Security Wire Weekly

March 24, 2011  8:08 PM

Security awareness training begins with risk assessment

Posted by: Jessica Scarpati
security awareness training, Security Wire Weekly

Security expert Rob Cheyne, CEO of Safelight Security Advisors, explains how organizations can get started with security training programs. Cheyne said a good first step is a risk assessment.

Program links:

Check out Safelight’s Security Education BluePrint: It’s a free risk assessment tool that can be used to plan out a training program.

March 9, 2011  2:05 PM

RSA 2011 redux: Cloud risks, mobile threats, targeted attacks

Posted by: Jessica Scarpati
RSA Conference 2011, Security Squad

The SearchSecurity editorial team discusses the themes that emerged from the 2011 RSA Conference. While cloud computing risks continued to be top of mind, attendees heard about threats to mobile devices and the growing number of successful targeted attacks against enterprises.

Show notes:

Cloud computing compliance: Visibility key:
Transparency is essential for security and compliance when working with cloud services providers, RSA panelists say.

Unique attacks highlight Internet espionage trends:
Attackers are using malware samples that researchers have never seen before — and will never see again — to successfully steal data from unsuspecting organizations, governments and individuals.

Video - Mobile malware targeting Android, iPhones, says Kaspersky Lab expert:
Mobile malware has been increasing in scope and intensity explains Denis Maslennikov, senior malware analyst on Kaspersky Lab’s global research and analysis team. As Maslennikov explains, mobile malware infections are still fairly rare, but they have targeted smartphones running nearly every platform.

March 4, 2011  3:36 PM

The effects of compliance on the security industry

Posted by: Jessica Scarpati
compliance, PCI, Security Wire Weekly

Paul Judge, CTO of Barracuda Networks and Joshua Corman, director of enterprise research at the 451 Group discuss whether compliance hinders the creation of innovative security technologies.

Joshua Corman: Why Zombies love PCI (YouTube Video)

February 21, 2011  11:36 PM

RSA 2011: Does compliance inhibit security innovation?

Posted by: Jessica Scarpati
compliance, RSA 2011, Security Wire Weekly

Joshua Corman of the 451 Group, Paul Judge of Barracuda Networks and Eric Ogren of the Ogren Group talk about whether compliance inhibits security innovation. Also, Michael S. Mimoso, Editorial Director of gives his thoughts on the 2011 RSA Conference.

February 16, 2011  9:33 PM

RSA 2011: Dan Kaminsky on the ROI of DNSSEC for enterprises

Posted by: Jessica Scarpati
Information Security, RSA Conference 2011

In a brief interview following a presentation on DNSSEC at RSA Conference 2011, network security expert Dan Kaminsky explained why enterprises need to pay attention to DNSSEC deployments. Kaminsky said firms that invest in systems supporting the more secure DNS protocol will eventually be able to deploy better security technologies.

January 28, 2011  2:36 PM

NetWitness’ CSO on targeted malware

Posted by: Jessica Scarpati
malware, Security Wire Weekly

Eddie Schwartz, CSO of network analysis firm NetWitness, talks about targeted malware and the company’s new Spectrum malware analysis platform.

January 20, 2011  3:30 PM

Threat predictions and browser wars

Posted by: Jessica Scarpati
cybersecurity 2011, Security Squad

The SearchSecurity editorial team examines past threat predictions, discusses the prospects for mobile malware and talks about how the browser marketshare wars have leaked into the security space.

December 27, 2010  8:40 PM

Cybersecurity 2010: Looking back and lessons learned – Part 2

Posted by: Jessica Scarpati
cybersecurity 2010, Security Squad

Pete Lindstrom, a research director at Spire Security joins the editorial team to talk about the top IT security news stories of 2010.

Microsoft’s legal action against Waledac botnet: Federal judge grants Microsoft the ability to shut down hundreds of domain names tied to the Waledac botnet.

McAfee DAT File issue: While buggy antivirus DAT files are the exception rather than the rule, downloading them can cause just as much turmoil as a potential DDoS attack.

Security Vendor Acquisitions:
($7.7 billion) McAfee-Intel
($1.28 billion) Symantec-VeriSign
($1.5 billion) HP-Arcsight

Consumerization of IT:
Mobile application security flaws a repeat of past mistakes: Developers of mobile applications are repeating many of the same coding errors that desktop coders and Web application coders made years ago, according to two security experts.
Enterprises should embrace end user influence on technology: Security vendors are sounding the alarm about the growing use of personal smartphones and web-based technologies.

White House Security Czar: Where is Howard Schmidt? President Obama’s choice for cybersecurity coordinator is being widely praised, but experts say he has major hurdles to overcome.

December 22, 2010  6:34 PM

2011 IT Security Predictions

Posted by: Jessica Scarpati
cybersecurity 2011, Security Wire Weekly

Patrik Runald of Websense’s Security Labs gives some of his IT security predictions for 2011.

December 21, 2010  7:32 PM

Cybersecurity: Looking back at 2010 – Part 1

Posted by: Jessica Scarpati
cybersecurity 2010, Security Squad

Pete Lindstrom, a research director at Spire Security joins the editorial team to talk about the top IT security news stories of 2010.

Google Aurora: Targeted attacks against Google, Adobe and possibly dozens of other firms used an unpatched vulnerability in Internet Explorer, according to researchers at McAfee.

CSIS/McAfee Critical infrastructure survey/study: IT and security executives at firms that own critical infrastructure facilities are concerned about the lack of security protecting underlying management systems from attack.

Stuxnet: The Stuxnet Trojan remains a threat to a small group of critical infrastructure facilities, but experts say future malware writers may attempt to copy its processes.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: