Search Results | Security threats and countermeasures
PREV 1   2 NEXT
Sort by:  Most Relevant  |  Date
Defence in depth

Blog   Two things drew my attention last week to the importance of defence in depth. One was a discussion about the economics of security, and the importance of ensuring that business cases take account of the need for additional layers of security from the outset. The other was a feature in Wired magazin...

Last updated: Mar 20, 2010   5:22 PM GMT  |  Blog: David Lacey's IT Security Blog   |      Security Solutions, threats
Waking up to the emerging cyber security threat landscape

Blog   My blog has been very quiet lately as I've been on vacation. I seem to have come back to a changed world, one which has woken up to the reality that industrial process supervisory systems are actually vulnerable to attack by sophisticated malware, such as the Stuxnet worm. It's a new scare to the a...

Last updated: Oct 4, 2010   11:32 PM GMT  |  Blog: David Lacey's IT Security Blog   |      risks, Security Solutions, threats
Security Forecasts for 2007

Blog  Its getting to that time of the Season when many of us look ahead to a New Year with mixed emotions of hope, fear, uncertainty or just plain boredom. What will 2007 bring? Will it be more of same? Will it herald a new age of prosperity or danger? Heres my Top 10 Security Trends of the coming ...

Last updated: Dec 29, 2006   11:26 AM GMT  |  Blog: David Lacey's IT Security Blog   |      Predictions, Professionalism, Technology
CISSP Essentials training: Domain 6, Software Development Security

Discussion  Prepare for CISSP exam Domain 6 covering software application system development processes, and security threats and countermeasures.

Last updated: Jul 29, 2014   1:51 PM GMT   |    CISSP, Software development
Laptop security - it's not that difficult

Blog  Yet another laptop theft story in the newspapers. This time a case of three stolen laptops containing payroll and pension details of more than 15,000 Met Police officers. Following on from the recent Nationwide incident its clear that the UK Media have this theme firmly in their sights. Its no...

Last updated: Nov 23, 2006   9:36 PM GMT  |  Blog: David Lacey's IT Security Blog   |      Laptops, threats, Users
Apocalypse soon?

Blog   Yesterday's ISC2 Security Leadership Seminar in London reflected a spectrum of contemporary thinking on the subject of information security, as well as highlighting some of the more extreme risks we can expect to encounter soon. It was an interesting blend of common sense, dj vu and doomsa...

Last updated: Mar 4, 2009   10:29 AM GMT  |  Blog: David Lacey's IT Security Blog   |      People, Predictions, threats
Securing VoIP Networks: Threats, Vulnerabilities and Countermeasures

Discussion  In an excerpt from the book Securing VoIP Networks: Threats, Vulnerabilities and Countermeasures, authors Peter Thermos and Ari Takanen discuss the strengths and weaknesses of SRTP.

Last updated: Jun 14, 2014   1:35 PM GMT  
SAP applications could be hacked, expert warns

Discussion  The chief technology officer at Virtual Forge explains the top five SAP application security threats and countermeasures to avoid being hacked.

Last updated: Jun 3, 2014   4:31 AM GMT  
threat modeling

Discussion  Threat modeling is a procedure for optimizing network security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system...

Last updated: May 8, 2014   2:16 AM GMT  
Web services security a challenging endeavor

Discussion  Web services have introduced new security challenges, some of which remain unaddressed by security mechanisms and technologies. Expert Ramesh Nagappan reviews the known threats to Web services and countermeasures to protect them.

Last updated: Jun 12, 2014   5:36 AM GMT  
New exploits demand multi-layer threat protection

Discussion  Application security cannot be attained without securing every layer, Amir Peles explains. Specialized attacks are proliferating, and they require specialized countermeasures.

Last updated: Jun 11, 2014   10:34 PM GMT  
Web services threats require specialized application security

Discussion  Web services are increasingly targeted for attack. These applications have a unique set of vulnerabilities, threats and countermeasures. Michael Cobb explains how to avoid XML bombs, XML denial-of-service and other exploits in this tip.

Last updated: Dec 11, 2013   1:06 AM GMT   |    Application security, Web services
We need to speed up security

Blog   I'm finally back blogging after a delightful summer break. Surprisingly, not a lot has changed in the cyber security world. Big security breaches have been surprisingly thin on the ground. And most have resulted from predictable human failings or greed, rather than technical weaknesses. There have ...

