and Other Security Measures
Computerworld: ‘Google is shedding some of the secrecy around its data center practices, with a new video that shows extensive security measures and the destruction of old hard drives to prevent leakage of customer data. Google “rigorously tracks the location and status” of each hard drive, destroying failed hard drives with a multistep process before… Continue Reading
'HTTPS Now' Campaign Urges Users to Take an Active Role in Protecting Internet Security
News release: “The Electronic Frontier Foundation (EFF) and Access have launched an international campaign for HTTPS Now, rallying consumers around the world to help us make web surfing safer. HTTPS (Hypertext Transfer Protocol Secure) protects web surfing by encrypting requests from a user’s browser and the resulting pages that are displayed, but many websites default… Continue Reading
NSA: Best Practices for Keeping Your Home Network Secure
Best Practices for Keeping Your Home Network Secure, April 2011. “The cyber threat is no longer limited to your office network and work persona. Adversaries realize that targets are typically more vulnerable when operating from their home network since there is less rigor associated with the protection, monitoring, and maintenance of most home networks. Home… Continue Reading
Verizon Risk Team: 2011 Data Breach Investigations Report
News release: “Data loss through cyber attacks decreased sharply in 2010, but the total number of breaches was higher than ever, according to the “Verizon 2011 Data Breach Investigations Report.” These findings continue to demonstrate that businesses and consumers must remain vigilant in implementing and maintaining security practices. The number of compromised records involved in… Continue Reading
DHS – Enabling Distributed Security in Cyberspace
Enabling Distributed Security in Cyberspace – Building a Healthy and Resilient Cyber Ecosystem with Automated Collective Action, March 23, 2011 “Like natural ecosystems, the cyber ecosystem comprises a variety of diverse participants private firms, non‐profits, governments, individuals, processes, and cyber devices (computers, software, and communications technologies) that interact for multiple purposes. Today in… Continue Reading
