How do you stop the threat from within?

by Julie Jervis 01-Dec-03

The biggest threat to security is not from outside, it is from the company employee. Julie Jervis asked security experts throughout the U.S. how they are educating these end-users

full story

Infosec is news in the year of the worm

by Ben Rothke 01-Dec-03

This has been a very good year - especially for the hackers. Ben Rothke wonders if we have learned anything from the experience

full story

Witches’ brew of concerns

by Illena Armstrong 01-Dec-03

The next 12 months could be a crunch time for infosecurity. So Illena Armstrong asked some experts how the cookie might crumble

full story

Time to act: New challenges in 2004

by Marcia Savage 01-Dec-03

Tighter regulation and higher levels of cyber attacks will increase the role of the CSO in 2004. Marcia Savage reports

full story

Readability is vulnerability

by Barbara Gengler 01-Nov-03

Watermarking is playing a more significant role, but is a far cry from the protection most critical data requires, says Barbara Gengler

full story

Central control: Let’s get it all together

by Chris Pick 01-Nov-03

Chris Pick outlines the pressures that are driving some organisations to integrate security and systems management

full story

Out of patience with exposed Windows

by Julie Jervus 01-Nov-03

How are CSOs coping with the growing burden of software patches? Julie Jervus sought the opinions of four practitioners with strong views on the matter

full story

No person is an island

by Mark Fischer 01-Nov-03

Certification is just the start. Real professionals learn to share with others of like mind, says Mark Fischer

full story

Get qualified: Certification - that’s the name of the game

by Marcia Savage 01-Nov-03

There is an increasing range of valuable qualifications that an information security expert can gain, says Marcia Savage

full story

Washington gets tough

by Jerry Harold 01-Oct-03

What can the private sector learn from the government’s ramped-up IT security? Plenty, says Jerry Harold

full story

Holistic paths to security

by Adam Lipson 01-Oct-03

Security tools are important for protecting company systems, but, says Adam Lipson, focusing on people can yield better results

full story

Laptop stolen? No need to fret: How to minimize the pain

by Illena Armstrong 01-Oct-03

What is the solution to laptop loss? Software tracking, a layered approach to security, or is there another way? Illena Armstrong reports

full story

Does size really matter?

by Jonathan Gossels and Dick Mackey 01-Oct-03

Jonathan Gossels and Dick Mackey believe it does - the smaller the device the more likely the victim on theft

full story

Dangerous exploitations

by Gunter Ollmann 01-Oct-03

There are many damaging consequences of a poorly planned security assessment, says Gunter Ollmann.

full story

Blackout blues ...and what you can do to avoid them

by Ron Mobed 01-Oct-03

The recent power outage was a powerful reminder of the value of business continuity provisions. Ron Mobed reports.

full story

Resist the urge: No more point solutions

by Illena Armstrong 01-Oct-03

Buying the latest tools to secure your assets is not the way forward. A structured plan for your infosec is vital, says Illena Armstrong.

full story

Sticking up for security

by Louise Murray 01-Oct-03

Sony’s new memory sticks have riled the business world into banning them from use, Louise Murray asks why?

full story

Revolution or evolution?

by Bob Heard 01-Oct-03

New technology brings with it new problems. For mobiles devices it is security. Bob Heard looks back for answers

full story

Protect the road warrior ...and deter the black hats

by Ron Condon 01-Oct-03

Security has become paramount on mobile devices as more employees work away from the office. Ron Condon investigates.

full story

Asking a clear question

by Elton Hay 01-Aug-03

In his third article, Elton Hay discusses the problems and dangers of storing answers to challenge questions.

full story

Faster and more secure

by David Hicks 01-Aug-03

SSL’s potential weaknesses can be overcome says David Hicks, creating flexibility for today’s online needs.

full story

The fine art of deception

by Gunter Ollmann 01-Aug-03

Attacks using social engineering techniques can be difficult to defend against, as Gunter Ollmann discovers.

full story

The masters of disguise: Do you know who your users are?

by Illena Armstrong 01-Aug-03

Illena Armstrong looks at the complex and challenging task of managing identities over today’s distributed company systems.

full story

Making the right connection: Which VPN - SSL, IPsec or both?

by Illena Armstrong 01-Aug-03

What does the future hold for secure virtual private networks? Illena Armstrong gazes into her crystal ball to look for the answer.

full story

Keeping out the intruders: Detecting and preventing

by Illena Armstrong 01-Aug-03

What is the future for intrusion detection and intrusion prevention systems? Illena Armstrong examines the conflicting claims.

full story

Cutting down the noise

by Ryon Packer 01-Aug-03

Villain or angel? Ryon Packer explains how your network intrusion detection system could become the latter.

full story

Do you feel the force? Malware can pull you apart

by Gerhard Eschelbeck 01-Jul-03

Gerhard Eschelbeck discovers that as malware becomes more sophisticated, your defenses must improve to prevent damage.

full story

Defenses for the ‘click and hack’ age

by Robert Clyde 01-Jul-03

Malicious attacks are evolving and, as Robert Clyde discovers, defenses to these attacks should evolve too

full story

Unmasking the authors

by Chris Belthoff 01-Jul-03

Education should play an important part in preventing the next generation of virus writers, says Chris Belthoff.

full story

Policy that lives: Enforcing security in spite of the users

by Illena Armstrong 01-Jul-03

Creating a security policy may be hard, says Illena Armstrong, but making sure that users comply is always the biggest problem

full story

C-level sponsors: Factoring in the business bottom line

by James L. Bindseil 01-Jul-03

Unless C-level executives are thoroughly involved in security matters your business strategy will suffer, says James L. Bindseil

full story

Infosec accountability

by Chris Mullins 01-Jul-03

Compliance with the Sarbanes-Oxley Act is forcing companies to impose stricter policies, says Chris Mullins

full story

A risky business: Insurance in cyberspace

by Illena Armstrong 01-Jul-03

Illena Armstrong looks at some of the forces driving demand for cyberliability insurance and what companies should be looking for

full story

The network detectives

by Gunter Ollmann 01-Jul-03

Both forensics and ethical hacking, says Gunter Ollmann, are needed to investigate critical security events

full story

Guarding the spoken word

by Tana Scouras 01-Jul-03

Security for voice networks is as vital as for data systems says Tana Scouras, but many lack even the basics

full story

Skills to tame the Tigers

by Illena Armstrong 01-Jul-03

Illena Armstrong reports on a project that is seeking to develop the infosecurity professionals of tomorrow

full story

The stronger, the better

by Elton Hay 01-Jul-03

Elton Hay spotlights the problems associated with the challenge question approach to forgotten passwords

full story

Putting the pieces in place

by Gunter Ollmann 01-Jun-03

Even the best of security policies will be ineffectual without proper implementation, says Gunter Ollmann

full story

Spyware: Invading user privacy

by Carlos Valiente 01-Jun-03

Applications that wait to steal your personal information are legion, so Carlos Valiente recommends constant vigilence

full story

Sinking in a sea of spam

by John Young 01-Jun-03

Tired of email porn and body enhancement offers? John Young suggests using secure content management to halt the tidal wave.

full story

Tracking down cybercriminals

by Tari Schreider 01-Jun-03

Tari Schreider describes a real-life investigation into a scam that threatened to undermine a large organization.

full story

Owning up to cyberattack

by John Patzakis 01-Jun-03

A new law in California means you need comprehensive incident and forensics planning says John Patzakis.

full story

Rethinking PKI

by Stephen Wilson 01-Jun-03

Early public key infrastructure projects failed because they were too complex. But Stephen Wilson argues that PKI is ideal for managing closed communities.

full story

Passwords exposed: Users are the weakest link

by Illena Armstrong 01-Jun-03

Illena Armstrong discovers that the use of traditional passwords could be giving many organizations a false sense of security.

full story

Guarding the keep: Storage security

by Jon Tullett 01-May-03

Vital business information should be carefully stored but, Jon Tullett asks, can you be sure it really is locked away safely?

full story

Issues for SAN security

by Stewart Buchanan 01-May-03

SANs have some inbuilt security says Stewart Buchanan, but this does not mean you should relax your guard

full story

Blocking attacks on applications

by Abhishek Chauhan 01-May-03

Web services may be critical for business but leave you wide open to attack. Abhishek Chauhan looks at protection techniques

full story

Timing security practices for web application success

by Caleb Sima 01-May-03

Last year, says Caleb Sima, many organizations began using web application security assessment tools and discovered that many vulnerabilities could not be corrected because they resulted from insecure application development practices.

full story

Consultant's view: Testing with open eyes

by Gunter Ollmann 01-May-03

You can wander round in the dark says Gunter Ollmann, but full knowledge penetration tests are much better

full story

Talk time: Instant messaging and the enterprise

by John Korsak 01-May-03

Instant messaging can bring both great business benefit and far greater risks to your network systems, says John Korsak

full story

The language of the market

by Roger Sullivan 01-May-03

Customers and partners need access to your systems. Roger Sullivan says XML can provide the security to make it happen.

full story

Reducing the stream of false positives

by Ray Zadjmool 01-May-03

Ray Zadjmool explores a solution to the number of false positives specifically created by the use of Windows Media Player

full story

Laptop lockdown: Tracking down the thief

by Louise Murray 01-May-03

Recovering your laptop after it has been stolen is not as quite imposible as it might seem, as Louise Murray finds out

full story

Is privacy a real concern?

by John Woodward 01-May-03

John Woodward contends that, by properly addressing privacy issues, a successful deployment is possible

full story

Biometrics: Finding a niche at last

by Illena Armstrong 01-May-03

As deployment of biometric technology becomes widespread, Illena Armstrong wonders if the interest is truly genuine.

full story

Predicting the next outbreak

by Steven Drew and Joe Stewart 01-Apr-03

Steven Drew and Joe Stewart argue that it is possible to be forewarned and forearmed against even sophisticated internet worms

full story

Consultant’s view: It’s only a workstation

by Gunter Ollmann 01-Apr-03

The humble desktop is often the weakest point in workplace security, as Gunter Ollmann regularly discovers

full story

HIPAA: Now comes the security Challenge

by Jon Bogen 01-Apr-03

As the HIPAA privacy compliance deadline passes, Jon Bogen highlights the top action points for the new security rules

full story

HIPAA: Keeping the security rules

by Gerhard Eschelbeck 01-Apr-03

Vulnerability assessment is a vital part of ensuring networks comply with HIPAA, says Gerhard Eschelbeck

full story

Locking down the airwaves

by Dave Piscitello 01-Apr-03

Defending your wireless LAN may seem an impossible task, says Dave Piscitello, but you can do it more easily than you may think

full story

Tips for WLAN security

by Bob Whelan 01-Apr-03

Don’t overlook the importance of sound policy in your efforts to achieve effective security, says Bob Whelan

full story

Free to roam Tackling WLAN security

by Curtis Franklin 01-Apr-03

When employees of the city of Tallahassee asked for wireless access, finding a secure solution seemed almost impossible, says Curtis Franklin

full story

Trusting the big boys

by Illena Armstrong 01-Apr-03

Illena Armstrong asks if the big IT vendors can re-engineer themselves for security in light of today’s pressing business needs

full story

Keeping IT running

by Illena Armstrong 01-Apr-03

What is most likely to bring your systems down? A minor problem might be as bad as a natural disaster argues Illena Armstrong

full story

Facing disaster in Britain

by Ron Condon 01-Apr-03

Terrorism gave an impetus to DR planning, says Ron Condon, but other factors have kept its importance alive

full story

Where is DR headed?

by Jason Buffington 01-Apr-03

Jason Buffington looks at likely trends in disaster recovery as companies realize that availability is essential

full story

Consultant's View: Oh …that security patch

by Gunter Ollmann 01-Mar-03

They are the bane of administrators’ lives, but Gunter Ollmann contends that patching should be a priority.

full story

Evolving a role in infosecurity

by Illena Armstrong 01-Mar-03

People have different perceptions of a chief security officer role, but Illena Armstrong finds that it is a vital one for business today.

full story

Who runs your security?

by David Foote 01-Mar-03

David Foote asks if businesses have got the right idea when it comes to protecting their valuable IT assets

full story

On your marks: Get set for the next IT hurdle

by Steve Gold 01-Mar-03

Memories of Y2K may have faded, but, says Steve Gold, another challenge could be just around the corner.

full story

Battling for budget: Selling security to CEOs

by Illena Armstrong 01-Mar-03

If security is seen to enhance business goals Illena Armstrong finds that selling it to the boardroom becomes a much easier task.

full story

Battling for budget: Obtaining solid support

by Richard O’Connor 01-Mar-03

Convincing management of infosec needs, says Richard O’Connor, requires amassing plenty of data first

full story

Battling for budget: Security for the pragmatist

by Steve Crawford 01-Mar-03

A workable security solution, says Steve Crawford, should:

full story

Battling for budget: Diverging perspectives

by Ryon Packer 01-Mar-03

You and your boss may disagree if you’re secure, but Ryon Packer argues that you’re measuring it differently

full story

Web services: Useful but dangerous?

by Daniel Murton 01-Feb-03

Web services promise to change the way we build applications but, as Daniel Murton argues, security poses a huge challenge.

full story

Consultant's View: I’m OK, I have a firewall

by Gunter Ollmann 01-Feb-03

Firewalls are not the be-all and end-all of security, says Gunter Ollmann, and they must be managed properly

full story

Vulnerability Testing: Keeping a tight ship

by Illena Armstrong 01-Feb-03

Knowing where your network is vulnerable is half the battle. Illena Armstrong looks at the need for penetration test assessments

full story

Analysts forecast a boost for budgets

by Illena Armstrong 01-Feb-03

How is the economy affecting infosec spending? Illena Armstrong discovers 2003 could see more funds allocated to security.

full story

Danger money: The challenge of risk management

by Richard Starnes 01-Feb-03

There is always a trade-off between security needs and economics. Richard Starnes asks how businesses can strike the right balance.

full story

Shackled by the rules? Unlock the opportunities

by Stuart Vaeth 01-Feb-03

Increasingly, organizations have to comply with privacy legislation. Stuart Vaeth asks whether this is the key to improved security.

full story

Shackled by the rules? Going for the light touch

by Philip Carter 01-Feb-03

Philip Carter argues that disaster recovery and business continuity should not be too tightly regulated

full story

Hackers: Are you inviting them in?

by Illena Armstrong 01-Jan-03

Surely by now, organizations should have erected the strongest barriers to hackers. But, as Illena Armstrong and others point out, many holes remain

full story

Hunting out the rogues

by Gunter Ollmann 01-Jan-03

Some security themes keep re-occurring. Gunter Ollmann warns against one of the most common problems

full story

New tools for the job ahead

by Illena Armstrong 01-Jan-03

What are the technologies to secure IT in 2003? Illena Armstrong asks security experts for their views

full story

Real risk or shadow? The threat of cyberterrorism

by Illena Armstrong 01-Jan-03

Digital attacks often mirror attacks in the real world. Illena Armstrong asks if they are inevitable and how to respond.

full story

United we stand, divided we flounder

by Richard Andrews 01-Jan-03

Both public and private sectors must work together for crisis planning and response says Richard Andrews

full story

Data Complacency

by Humphrey Browning 01-Dec-02

According to a report by Jupiter Research (July 2001 Jupiter Executive Survey), 49.5 per cent of CIOs considered the sensitivity of their company's data as 'low.’

full story

How to Get Boardroom Buy-in on Business Continuity

by Richard Jones 01-Dec-02

For the person responsible for business continuity (BC), getting board-level commitment can be the biggest obstacle to creating a process to manage an ongoing program of business continuity activities.

full story

Securing Online Payments

by Richard Moulds 01-Dec-02

From the early days of the Internet, credit and charge card companies recognized the enormous opportunities presented to them - but they also saw challenges ahead.

full story

Not Everything You Always Wanted to Know About Web Services Security

by Throop Wilder 01-Dec-02

Woody Allen, that famous web services guru and comedian on the side, once described James Joyce as “the most incomprehensible and hence the finest poet of his time.”

full story

Cooperation More Important Than Competition

by Sal Viveros 01-Nov-02

The term ‘blended threats’ has become synonymous with viruses in the last year.

full story

Costs Versus Benefits in Securing Your Applications

by Bob Ayers 01-Nov-02

The current state of application security practice is grim.

full story

Security Tools within the Common Criteria Framework: Part 2

by Fredric Greene and Richard Rabinowitz 01-Nov-02

This is the second part of a two-part article. The first part discussed security tools used to protect data integrity and the related business processes within an organization: (www.scmagazine.com/scmagazine/sc-online/2002/article/48/article.html).

full story

Securing the Last Unprotected Area of the Network

by James Teel 01-Nov-02

Just how secure is your network?

full story

Cyberterrorism: Are We Leaving the Keys Out?

by Kevin Cunningham 01-Nov-02

In a post-Sept. 11 world, the security community is being asked to address a growing list of sobering scenarios that range from the newly plausible to the truly frightening.

full story

Security Tools within the Common Criteria framework

by Fredric Greene and Richard Rabinowitz 01-Oct-02

This is the first part of a two-part article. The second part will discuss specific topics in more detail, including specific system and network security tools such as network port scanners, OS detection, configuration tools and vulnerability assessment.

full story

Securing Image Content in Email

by Paul Rutherford 01-Oct-02

What arrives in our in-boxes these days is becoming progressively richer and fatter. The content includes HTML formatted rich text, hyperlinks and attachments of various types, including Office documents, databases, images, videos, etc. It is now estimated that more than 5 per cent of emails contain images.

full story

Security and Web Services

by Peter Doyle 01-Oct-02

What is in essence a framework for designing, developing and building a new generation of applications around web standards and protocols, web services promises to make it far easier to integrate applications across disparate hardware and software platforms - a constant gripe with existing technology. Backed by all of the major IT vendors (Microsoft, IBM, Sun, Oracle, etc.), web services certainly will not suffer from a lack of effort or exposure, but will it take off and what are the issues?

full story

Don’t Blame the Pigeons

by Throop Wilder 01-Oct-02

It’s the 15th century, and wireless communications are flourishing. The Cardinal, Sir Dickcheney, sensing imminent invasion from the enemy, has instructed his trusted servant Walker (for centuries known only as “W”) to deliver a message to a military outpost on the remote frontiers of the kingdom, 500 miles away. “Prepare to attack.” reads the message. W’s problem: he has to get it there in 24 hours. His only option: wireless. He runs up to the tower where the master pigeon trainer, Rummy, awaits. They exchange a secret password and W hands Rummy the message. Rummy affixes the message to one of the prize pigeons and off it flies.

full story

Application security - the weakest link

by Itay Haber 01-Oct-02

You wouldn't walk into a bank and find money or valuables laid out in plain view and easy to reach.

full story

The Secret of Agents

by Larry Lunetta 01-Sep-02

A generation ago, the world of espionage and counter-intelligence was populated by agents who operated in the shadows of eavesdropping, codes and hollowed-out books to collect and transmit important information.

full story

New Technology Cracks Down on ID Theft?

by Larry Gilbert 01-Sep-02

For the second time in four years, the U.S. General Accounting Office reported identity theft as the fastest growing crime in America, with businesses and consumers losing billions of dollars to identity thieves.

full story

Do Firewalls and IDS Create a False Sense of Internal Security?

by Abishek Chauhan 01-Sep-02

In an effort to boost sales and generate revenue, one U.S. multinational energy company recently embraced the Internet to bolster external communication and internal collaboration.

full story

The Best Free (and Cheap) Security Software Part 1: Hashes and Encryption

by Ric Steinberger 01-Sep-02

This is the first article in a series that will look at some of the best free (and cheap) security software.

full story

Aircracked!

by Throop Wilder 01-Sep-02

It may not be illegal.

full story

The Six Honest Men of Business Continuity Planning

by Keith Tilley 01-Aug-02

"I keep six honest serving men (They taught me all I knew); Their names are What and Why and When And How and Where and Who" (Rudyard Kipling, from ‘The Elephant’s Child’ in Just So Stories).

full story

Scalable Encryption Solutions for Today’s Environment

by David Cullinane 01-Aug-02

The scope and character of today’s computing environment is changing dramatically.

full story

A Next-Generation DoS Attack: ‘Distributed Reflection’

by Rodney Denno 01-Aug-02

Denial-of-service (DoS) attacks just got worse - and easier! DoS is actually a grab bag of a great many techniques (such as worms and SYN flooding), all with the objective of denying legitimate clients access to services running on Internet based servers.

full story

Cyberliability: Turning the Spotlight to Internal IT Security

by Paul Rutherford 01-Aug-02

Is your company data an asset or a threat?

full story

What to Look for in a Web Application Protection System

by Abishek Chauhan 01-Jul-02

The number of technology pundits decrying the state of Internet security has reached an unbearable level.

full story

The Threat of Internet Worms

by Yona Hollander 01-Jul-02

2001 was without any doubt the year of vulnerabilities.

full story

Smashing The Millstone

by Lisa Dargan 01-Jul-02

Information security has risen dramatically on corporate agendas since this time last year, fuelled by a combination of the terrorist activities of September 2001, the growing sophistication of malicious online attacks on businesses, and the increasing realization that unbroken network surveillance, instant intrusion detection and immediate response strategies are boardroom responsibilities.

full story

Companies Look to Long-Time Networkers to Combat Cyberthreats

by Robert Blakley 01-Jul-02

While it makes perfect sense that the United States FBI needs a comprehensive security strategy, many companies and organizations initially did not see the need for securing their intellectual assets.

full story

Would You Please Swear in the Chief Security Officer?

by Michael P. Flaherty 01-Jun-02

As defense counsel to a corporation or as the chief security officer, hearing such words should send immeasurable fear through the hearts of each participant at any time you are sworn in.

full story

What’s In a Name?

by Sarah Gordon 01-Jun-02

In this article, issues of virus naming as they impact users will be discussed, and some of the ways that naming might affect the reviewing of products will be examined.

full story

PKI Policy in the Business Environment

by John T. Sabo and Yuriy A. Dzambasow 01-Jun-02

In the traditional world, the individual moves through differing process and policy environments in which varying policies govern their interactions with others.

full story

Perimeter Defense Model for Security

by Adam Lipson 01-Jun-02

There has to be a better way!

full story

From Business Policy to Network Policy

by Steve House and Frank Cabri 01-Jun-02

At the core of decisions about Internet access, monitoring and content filtering are business policies that specify where, when and how users will access web content.

full story

Application-Level Defense: The Email Battlefield

by Jay Chaudhry 01-May-02

The security wars continue.

full story

Hacker Repellent: Deterring Hackers on a Shoestring Budget

by Amit Klein 01-May-02

Today, hackers scan and probe sites of all sizes to find those most vulnerable to e-shoplifting, data theft or portals to access broader attacks.

full story

Signature-Based or Anomaly-Based Intrusion Detection: The Practice and Pitfalls

by Arnt Brox 01-May-02

Intrusion detection has become big business on the Internet and, to be honest, it's not surprising.

full story

Using File Hashes to Reduce Forensic Analysis

by Dan Mares 01-May-02

The "hashkeeper" paradigm or model was first introduced a number of years ago by Brian Deering of the National Drug Intelligence Center (www.hashkeeper.org).

full story

Untangling Security Issues to Enable Web-based Email Access

by Joseph Steinberg 01-May-02

Today's users consider email a major component of their business and personal communications, and demand the convenience of email access from any location at any time.

full story

Buffer Overflow Vulnerabilities, a Challenge for Everyone

by Carlos Ardanza 01-Apr-02

In May 1998, Panda Software published a press release in which I made my first public statement.

full story

Maximizing Network Performance with Quality-of-Service Solutions

by Neil Gehani 01-Apr-02

Today's content-heavy networks are transmitting richer, more critical data - and as a result, more and more enterprises are demanding quality-of-service (QoS) agreements for a higher level of network service, one that assures reliable delivery of content along with consistent availability of bandwidth.

full story

A Practical and Realistic Approach for Testing the Performance of Firewalls: What Your Security Vendors Don't Want You to Know

by Johnson Wu, Philip Joung, John Kenney 01-Apr-02

While Internet security has always been important, only recently has it emerged as an important issue for almost all who use the Internet.

full story

Simplifying Network Security

by Dan MacDonald 01-Apr-02

Network security can be complex.

full story

Web Site Availability

by Ian Emery 01-Apr-02

Best practice (ISO 17799) advocates the development of information security policies to ensure the confidentiality, integrity and availability of information.

full story

Distributed Denial-of-Service Attacks - Hacker Tools of the Trade

by Paul Lawrence 01-Mar-02

The denial-of-service (DoS) attack is a common, recurring problem in networking, and recently, more and more companies are being caught out because of holes in their security infrastructure.

full story

Digital Signatures: What Can Businesses and Consumers Expect?

by Rett Summerville 01-Mar-02

Laws giving digital signatures legal legitimacy have been enacted around the world.

full story

e-Security Threats aren't Just the Enemy of the Corporate

by Ralph Shaw 01-Mar-02

They may not have as many employees, generate the same size revenues or have the million-plus customer base of the large enterprises, but when it comes to Internet security, small and medium-sized businesses (SMEs) face exactly the same risks as larger organizations when they incorporate e-business and e-commerce into their traditional business models.

full story

Information Security on The Internet

by Jason B. Lee 01-Mar-02

In the aftermath of the September 11 terrorist events in the United States, the fear that malevolent hackers and other criminal perpetrators might unleash a cyberattack on the Internet is becoming an increasing concern.

full story

The Politics of Vulnerabilities

by Scott S. Blake 01-Mar-02

In the last few months, debate over the ethics of disclosing details of vulnerabilities has been rekindled.

full story

Ensure Your Pocket Time-Bomb Doesn't Blow Up In Your Face!

by Magnus Ahlberg 01-Feb-02

Companies are under more pressure than ever before to ensure that when it comes to protecting their lifeblood - their critical corporate data - no protection can be too much.

full story

Fingerprint Authentication: Shifting the Electronic Security Paradigm

by S. K. Ganapathi 01-Feb-02

Interest in security is at an all-time high. How can we best secure our possessions, our information, even ourselves?

full story

Microsoft XP - Solving Security Concerns or Still a Liability?

by Paul Barker 01-Feb-02

Microsoft's Windows XP operating system has arrived amid a multi-million dollar worldwide marketing fanfare the like of which we rarely see.

full story

The Next Virus

by Jaime Borrego 01-Feb-02

Various iterations of the Nimda virus have slowed its propagation around the world after causing havoc on resource-constrained IT organizations.

full story

Optical Network Security Demands a New Performance Threshold

by Peder Jungck 01-Feb-02

The events of September 11 have made security a national priority in the USA.

full story

The Most Commonly Overlooked Security Holes

by Todd Lawson 01-Jan-02

Historically, corporations and solution providers have taken a medieval, provincial approach to keeping data secure.

full story

A Network Security Checklist

by Mark Epstein 01-Jan-02

Due to the abundance of Internet security attacks, the news over the past year has been flooded with warnings and reports of numerous network vulnerabilities.

full story

Software Compliance: A Helping Hand in an Economic Downturn

by Richard Willmott 01-Jan-02

By now, it's obvious that the economy and the technology sector in particular, are in the midst of a significant downturn. But hand-wringing over ever-dropping stock prices, new rounds of lay-offs and lowered earnings do not constitute a strategy.

full story

Evaluating the Security Risk Between Business-to-Business and Business-to-Consumer

by John Bernardi 01-Jan-02

Today's security measures are not keeping up with today's security risks.

full story

Designing and Deploying Effective Defenses Against Denial-of-Service Attacks

by Vince Liu 01-Jan-02

full story