Last updated: Sep 5, 2014   8:10 PM GMT  |  Blog: David Lacey's IT Security Blog   |      "Computer security", Security
WLAN security basics

Discussion  Face facts, even if you don't like or want WLAN, you can't stem the tide. People love wireless for the convenience, mobility and ease of use. And whether or not they have your blessing, users are going to logon, surf and download wherever and whenever they want to. Don't put your organization's netw...

Last updated: Jun 15, 2014   0:49 AM GMT  
Balancing the cost and benefits of countermeasures

Discussion  The final tip in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book "The Shortcut Guide to Protecting Business Internet Usage published by Realtimepublishers.

Last updated: Apr 24, 2014   7:17 PM GMT   |    Information security
Never assume a security measure is foolproof

Blog   It's always interesting to observe the reaction of the media and cryptographic community to announcements that an algorithm has been broken. It says a lot about our perspective on security countermeasures. Too often, we regard them as either perfect or ineffective, when the truth is that they all h...

Last updated: Jan 11, 2009   11:12 AM GMT  |  Blog: David Lacey's IT Security Blog   |      perception, Security Solutions, Technology
How big data improves an information security strategy

Blog  I learned a new term the other day: data-driven security. I had been talking with Enterprise Management Associates security guru Scott Crawford about remote access security policies in a bring-your-own-device (BYOD) era -- yes, that's a mouthful. But then, in the ever-changing dynamics of IT, he fli...

Last updated: Mar 14, 2012   5:04 PM GMT  |  Blog: TotalCIO   |      CIO
Access Control Convergence - Part 2

Blog  Integrated policies improving access control are needed to increase safeguarding capabilities. Furthermore, due to technological and operational diversity, it is critical to have standard processes to control access that will permit economies of scale. Potential candidates for access control converg...

Last updated: Feb 5, 2009   9:38 PM GMT  |  Blog: IT Governance, Risk, and Compliance
Preaching in a security wilderness

Blog   Last week I was fortunate to be speaking at Cyprus Infosec 2011. It was a first class event with intelligent speakers, great debates and a smart audience. But yet again I seem to be the only speaker calling for a forward looking approach to security. Too many of our thought leaders are locked in t...

Last updated: Nov 5, 2011   4:03 PM GMT  |  Blog: David Lacey's IT Security Blog   |      Future Trends
Peer-to-Peer Networking - Part 2

Blog  Maybe, experientially, the small branch office with a P2P network has escaped a security incident since deployment. Even so, a functional P2P network unintentionally presents itself as a potential target waiting for someone capable of pulling the threat trigger to introduce a potent security disaste...

Last updated: Mar 3, 2009   4:05 AM GMT  |  Blog: IT Governance, Risk, and Compliance
RSA hack is a timely reminder of the need for richer authentication

Blog   Last week's admission by RSA that they had been the victim of a sophisticated espionage hack that could reduce the effectiveness of its authentication SecurID product, reminds us of the danger of placing too much reliance on a single authentication mechanism. Given the relentless and sophisticated...

Last updated: Mar 20, 2011   11:33 AM GMT  |  Blog: David Lacey's IT Security Blog   |      risks, Security Solutions
Out, out [darn] rootkit!

Blog  Antivirus, firewall protection and security solution provider GRISOFT announced a new free tool for rootkit removal this morning. As the press release says: "Rootkits are computer code that attempt to hide their actions and processes, making the job of detecting the code and the harmful processes v...

Last updated: Apr 10, 2007   3:23 PM GMT  |  Blog: Channel Marker
Countering the Threat of Information Security Fatigue

Blog  Charles Pask's comments on my recent blog postings raise an interesting and realistic new threat: that our industry might lose credibility due to non-events, because we are simply too good at what we do, and the bean counters are out to squeeze our budgets. It's a good point. I've certainly noticed ...

Last updated: Jan 10, 2007   7:31 PM GMT  |  Blog: David Lacey's IT Security Blog   |      People, perception
The wit and wisdom of Dan Geer

Blog  Here's a mindbender for you: Not only have all of the security products that we've installed on our desktops and servers not made those machines secure, they have, in fact, made them less secure. Dan Geer, the dean of the security deep-thinkers' set, said in his keynote speech this morning at Source...

Last updated: Mar 13, 2008   4:25 PM GMT  |  Blog: Security Bytes
Today's threats require joined-up security

Blog   The security threats that we face today are complex and sophisticated and are designed to do real harm--stealing data, recruiting computers into botnets and committing fraud. Much of our business and personal lives rely on use of computers, and internet access and electronic messaging systems are c...

Last updated: Dec 1, 2010   11:14 AM GMT  |  Blog: Bloor Security   |      Uncategorized
PREV 1   2 NEXT

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: