Stories by Thor Olavsrud

Targeted attacks increased, became more diverse in 2011

The number of security vulnerabilities declined in 2011 but malicious attacks skyrocketed 81 percent from 2010, according a new Internet Security Threat Report released by Symantec Monday. Advanced targeted attacks, in particular, were on the rise in 2011 and they are spreading to organizations of all sizes.

Are zombies sucking the life out of your data center?

Even if your organization has gone the virtualization route or is leveraging the cloud, chances are you're still operating at least some of your own infrastructure. And that means there's a good chance you're operating servers and other equipment that are achieving nothing but the consumption of resources. That's right; you've got zombies in your data center.

Verizon's IP VPN Opens a New World of Wireless Possibilities

Verizon's announcement yesterday of its new Private IP Wireless (LTE) service is the most recent advance in what appears to be an emerging technology offering for carriers: multiprotocol label switching (MPLS) IP VPNs that span and integrate both wireline and high-speed wireless.

IT must change security strategies to keep up with cybercriminals

With an eye to the threat horizon several years out, organizations can no longer afford to leave responsibility for managing security risks at the door of the information security department. Instead, organizations must adopt a much more strategic and business-based approach to risk management, says Steve Durbin, global vice president of the Information Security Forum (ISF).

Do insecure open source components threaten your apps?

Since Apache Maven, the brainchild of Sonatype founder Jason van Zyl, emerged as a top-level Apache Software Foundation project in 2003, the Central Repository has become a primary source of open source components. Jackson says the Central Repository receives four billion requests per year for its 300,000 components.

Cost of data breaches declines

For the first time in seven years—and despite numerous high-profile incidents—the average cost of a data breach fell in 2011, according to new findings released by Symantec and the Ponemon Institute.

How to be ready for Big Data

Big Data is all the rage these days, and more than a few organisations are at least wondering what sort of business intelligence they could derive from all the information at their disposal. But while awareness of Big Data is growing, only a few organisations-like Google or Facebook-are really in position to capitalise on it now. However, the time is coming and organisations that expect to leverage Big Data will not only have to understand the intricacies of foundational technologies like Apache Hadoop, they'll need the infrastructure to help them make sense of the data and secure it.

Why you need automated server access controls

A large number of enterprises have not implemented automated server access controls, exposing themselves to risks ranging from insider fraud and corporate espionage to regulatory compliance issues and even nation-state sponsored attacks, according to a recent report by information security research firm Echelon One and enterprise access management specialist Fox Technologies.

Inadequate SSL certificate data threatens IT security

SSL certificates are a fundamental component of secure online transactions, but a majority of organizations admit that they have an inaccurate or incomplete inventory of their certificate populations, according to a new study conducted by Osterman Research on the behalf of enterprise key and certificate management (EKCM) provider, Venafi. Salt Lake City-based Venafi calls that a worst practice that presents a substantial risk for security and compliance incidents.

Malware network threats rising, how to defend yourself

In 2011, cybercriminals stepped up their game with the creation of malware networks (malnets)-distributed network infrastructures that exploit popular places on the Internet like search engines and social networking sites to repeatedly launch a variety of malware attacks.

[]