Browse by Tags
All Tags »
BrainWave News (RSS)
I had a chance to review the 2010 Verizon Data Breach Report today, which I was alerted to by ISC.SANS.ORG . They’ve put together data from 2004 through 2009, and it is quite interesting. These are from confirmed data breach cases. Here were 3 of
Read More...
I’ve said it for a few years now, but host-based antivirus is really not working out anymore. Not with its reliance on signatures to detect malware. Recently, several prominent antivirus vendors have experienced problems with faulty virus definitions:
Read More...
I recently read an opinion piece on ComputerWorld about the post-Cloud IT landscape , and it I had a couple thoughts: The author makes a good point that little mention is made of what the world will look like when cloud is the norm… We (both business
Read More...
Google is in the news quite a bit, lately, but not all of that publicity is good… Google lists $350 fee for early Nexus One returns Update: Google may pull out of China because of cyber attacks Nexus One fiasco continues for Google Contrary to popular
Read More...
Yes, you heard me correctly… We still think about personal and corporate security only as an afterthought. Despite all the regulatory and industry compliance that has been created and updated in the past 15 years, as we close out this decade, we are hardly
Read More...
Earlier this month, I came across a provocative article in ComputerWorld that outlined some of the reasons why many organizations get inconsistent results from their Information Technology departments. Later, this article was made the source of
Read More...
The prevailing wisdom says that technology is supposed to be getting simpler all the time. This belief appears to be pervasive with many corporate leaders who insist that there should be less of a need for expensive technology experts in an organization
Read More...
There are several major challenges to the successful implementation of good information security in many organizations today. It is not because business owners do not think that security is important. No, the issues exist because they do not
Read More...
It has long been accepted that Information Security should be implemented in layers: Defense in Depth . The idea being that you should add overlapping protection mechanisms to either stop or slow down an intruder. To use a simple analogy, if you
Read More...
I just finished reading a provocative Computer World article about the PCI compliance process, entitled “Will the Real Enemy of Security Please Stand Up?” , and it highlights a common misconception about the role of auditing and auditors in the compliance
Read More...
As a technologist, I am always on the lookout for new and exciting products, solutions and discoveries which will be coming to a store near me at some point in the future. Whenever possible, I look to jump on the beta bandwagon and preview or test
Read More...
Well, it’s been a while since we’ve had an active zero-day in Internet Explorer, but according to Microsoft Security Advisory 972890 , that’s what we’re looking at: a vulnerability in DirectX that allows for unauthenticated, remote execution attacks
Read More...
Two of my favorite tools for online storage and collaboration are DropBox and Box.net . Because each product offers features that the other lacks, and because they appear to be attacking the challenges of collaboration different perspectives,
Read More...
There is an excellent discussion taking place on the LinkedIn group for CIO magazine under the heading of: Some thoughts on IT-Business Alignment from the Chase Zander IT Director Forum (as influenced by CIO Forum members) So far, there are over 35 responses,
Read More...
The Conficker worm continues to make headlines , not only because it has been so elusive over the past 5 or so months, but because it is configured to do something special on April 1, 2009. For a disturbingly large number of individuals and organizations,
Read More...