Home

Web 2.0 security concerns abound 

How this works • Top News • Columnists • Tech Watch • Test Center Reviews • Applications • App Development • E-Business Solutions & Strategies • End-user ... Hardware • Networking • Operating Systems • Platforms • Security • Standards & Protocols • Storage • Telecommunications • Wireless • Web Services October 01, 2007 Web 2.0 security concerns abound A lack of comprehensive security tools designed to stop Web-based threats continues to be a problem among businesses, according to a new survey published by Forrester Research and Secure Computing on Monday According to the study -- which was based on interviews conducted by Forrester with roughly 150 IT pros -- companies of all sizes continue to adopt a larger number of Web-based applications, in particular so-called Web 2.0 technologies such as online collaboration and file-sharing tools, yet few have done anything to protect themselves against the growing volume of attacks that seek to piggyback on the systems . First off, even though m   [More...] [Less...]

ippr - Institute for Public Policy Research 

Energy Security in the UK ISBN: Author: Jenny Bird Contributors: Price: Free Publication Date: 30 August 2007 The Energy White Paper, published in May ... 2007, highlighted energy security and mitigating climate change as the two major challenges facing the energy sector in the UK. This FactFile assesses the energy security challenges facing the UK s electricity, transport and heating sectors. It goes on to outline potential solutions, the barriers to their implementation, and their impact on efforts to reduce greenhouse gas emissions. The issue of energy security is currently receiving a lot of attention in the UK. Dwindling oil and gas reserves in the North Sea and the impending closure of a number of power stations have focused attention on the problem of ensuring the lights do not go out. But energy security is not just about electricity. Transport accounts for almost all of our oil use and a greater proportion of natural gas is used in the domestic and commercial sectors (mainly for   [More...] [Less...]

Can Web 2.0 cope with second class security? | 22 Mar 2008 | ComputerWeekly.com 

Yet according to Ken Munro, managing director at penetration testing specialist Secure Test , rushing into Web 2.0 is the last thing you should be doing, ... because the consequences of getting your security wrong are severe. "You can get a vulnerability in a web application that is exploited one day and infects a million users the next. The potential impact is so big, it is enough to take a brand down," he says. And his remarks are not fantasy. Two years ago the Samy worm exponentially infected over a million users of social networking site Myspace, within 24 hours. Samy smashed a previous propagation record, for an internet worm, set by Code Red, July 2001, which managed only a paltry 350,000 victims after four days. Luckily for Myspace, Samy also gained some "cool" status for its benign effect: the payload amounted only to making the victim a "friend" of the worm's writer. Jonathan Armstrong, technology law partner at Eversheds, agrees with Munro's pessimism, particularly with regard to   [More...] [Less...]

7’s cardinal virtues - The IET 

The latest incarnation of Microsoft’s flagship operating system has much to commend it to enterprise users, reports E&T . For an exclusive video report ... on Windows 7 from E&Ttv, please scroll to the bottom of this page. The response to Windows Vista from enterprise IT professionals was far less enthusiastic than Microsoft would have liked. When Vista was launched two years ago, like with all new operating systems, businesses waited until the dust settled and Microsoft released its first service pack (SP1). With Vista, however, SP1 was not enough to stem the adverse publicity that Vista had received from consumers who had bought machines with the new operating system pre-installed, as well as from IT professionals who had evaluated it for their purposes. Vista’s problems began with the significant hike in processing power that the new operating system would require to operate all its premium features. Additionally, Vista’s launch coincided with the advent of a tighter two-tiered driver a   [More...] [Less...]

House of Lords Inquiry: Personal Internet Security 

BSIA 

The British Security Industry Association is the trade association for the professional security industry in the UK. Its members provide over 70% of UK ... security products and services and adhere to strict quality standards. Please click on the menu above to find information tailored to your needs. Lobbying by the British Security Industry Association and partner organisations on the regulation of calls to 0870 numbers has led to Ofcom no longer requiring telecoms networks to introduce pre-call ... The regional winners of the British Security Industry Association’s Annual Security Officer Awards 2008 have been announced. The awards recognise excellence within the security guarding sector ... The BSIA and the organisers of IFSEC, the world’s largest annual security event, are pleased to announce the finalists of the prestigious Security Industry Awards 2008. Acknowledging the ...   [More...] [Less...]

Guide to General Server Security (DRAFT) 

Special Publication 800-123 (Draft) Guide to General Server Security (Draft) Recommendations of the National Institute of Standards and Technology ... Karen Scarfone Wayne Jansen Miles Tracy Guide to General Server Security (Draft) Recommendations of the National Institute of Standards and Technology Karen Scarfone Wayne Jansen Miles Tracy NIST Special Publication 800-123 (Draft) C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 May 2008 U.S. Department of Commerce Carlos M. Gutierrez, Secretary National Institute of Standards and Technology James M. Turner, Acting Director GUIDE TO GENERAL SERVER SECURITY (DRAFT) Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public   [More...] [Less...]

GRC | Security Now! | Featuring episode #122 

(Note that the text transcripts will appear a few hours later than the audio files since they are created afterwards.) For best results: RIGHT-CLICK on ... one of the two audio icons & below then choose "Save Target As..." to download the audio file to your computer before starting to listen. For the other resources you can either LEFT-CLICK to open in your browser or RIGHT-CLICK to save the resource to your computer. Listener Feedback #30 Leo and I discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Is Privacy Dead? This week Steve and Leo take a break from the details of bits and bytes to discuss and explore the many issues surrounding the gradual and inexorable ebbing of individual privacy as we (consumers   [More...] [Less...]

SiliconRepublic.com: The silver bullet for social networking fears 

25.02.2008 - Intelligent technological solutions being developed by sites like Bebo represent the silver bullet when it comes to parent s fears over not ... only what their children are doing on social networking sites but also what content they are exposed to, says Dr Rachel O Connell, forensic psychologist and chief safety officer for Bebo. In a social networking seminar which took place in Dublin on Friday and was aimed at educating parents on the concepts surrounding these type of sites used by their children, experts including Dr O Connell fielded questions by concerned parents on issues such as identity theft, internet privacy and peer influence. The technology put in place by Bebo can pick up on inappropriate images submitted to the site and have them taken down rapidly, explained Dr O Connell. While cyberbullying is a hot topic amongst parents and educators, Dr O Connell told siliconrepublic.com it is simply not true that it is easier for children or young adults to target someone   [More...] [Less...]

Common misconceptions about database security | Tech News on ZDNet 

By Slavik Markovich, CTO of Sentrigo, News.com Posted on ZDNet News : May 05, 2008 11:15:47 AM Commentary-- You would think that enterprises realize by ... now that databases, which hold the crown jewels of sensitive information, need protecting. Unfortunately, there seems to be a serious disconnect and knowledge gap between IT security professionals and DBAs that are entrusted with the task of safeguarding databases. Database-specific knowledge is crucial for successfully enforcing security policy as it relates to databases and that knowledge is most readily available with database administrators. Only serious dialog between IT security and the DBA department would create the knowledge necessary to develop and enforce an effective security policy for databases and prioritize it correctly among the other IT security items. Common misconceptions IT security has about database security: 1. My databases are all behind firewalls and IDS/IPS so I m protected --Not so. Attacks can originate insi   [More...] [Less...]