Get up-to-the-minute news and opinions, plus access to a wide assortment of IT security resources that will keep you current and informed.

Keep me logged in Forgot your password?

Please wait...

Please wait...

Features

Paying dividends: Financial Services Roundtable

December 01, 2011

While the financial services industry traditionally has been quicker to embrace cybersecurity than other verticals, the challenges it faces, like meeting compliance and deterring fraud, never let up.
 
Features

Cutting the red tape: SC Roundtable

October 03, 2011

As agencies are forced to do more with less, government security pros at a recent SC Magazine Roundtable discussion said they are being challenged to fight emerging threats and secure new technologies.
 
Features

Ashwin Altekar security risk manager, Heartland Payment Systems

May 12, 2011

Ashwin Altekar, security risk manager at Heartland Payment Systems, says he must first understand the level of risk that technologies create for customers, and then implement controls that manage that risk so it is invisible to customers.
 
Features

Me and my job: Fares Alraie of Royal Bank of Canada

Fares Alraie software security specialist, Royal Bank of Canada March 01, 2011

Development teams often ignore application security requirements in order to meet all their hard-pressed deadlines and requirements, says Fares Alraie software security specialist at the Royal Bank of Canada.
 
Features

Me and My Job: Steven Jones, Synovus Financial Corp.

Steven Jones, director, information security, VP, Synovus Financial Corp. January 03, 2011

A monthly Q&A with an IT security professional.
 
Features

Law enforcement of cybercrime: Bringing justice

November 01, 2010

Gary Warner of the University of Alabama at Birmingham wants to pursue small-time cybercriminals through a new partnership teaming university researchers and local and state authorities.
 
Features

Reducing compliance workloads

Jerry Archer, SVP & CSO, Sallie Mae November 01, 2010

Security is not compliance, and compliance is not security.
 
Features

Financial vertical: An economic dissection

October 01, 2010

As more regulators scrutinize the business practices of financial services companies, IT security pros must advance their data processes and safeguards, reports Illena Armstrong.
 
Features

SC Magazine Financial Roundtable: Across the board

April 01, 2010

During an SC Magazine Financial Services Roundtable, leading information security pros discussed how they are refining IT security tactics, and more, reports Illena Armstrong.
 
Finance

In the vault

Jean Thilmany December 22, 2008

When it comes to protecting financial info, IT security professionals can never rest on their laurels, reports Jean Thilmany.
 
Features

IT-GRC: Agiliance

December 03, 2008

And so we reach the end of this year's batch of innovators. But, as we look at this subcategory, we find that it wraps the whole shebang into a neat package, defining what needs to be done to secure the enterprise (and prove it) and why.
 
Features

Policy management: LanDesk (Avocent)

December 03, 2008

All of us old-timers remember LanDesk from its days as part of Intel. It always was a solid suite of products. Now that it is part of Avocent, its promise as a hybrid of network and security policy management is being realized. The notion of managing the desktop and evolving that into security policy management makes a lot of sense.
 
Features

Content management: Finjan

December 03, 2008

The views of the visionary I spoke with from this veteran anti-malware company took the conversation in directions I had not expected. He started out by asking, "Why, if I have done everything I can to secure my enterprise, is my data still being compromised?"
 
Features

Data leakage/extrusion prevention: Trend Micro

December 03, 2008

I don't recall the first time I heard the term "extrusion prevention system." It was, I think, an effort on the part of some marketer to tie the notion of preventing data from unauthorized exit (extrusion) from the enterprise to the notion of unauthorized entry (intrusion). Very clever.
 
Features

Encryption: PGP

December 03, 2008

No matter how much things change, they stay the same. As I have pointed out, there have been massive changes in security drivers over the past 12 months. The changes have generated a new set of challenges, but, even though our encryption innovator has done a first-rate job of addressing them over the past year, the new issues are generating a sort of déjà vu picture of the encryption market.
 
