The black market for identity theft
A while back I looked at the maturing market dynamics of cybercrime black markets and found that as professionals have come to dominate the hacking scene, a whole series of black markets have emerged.
View ArticleNetwork threats develop 'antibiotic' resistance
The scientific field of biology has provided many useful metaphors, such as "virus" and "infection," for the study of malware. Many researchers have used biology and evolution science to create...
View ArticleNo excuses -- encrypt all laptops
Every year, more than 5,000 laptops are lost in taxis in London, New York, Chicago and other large cities. According to our research, in 2008 companies' topmost security investment was laptop...
View ArticleUC security: When the shoe won't fit, compress the foot
If your security model is location-centric and depends on keeping things separate, how do you respond to a disruptive technology like unified communications? This is a pattern that keeps repeating in...
View ArticleiPhone security problems bring new risks
In just four days, not one but two worms targeting the iPhone have emerged. Both of the worms target the same vulnerability, a default password in the SSH server that is installed on jail-broken...
View ArticleMobile malware will test Android and iPhone
2009 ushered in mobile malware with the first (and second) iPhone worm appearing just before Christmas.
View ArticleGoogle's privacy afterthought
A few days ago, 10 privacy commissioners from Canada, the United Kingdom, France, Germany, Italy, Spain, Israel, Ireland, The Netherlands and New Zealand wrote an open letter to Google's CEO Eric...
View ArticleSecurity-as-a-service growing
When you ask IT professionals if they use cloud computing or software-as-a-service, most start by saying "no". But if you ask some follow up questions, you will quickly find out about "that one...
View ArticleThe missing piece of cloud security?
Cloud computing, especially public cloud infrastructure-as-a-service is not yet a reality for the vast majority of companies. Recent announcements however, from VMware, Citrix and Oracle clearly show...
View ArticleMore censorship, data breaches and devices: Security predictions for 2011
This past year has been a doozy in the security world.
View ArticleSecurity will rescue cloud computing
Whenever the topic of security is mentioned in the context of cloud computing, it is usually discussed as the "big barrier" to adoption. The perceived or actual lack of security in the cloud makes it...
View ArticleSecurity fragmentation needs to end
A new week, a new rash of attacks against security vendors, email marketers and banks. It would be easy to point fingers and laugh at the irony, especially in the case of security vendors, but that...
View ArticleHow to be an effective security buyer
In previous columns I have repeatedly emphasized the importance of interoperability and the danger of security fragmentation. Security is so fragmented that it is often hard to discern between hype and...
View ArticleCompeting for privacy in a social media world
For years, Facebook users have been clamoring for better privacy controls and clarity, while Facebook engineers oscillate between improvements and major privacy snafus. Every now and then a new wave of...
View ArticleFail a security audit already -- it's good for you
Failing an audit sounds like the last thing any company wants to happen. But that's because audits are seen by many as the goal of a security program. In reality, audits are only the means of testing...
View Article
