TotalCIO

Aug 1 2014   9:17PM GMT

With malware like Backoff around, IT security can’t be about protecting egos

Kristen Lee Kristen Lee Profile: Kristen Lee

Tags:
CIO

If you’re a CIO who takes offense when someone questions your IT security program, it may be time to get out of your own way for the sake of your company. That’s the provocative view of Kevin Beaver, an information security consultant — ¬†floated in this week’s Searchlight news roundup by Associate Site Editor Fran Sales.

“The interesting thing, to me, that rarely comes up in these discussions is how the CIO can actually be part of the security problem. Not many, but quite a few CIOs view security as a threat to their jobs,” said Beaver. “If you point out security risks, then you’re pointing out their shortcomings.”

But, as Sales gently admonishes, this is no time for protecting egos or turning a blind eye to security. Guarding a company’s information assets will require the attention of everyone in the enterprise from the top down, as a new report published by the Department of Homeland Security makes clear.

Released this week, the report reveals that attackers use brute-force cracking to log into remote desktop solutions. Once they gain access, hackers deploy Backoff, a family of malware¬†capable of memory scraping, keylogging, and command-and-control communication and injecting malicious stubs. With malware like Backoff to contend with, companies need a multilayered approach to security — and a lot of human vigilance. The column also includes the report’s tips for improving security.

In other news, Facebook is giving its mobile messaging user the next few days to download its dedicated Messaging app, Singapore has managed to integrate NSA’s mass surveillance and data mining into their society without laws getting in the way (hmmm!), and much more in this week’s Searchlight.

monney and computer

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: