RSS Alerts
Home
The Magazine
Alternative Editions
Related Publications
Magazine Subscription
Advertising
Contacts
Links
E-Newsletter
Sign-Up
Latest Issue
Virtual Conference
Podcasts/ Newscasts
Webinars
Downloads/ White Papers
Blog
News
Application Security
Biometrics
Business Continuity and Disaster Recovery
Cloud Computing
Compliance and Policy
Data Loss
Encryption
Identity and Access Management
Internet and Network Security
IT Forensics
Malware and Hardware Security
Public Sector
Security Training and Education
Wireless and Mobile Security
Events & Training
Latest News
Discover, Heartland come to terms over data breach claims
Heartland Payment Systems has closed the book on card brand-related lawsuits resulting from a 2008 system breach by agreeing to a $5 million settlement with Discover.
Misconfigured networks open door to hackers
Research just released shows that IT security professionals think that a badly configured network is the main cause of network breaches.
India delays BlackBerry ban after forum announcement
India has delayed a threatened ban on BlackBerry services for 60 days to extend talks on giving security services access to users' emails and instant messages.
ISACA unveils new audit programs
The non-profit society for IT professionals has taken the wraps off four new audit programs for cloud computing, crisis management, information security management, and Active Directory management.
Is ArcSight the next security-related acquisition target?
A recent report from the Wall Street Journal says that ArcSight may be in the cross-hairs of some large software/hardware vendors looking to spend some of that pent up cash on its security software portfolio.
view more
Podcasts
The True Task of the New Federal Cyber Czar
Danny Bradbury, Infosecurity's Bureau-Chief, participates in this discussion on the task of the new Federal cyber czar
view more
Webinars
Networking Data Archiving – it’s a whole new data retention ballgame
Organizations around the world are using social networking to better their customer relationships (Facebook), prospect for new business (LinkedIn) and promote their events (Twitter) but what about the archiving and retention of these business communications? You don’t archive? So why bother archiving your email? It’s all about legal and regulatory issues. And then there’s the problem of litigation.
Social Networking: Roadblocks, Risks, Rewards
Facebook and Twitter usage in the workplace is going through the roof, causing major security headaches at all levels, both inside and outside the boardroom. The security issues that Web 2.0 services create are far from simple - managers need to understand not just the IT risks of data leakage, malware propagation, but also the compliance and legislative requirements.
How email archiving ‘in-the-cloud’ can benefit your organisation: The evolution of the archiving market
Email use has exploded and is now the primary means of communication for organisations. Vital documents and information are passed to and from employees and the current regulatory environment means that this content needs to be archived.
Solving the PCI Security Puzzle: Putting the Access Control, Privilege Management, and Server Protection Pieces Together
Complying with PCI regulations in heterogeneous environments can be a complex and costly initiative. Leveraging your existing IT infrastructure offers a simpler and cost-effective way to address the sections of the Payment Card Industry’s Data Security Standard (PCI DSS) that matter most to IT managers – and without sacrificing manageability and productivity. Join our panel of experts for an informative webinar to learn how you can address the regulatory requirements of the PCI standards by linking all your access rights, privileges, and audit logs into a single, definitive Active Directory identity.
view more
Blogs
PCI, AV and a life vest
Posted by
Geoff Webb
• 25 August 2010
A good friend of mine over at NetIQ, Todd Tucker, recently blogged about some of the frustrations he sees when looking at the failure of PCI as a security standard (or rather, the failure of thos...
tags: PCI DSS, anti-virus, malware
rated:
Should RIM hold its line on the BlackBerry?
Posted by
Drew Amorosi
• 18 August 2010
Encryption is the sort of topic that rarely makes it into the mainstream media, but the recent hoopla over BlackBerry security, namely its encryption procedures, has drawn the ire of governments throu...
tags: encryption, BlackBerry, compliance & policy
rated:
I-Coverage
Posted by
Geoff Webb
• 13 August 2010
I wanted to comment a little on the recent stir concerning the vulnerabilities on the iPhone (iPad, iTouch, I-Robot. No, wait, that's a movie.) I think the level of interest in this vulnerabili...
tags: Security, iPhone, Android, Blackberry
rated:
Adobe CS7 Searches Saturated With Dangerous Results
Posted by
Patrick Walsh
• 30 July 2010
Looking to save a few bucks on software will almost always lead users down a dangerous path. Users either end up at “OEM Software” sites offering unlicensed and illegal software, or t...
tags: oem software, malware, blackhat seo, pagerank bomb, adobe, microsoft
rated:
Microsoft and Adobe: Collaboration Against Threats
Posted by
Roger Halbheer
• 28 July 2010
You know my opinion on collaboration between countries, on public-private-partnerships, as well as on collaboration between companies. For quite a while we have been running a program calle...
tags: Vulnerabilities
rated:
view more
Features
Comment: Is the US Next to Implement Chip and PIN?
Comment: Is the US Next to Implement Chip and PIN?
Jose Diaz of Thales e-Security discusses the potential migration to Chip and PIN in the US. Diaz explains how this transition could improve security of our payments infrastructure.
Members' Content
Does Web 2.0 Need Security 2.0?
Does Web 2.0 Need Security 2.0?
With the proliferation of Web 2.0 services, security concerns have escalated. Davey Winder investigates how infosec vendors are addressing these challenges and wonders whether security 2.0 actually exists
Members' Content
Do Punishments Fit the Cybercrime?
Do Punishments Fit the Cybercrime?
Although some collaborative strides have been made, the international law enforcement community still lacks sufficient resources and skills to have substantial impact on the cybercrime juggernaut. The (ISC)² U.S. Government Advisory Board examines deterrent effects of recent high-profile prosecutions, legislative gaps, challenges in US cybercrime laws, and obstacles facing international law enforcement strategies.
Members' Content
Comment: Navigating the POS security standard minefield
Comment: Navigating the POS security standard minefield
Steve Brunswick and Jose Diaz from Thales outline the payment security standards landscape and explain how these various standards fit together when securing data at the point of sale
Members' Content
view more
Downloads
Application Whitelisting Puts HIPS in the Recycle Bin
This analyst-authored whitepaper outlines how Application Whitelisting protects against new advanced persistent threats, automates real-time visibility of actual application usage and more.
Desktop Software Lockdown: Prevent Targeted Attacks
Preventing the installation and execution of unauthorized software should be a high priority for any IT security conscious organization. Allowing users to install or execute unauthorized software can expose an organization to a variety of security and legal risks, not to mention the burden of increased support costs. This paper will compare and contrast a variety of techniques for detecting and preventing unauthorized code.
Cloud Application Security
Cloud computing promises to deliver IT infrastructure services via the Internet on an “as-needed, pay-per-use” basis. Cloud resources can be provisioned on-the-fly to support specific project needs, or they can be leveraged on a longer-term basis to add capability to an existing IT infrastructure. For some companies, cloud resources even serve as the entire IT infrastructure because of the ease and speed of deployment and cost-effectiveness compared to deploying an in-house infrastructure.
The Challenges of Automated Application Assessments in a Web 2.0 World
This white paper, written by two security experts from Stach & Liu, Rob Ragan and Vincent Liu, describes the challenges of automated penetration testing or application scanning of Web 2.0 applications.
Protecting Your Network Against Web Attacks
The problem of Web-borne threats is not theoretical: millions of users have been impacted and the threat is getting worse. Today, Web threats are more numerous and virulent than those delivered in email, and it is easier to be infected by them.
view more
Members' Login
Email Address
Password
Forgotten login?
Not a member?
close
Filter Content by geographic state
Select a state by clicking...
select a state:
Please choose
Alabama
Alaska
Arizona
Arkansas
California
Colorado
Connecticut
Delaware
Florida
Georgia
Hawaii
Idaho
Illinois
Indiana
Iowa
Kansas
Kentucky
Louisiana
Maine
Maryland
Massachusetts
Michigan
Minnesota
Mississippi
Missouri
Montana
Nebraska
Nevada
New Hampshire
New Jersey
New Mexico
New York
North Carolina
North Dakota
Ohio
Oklahoma
Oregon
Pennsylvania
Rhode Island
South Carolina
South Dakota
Tennessee
Texas
Utah
Vermont
Virginia
Washington
West Virginia
Wisconsin
Wyoming
Current state : Not selected.