When the moderator of a panel discussion at the recent RSA conference asked the audience how many thought their risk management programs were successful, only a handful raised their hands. So Network World Editor in Chief John Dix asked two of the experts on that panel to hash out in an email exchange why these programs don't tend to work.
Identity theft has been the top consumer complaint to the Federal Trade Commission now for 13 years running.
RSA, the security division of EMC, kicks off its annual security conference on IT security today with a pitch to establish its new Big Data Security and risk-governance products as a foundation for security operations centers. And RSA says it'll send in its security professionals to help set them up, too.
The US Department of Veterans Affairs has begun installing millions of sensors on just about anything that costs more than $US50.
There are plenty of reasons that a company might want to try and decrypt SSL sessions — to stop outbound malware botnet connections that are decrypted, or to stop a rogue insider from sending out sensitive corporate information — but be prepared to hear employees whose data traffic is decrypted complain loudly about their privacy being invaded.
Guidance Software today said its <a href="http://www.networkworld.com/news/2010/031710-forensics-tools-help-companies-investigate.html">computer forensics</a> tool is now capable of automated collection of data on endpoint devices, including computers and <a href="http://www.networkworld.com/slideshows/2010/061510-smartphone-history.html">smartphones</a>, based on a <a href="http://www.networkworld.com/topics/security.html">security</a> information and event management (SIEM) alert.
Network access control (NAC) is saving the University of North Carolina at Chapel Hill $40,000 per year by keeping students from illegally using <a href="http://www.networkworld.com/community/blog/file-sharing-or-privacy-breaching-service-bew">peer-to-peer file-sharing</a> <a href="http://www.networkworld.com/topics/applications.html">applications</a>.
The PCI Security Standards Council today is expected to issue guidelines on use of point-to-point encryption in protecting sensitive payment card data, but the narrow approach — which is focused on hardware — is raising questions.
The <a href="http://www.networkworld.com/news/2011/082911-new-windows-worm-spreads-by-250194.html">Morto A worm</a> is having continued success despite its reliance on a list of lame passwords to take over victim machines.
While still not great, the operating systems behind Apple desktops, laptops and phones are getting more secure, <a href="http://www.networkworld.com/news/2011/080411-blackhat-overview.html?hpg1=bn">researchers at Black Hat</a> say.While not recommended for corporate use unless it’s in islands within larger networks, the OSX operating system has made strides, says Alex Stamos, who lead a team of researchers from iSec Partners that researched the OSX and Windows 7 operating systems.
Off-the-shelf graphic processing units can perform <a href="http://www.networkworld.com/news/2011/032611-in-iran-new-attack-escalates.html">SSL acceleration</a> as fast as high-end commercial SSL hardware at a fraction of the cost, according to researchers in Korea and the U.S.
Dell Wednesday announced its first endpoint encryption product, along with the possibility of factory installation on certain Dell PCs.
The organization in charge of defining security for the payment-card industry's merchants and service providers Tuesday issued two guidance papers, the first on end-to-end encryption and the second on payment card technology used more commonly in Europe than the United States.
Symantec is laying down a strategy for integrating the two encryption-software companies it acquired, PGP Corp and GuardianEdge Technologies.
There's a groundswell of frustration about today's endpoint security, as well as worries about how newer technologies such as virtualisation or cloud computing will impact it, according to a new study.