Features

Email security: Tumbleweed Communications (Axway)

December 03, 2008

The big question I had for Tumbleweed was, "What is email security?" Over the past two years, as we have passed products through SC Labs, I have noticed that the vendor public relations folks who we talk to seem to have a hard time differentiating between the many aspects of threats associated with email.
 
Features

Wireless Security: AirMagnet

December 03, 2008

Wireless, is it? Everything is going wireless - well almost everything. That, in itself, poses a challenge for a wireless security company, such as this innovator. It also offers big opportunities and AirMagnet has identified and addressed them.
 
Features

IPS: Top Layer Security

December 03, 2008

If you thought the UTM market was crowded, take a look at the intrusion prevention systems (IPS) market. We bluntly asked our innovator in this product space why they thought that they were innovators in such a commoditized market. The answer was immediate and unambiguous: "When a product category becomes mainstream, there are big opportunities, but you must innovate to take advantage of them."
 
Features

UTM: Global DataGuard

December 03, 2008

Sometimes a different approach is needed. The notion of the UTM was developed from the need to consolidate point solutions. There are a lot of problems, of course. They cost more to buy and manage, they use more power and they need a sophisticated staff to manage them.
 
Features

Forensic tools: Mandiant

December 03, 2008

Sometimes you run across a company that just deserves to be selected as an innova­tor. You look them over and won­der why you didn't pick up on them before. Mandiant is one of those companies. There is a reason, of course. Mandiant started as a services company providing forensics, litigation support and incident response. So if you were in the product purchasing mood, you would not have run across these folks.
 
Features

SIEM: ArcSight

December 03, 2008

ArcSight gets a lot of play among security experts in the security event management (SEM)/security information manager (SIM) game.
 
Features

Threat analysis: NitroSecurity

December 03, 2008

How do you differentiate a product that keeps getting mixed up with a commod­itized market, but really doesn't belong there? What differentiators do you look for that can keep you from being included in a herd where you don't belong?
 
Features

Penetration testing: Core Security

December 03, 2008

I just love these folks. Take the best open source pen testing tool you can think of, put it on steroids, give it a user interface that makes it simple and fast to pen test in a production environ­ment without losing the granularity of manual testing if you need it, and you have Core Impact. Well, almost. Every year I say that I am going to find a better tool, and I actually do comb the market -- unsuccessfully.
 
Features

Vulnerability analysis: Mu Dynamics

December 03, 2008

When your price starts at $50,000 and you are unique in your marketplace, you'd better have a good product. For Mu Dynamics, that is just where the story starts. When I first met the Mu folks, they were Mu Security. A new name later, they still are the innovators they were a couple of years ago. My conversation with a Mu visionary was an eye-opener.
 
Features

Access magagement: AppGate Network Security

December 02, 2008

This Swedish company will, I predict, set the benchmark here in the United States for how access to applications should be controlled. AppGate has helped shape the direction of network infrastructure security in Europe for some years, and now this innovator is bringing its unique thoughts to the States.
 
Features

Multifactor authentication:TriCipher

December 02, 2008

What sets these guys apart from the multifactor herd? In a word, vision. From the start, TriCipher has had the vision of evolving into a full identity management provider. That is a pretty heady ambition for a developer of multifactor authentication tools. So how does this innovator plan to make the trip from providing a piece of the puzzle to offering the whole thing, already assembled, framed and hung on the wall?
 
Features

Identity management: Fischer International

December 02, 2008

Start with the recognition that identity management is just too hard to do, cre­ate a solution for that problem and then morph it into a successful service and you have the recipe for a real innovator.
 
Features

Credential management: Passlogix

December 02, 2008

Here is another vendor that we see a lot of in our labs. Passlogix knows who it is and concentrates on doing what it does as well as it can be done. And what they do is credential management.
 
Features

NAC: Bradford Networks

December 02, 2008

Bradford Networks is no stranger to these pages. An innovator from last year, Bradford has been reviewed a num­ber of times over the years, always doing well. This year we asked them how well their crystal ball last year worked as 2008 unfolded.
 
Features

Bank on it: An end to anti-virus

November 17, 2008

A bank replaced its anti-virus when it found it could more effectively guard its systems with anti-malware, reports Greg Masters.
 
Features

Into the breach

September 26, 2008

The inaugural SC World Congress takes place December 9-10 in New York City's Javits Convention Center.
 
Features

A more secure union

July 01, 2008

Integrating the networking and IT security staffs delivers operational benefits, but comes with challenges, reports Jim Carr.
 
Finance

Responding to a financial security breach

Inno Eroraha, president, NetSecurity Corp. May 14, 2008

Financial institutions should be prepared to deal with security incidents involving physical facilities, network infrastructures, systems, applications, and most importantly, data, says Inno Eroraha, president of NetSecurity Corporation.
 
Finance

Global security challenges

James Ritchie, former principal auditor, Integralis April 02, 2008

Global companies face a significant cultural and legal challenge when dealing with security across international borders, says James Ritchie, former principal auditor, Integralis.
 
Finance

First party fraud

Jasbir Anand, Actimize, Inc. April 01, 2008

As long as there has been credit granting there have been customers committing first party fraud, says Jasbir Anand, Actimize, Inc.
 
Finance

Easing PCI Compliance

David Miner, senior director financial services industry solutions, Symantec Corp. March 24, 2008

A growing number of organizations in the retail and financial services industries are recognizing the benefits of implementing and adhering to the Payment Card Industry Data Security Standard (PCI DSS).
 
Features

Changing a mindset: Audits are no longer one-off events

Bryan Cote, senior product manager, Ecora March 10, 2008

Not long ago, audits were a sporadic occurrence for an IT department. While most regulatory mandates included sections that addressed IT controls, these sections were not the initial focus of auditors, so they were largely ignored. In today's security environment, it no longer makes sense to think of each of these audits as a one-off event.
 
Finance

Data Security and Outsourcing: Oxymoron?

Prat Moghe, founder/CTO, Tizor Systems March 04, 2008

Business process outsourcing (BPO) is a common practice these days, but the benefits of BPO also come with an increase in risk. This requires a new way of looking at data security — as an "inside-out" threat environment - that is, from the data core out and as a problem of insiders that needs to be monitored. Here is a primer for dealing with the security challenges posed by BPO.
 
Features

Encryption: Why now?

Phil Dunkelberger, president and CEO, PGP Corporation February 26, 2008

Tools to encrypt sensitive data have been with us at least since the reign of Julius Caesar, who used a simple letter-shifting code to communicate with his generals. Encryption now is on the front lines of the war on data theft, tipping the battle in favor of the "good guys."
 
Features

New meaning for ROI: "Risk of Insiders"

Chris Sullivan, vice president of customer solutions, Courion February 20, 2008

High-profile data breaches and compliance incidents - such as the recent rogue trading scandal at Societe Generale in France - have given a second meaning to ROI: "Risk of Insiders."
 
Features

Learning applications: Revolutionizing data loss prevention

Joel Christner, director, product management, Reconnex Corp. February 07, 2008

Learning applications that add a layer of multi-dimensional intelligence to DLP can identify what high-business-impact data is, who is using it, who should get it, and how it should go to them.
 
Features

Scraping: Data theft is scaling up

Ofer Shezaf, vice president of security research, Breach Security February 04, 2008

Data-theft attacks against web applications have expanded in scope—from attempts to extract credit card information from e-commerce sites to scraping entire libraries of valuable information from subscription-based sites.
 
Features

Vulnerability management: weathering the storm

February 01, 2008

John Penrod, CISO of The Weather Channel, discusses how the IT pro can manage business risk.
 
Features

Portable device security: mobile madness

February 01, 2008

As the experience of one insurance broker proves, securing mobile devices requires a two-pronged approach.
 
Features

Data theft: the in crowd

February 01, 2008

Contracted third parties and other insiders create a bevy of risks for companies looking to secure data.
 
Features

Compliance: PCI's growing pains

February 01, 2008

Some retailers are slow to embrace the new objectives required by the payment card industry.
 
Features

Firmware: hacking the chip

February 01, 2008

Attacks on the firmware that sits within computers and enterprise networks is closer than you think.
 
Features

Two-factor authentication: ask the right questions

February 01, 2008

Are multifactor solutions enough to protect today's financial customers?
 
Features

Survey 2008: Guarding against a data breach

January 31, 2008

Information security pros are increasingly confronted by cybercriminals trawling their corporate networks for customers' private data. More than 80 percent of the respondants to the SC Magazine/MXI Security survey say guarding against data breaches is the focus of current security initiatives, reports SC Magazine Editor-In-Chief Illena Armstrong.
 
Features

Survey: 80 percent of financial security chiefs rely on FTP transfers despite data breaches

William McKinney, Global product marketing director, Sterling Commerce January 08, 2008

A recent survey of 100 IT managers and CIOs from the financial services, health care, retail, manufacturing and government business sectors shows that despite a torrent of bad press on data-security breaches involving FTP (file-transfer protocol), its use is prevalent and growing.
 
Features

Product section: Managing access - first line of enterprise defense

January 01, 2008

Welcome to the first Group Test reviews of 2008. Appropriately, we start this year with two important groups: identity management and multifactor authentication products
 
Features

Look ahead: Search for pioneers

December 01, 2007

On the hunt for more innovative solutions to holistically safeguard organizations' growing networks, Peter Stephenson pinpoints the product categories and solutions you might consider next year.
 
Features

IT Security Reboot 2007

December 01, 2007

The end of yet another year sees in this final 2007 edition of SC Magazine our annual roundup of top thinkers, interesting happenings, business developments and criminal acts.
 
Features

Roundup 2007: The year's top fives

December 01, 2007

The top cybersecurity events of the year.
 
Features

Roundup 2007: Gazing into the crystal ball

December 01, 2007

We handed out crystal balls to several analysts, consultants, professors and CSOs and asked them to answer questions about next year.
 
2006 Awards

Product section: Our 2007 industry innovators

December 01, 2007

This is a very special issue to me and the team at SC Labs because it is based on a year of seeing the good and the not so good. We actually saw almost no bad products, so it was a pretty good year overall. It is special for you because it helps answer the question, "If we are going to buy security tools in the next 12 to 18 months, what should we be looking at?"
 
Features

In the driver's seat: the integration of enterprise security and networking operations

October 01, 2007

Preston Wood is one CISO on top of the integration of enterprise security and networking operations, says Jim Carr.
 
Features

The polls are open - cast your ballot for the 2008 SC Magazine Awards

October 01, 2007

Nominations are now open for the 2008 SC Magazine Awards, so cast your ballot in any of 20 Reader Trust categories.
 
Features

Product section: Meeting the challenge of managing access

October 01, 2007

Access control is the order of the day for this issue. All of our reviews focus on aspects of access control and management. This, of course, is a key aspect of enforcing the security of the enterprise. We address the topic with two First Looks and two Group Test reviews.
 
Features

Debt Exchange improves security with scanning service

August 07, 2007

The reality of the security market has brought new demands for any business dealing with large financial institutions. No matter how large or small, or whether public or private, if a partner is handling bank information theyll be subject to the same measure of security as their customers.
 
Features

Special section: IT security and the financial vertical

August 01, 2007

In this special section, we look at how the IT security industry works to protect banks and financial institutions and keeps up with the rise of online transactions.
 
Features

FFIEC guidelines mandate financial services security upgrades

August 01, 2007

What began as a frantic effort to meet federally mandated personal authentication guidelines for online banking has morphed into a drive to boost the bottom line for a large number of financial services companies.
 
Features

The financial vertical: Five ways to protect data and IP

Rhonda MacLean, CEO of MacLean Risk Partners, LLC August 01, 2007

Recent headlines illustrate that data breaches continue to occur across all industries. The Privacy Rights Clearinghouse reports that more than 155 million records including sensitive information have been involved in security breaches to date.
 
Features

The financial vertical: How institutions protect data - from unaware employees and outsiders

August 01, 2007

Banks and financial institutions are targets not only because, in the words of bank-robber Willy Sutton, thats where the money is, but because they are also depositories of vast amounts of data, worth perhaps even more than gold to interested parties.
 
Features

Robust web application security builds trust for DTCC

August 01, 2007

Like many businesses, Depository Trust and Clearing Corporation (DTCC) depends on its application developers to drive value for its organization. As the primary clearing agency in the United States responsible for clearing and settling securities transactions for a wide range of exchanges — including equities, corporate and municipal bonds, and government and mortgage-backed securities — DTCC handles approximately $5.5 trillion in transactions a day through its systems. These transactions are primarily routed through hundreds of applications built in-house.
 
News

News briefs

August 01, 2007

Harry hack A hacker named Gabriel claimed to have breached the networks of the UKs Bloomsbury Publishing, uncovering the ending of Harry Potter and the Deathly Hallows prior to its release. Experts contended that the claim, posted on hacker websites, was likely a sham, saying that if accurate more evidence would otherwise have been offered.
 
News

Company news

August 01, 2007

Here is an update from the IT security industrys boardrooms.
 
Features

Law and order: A national computer forensic center takes shape

July 01, 2007

By blood-and-guts standards, Cary, N.C. is as safe a suburb as there is in the nation. The 121,000-person bedroom community regularly ranks near the statistical bottom of all the major crime categories, including murders, aggravated assaults and robberies.
 
Features

The SC Magazine Awards - be great in 08

July 01, 2007

Just a week after taking home the Rookie Security Company of the Year prize at the 2007 SC Magazine Awards Gala, The 41st Parameter landed an unexpected meeting with an industry heavyweight. Ori Eisen, founder and chief innovation officer at the Scottsdale, Ariz.-based anti-fraud firm, says executives from Oracle who attended the annual awards ceremony were impressed with The 41st Parameter and wanted to learn more about the company after seeing it win.
 
News

News briefs

July 01, 2007

Campus exploit Hackers exploited an unpatched flaw and a disabled firewall to infiltrate a server at the University of Colorado, Boulder, compromising the personal information of nearly 45,000 students. Attackers exploited a flaw in Symantecs Norton AntiVirus to launch a worm into the server of the College of Arts and Sciences Academic Advising Center, making off with student info.
 
News

Company news

July 01, 2007

Here are the latest happenings from the boardrooms of the IT security world.
 
Opinions

Me and my job

Susan Bradley, CPA and network administrator, Tamiyasu, Smith, Horn and Braun Accountancy Corp. June 01, 2007

How do you explain your job to non-technical people?I'd say that I'm the person where the "buck stops here." My semi-official role is to be risk mitigator of a network that contains sensitive information. In that role I try to also influence my industry and peers to do a better job. In the past, I've been chair of the Technology Committee of the California CPA Society, and used my time to educate fellow certified public accountants on the risk of running systems with full administrative rights. I set up the website threatcode.com to help educate fellow technical CPAs and assist in getting vendors to change their ways.
 
Features

Educating the masses for IT security

June 01, 2007

Never mind the Fourth of July, New Year's Eve or even his birthday. The occasion George Dolicker celebrated most merrily last year was International Computer Security Day. After all, the 19-year-old annual event marked the day that Dolicker, chief information security officer of computer maker Lenovo, unveiled the company's first home-grown information security program, complete with a comprehensive user education component.
 
News

News briefs

June 01, 2007

Fed breach lawA federal ID theft task force backed a breach notification law on government use of personal information. The President's Identity Task Force, co-chaired by Federal Trade Commission Chairwoman Deborah Platt Majoras and Attorney General Alberto Gonzales, urged lawmakers to educate customers, as well as back a federal ID-theft law.
 
News

The cost of e-gold falling

June 01, 2007

If you felt the floor shake after the feds helped indict the owners of e-gold on money laundering charges, it might be attributable to an underground fraudster community in panic mode.
 
Opinions

Strengthen the PCI Data Security Standard

Seana Pitt, chairperson, PCI Security Standards Council June 01, 2007

Recently, there has been a lot of focus in the financial, security and merchant world on a few high-profile breaches of data security. The TJX breach alone has evolved to become the largest data breach ever, affecting 46 million credit card holders, and multiple brands in different geographic regions. There are a lot of lessons to be learned.
 
News

Company news

May 07, 2007

The Internet Security Alliance, a nonprofit forum for information sharing, has appointed Larry Clinton president. Since 2002, Clinton had served as deputy executive director and COO of the alliance. Prior to joining the group, he was vice president at the U.S. Telecom Association.
 
News

News briefs

May 01, 2007

A vulnerability on the website of former New York City Mayor Rudy Giuliani could have allowed SQL injection attacks and expose confidential information. Meanwhile, the MySpace page of U.S. Sen. John McCain, R-Ariz., was altered by Mike Davidson, who was upset the campaign had used his design templates and imagery without permission.
 
News

News briefs

April 11, 2007

Here is a roundup of the latest IT security news included in April's SC Magazine:
 
Features

Money matters: SC Magazine/EC-Council Salary Survey 2007

April 01, 2007

The heyday of massive salaries, extravagant raises and unrestrained bonuses that this industry experienced at the start of the 21st century has long since passed by the information security professional.
 
Features

Cooperation among departments key to organizational security

April 01, 2007

As Oracle's Wynn White strolled the floor during this year's RSA Conference, he noticed something odd: No longer was he only surrounded by techies, researchers, product salespeople and security pros.
 
News

Company news

April 01, 2007

Here are the latest corporate happenings in the IT security industry:
 
News

Company news

March 01, 2007

Here are the latest happenings in IT securitys boardrooms.
 
News

News briefs

March 01, 2007

Another buySymantec announced its intention to acquire enterprise management software provider Altiris in an $830 million deal. The purchase, intended to better Symantec's standing in the endpoint-management market, came as Symantec representatives said that endpoint security and management markets were converging.
 
Opinions

Got something to say?

March 01, 2007

Send your comments, praise or criticisms to scfeedbackUS@haymarketmedia.com. We reserve the right to edit letters.
 
Features

Organizations turn to new techniques to fight financially motivated attacks

February 01, 2007

When the University of California, Los Angeles (UCLA) recently announced that hackers had compromised a database of more than 800,000 people associated with the university, perhaps one of the most shocking aspects of the event was how long the bad guys had gone undetected. The hackers accessed information for over a year before security personnel at UCLA suspected any malfeasance.
 
Features

What does a new Democratic Congress mean for information security?

Frank Washkuch Jr. February 01, 2007

The new Speaker of the House Nancy Pelosi represents a district not far from Silicon Valley. Freshly minted Chairman of the House Financial Services Committee Barney Frank says past legislation doesn't go far enough to protect consumer data. And Senate Majority Leader Harry Reid is himself a victim of identity theft.
 
Features

Special report: IT security and health care

February 01, 2007

HIPAA was introduced 10 years ago. In this special section, we look at the effects of the controversial legislation has had on the IT security industry.
 
Features

Health care: Where are the penalties for failing to comply with HIPAA?

February 01, 2007

Ten years after its ratification, there's little doubt that the Health Information Portability and Accountability Act (HIPAA) has provided a strong framework for protecting patients' sensitive medical information against data security threats. What's just as certain, however, is the dramatic way in which HIPAA has changed the lives of the IT professionals in health care organizations charged with implementing the technology supporting the federal legislation.
 
Features

Fast growing threats

January 01, 2007

If you think what you don't know won't hurt you, then you probably shouldn't be running a website. With literally hundreds of hidden security-related vulnerabilities showing up in web applications weekly, it's not really a matter of if but when someone finds an unknown flaw in your site and exploits it.
 
Features

Encryption a perfect response to the Year of the Breach

Phillip M. Dunkelberger, president and CEO, PGP Corporation December 27, 2006

2006 will be recorded as the year that security breaches reached the consciousness and awareness of the mainstream consumer. Breaches are certainly not a new phenomena, especially to security professionals. Although events in 2005 all made the headlines, such as the ChoicePoint identification theft that affected 163,000 records, the stolen laptop at the University of California, Berkeley, with more than 98,000 records, and the Boeing stolen laptop with Social Security numbers and bank account information of 161,000 people, the data breach incidents in 2006 occurred at an astounding, costly rate and gained much more media attention.
 
News

IT security reboot 2006: The year's top news

December 14, 2006

As part of SC Magazine's year-end roundup, the U.S. editorial team compiled lists of the most memorable - and sometimes most outrageous - news to cross your screen this year.
 
News

Roundup 2006: Taking it to the bank

December 14, 2006

Banks usually tout putting money away for rainy days. They may encourage savvy budgeting so that times ahead can be comfortable. Insurance companies promote planning ahead, while lenders suggest ways of repaying loans in a timely fashion.
 
News

2 minutes on...New focus on e-discovery

December 13, 2006

The new amendments to the Federal Rules of Civil Procedure, which took effect Dec. 1, govern the role of electronic discovery in cases of civil litigation.
 
Features

Laptop theft, data exposure the result of poor mobile security management

Peter Larsson, CEO, PointSec Mobile Technologies November 22, 2006

Hearing news about yet another lost or stolen laptop and exposure of personal information is almost like having seen too many horror flicks. Shock has shifted to disbelief - plus numb outrage at the apparent inability of corporations and government to protect our private personal data.
 
Features

No time for declarations of victory over compliance deadlines

Arthur W. Coviello, executive vice president, EMC, and president, RSA November 22, 2006

Financial institutions that meet the FFIEC's year-end compliance guidance for stronger customer data and transaction protection will be wise not to declare victory. This is not Y2K and there are no permanent one-time fixes. Fraud is not going away: it morphs, and it will exist as long as customers have money that can be stolen with little risk of apprehension and prosecution.
 
News

News briefs

November 14, 2006

Shake-up at McAfee An internal McAfee probe spurred by Securities and Exchange Commission inquiries has led to a shake-up at the security giant. George Samenuk retired as chairman and CEO, while Kevin Weiss was fired. Board of Director Dale Fuller took over as interim president and CEO, while Charles Robel, another board member, was named chairman. A special committee's investigation determined insiders were participating in a questionable stock options practice known as backdating. News of the departures led some analysts to conclude that McAfee is ripe for acquisition. Fuller said: "All options are on the table."
 
News

Protecting customer information

Barak Engel, principal, Engel & Associates November 13, 2006

Everyone knows that losing customers impacts the bottom line, whatever the cause may be. However, losing customers to security breaches and mistrust can be devastating. Consider the following research from Ponemon Institute. Nearly 58 percent of respondents to a national survey of more than 1,000 victims of personal data security breaches said a breach had decreased their sense of trust and confidence in the organization reporting the incident. More than 70 percent of respondents said that two data breaches in the same company would be sufficient grounds for them to take their business elsewhere.
 
Features

Mobile security dialing up investment dollars

Deborah Magid, director of software strategy for IBM's Venture Capital Group October 24, 2006

The mobile, wireless world in which we now live has created a shift in the focus of venture capital investments in security technology. Today's investors tend to target technology that directly protects people and information, a marked change from a few years ago when the focus was the protection of corporate computer systems as a whole.
 
News

Debate

Marne E. Gordan, director of regulatory affairs, Cybertrust, and Kristin Gallina Lovejoy, CTO, Consul risk management October 17, 2006

Should federal agencies be held to the same standards as the private sector?
 
Popular Topics
4G-war Advanced Persistent Threat Adware AMTSO Anonymous Botnets Cyber Attacks Cyber Crime Data Breach Data Breaches Encryption Hackers Hacktivism Health Care IT Security Java Malware Mobile Devices Phishing Risk Management Social Security Numbers Stolen Information Survey Trojans Vulnerabilities & Flaws