Access your Pro+ Content below.
Web 2.0 security threats and how to defend against them
This article is part of the Information Security magazine issue of September 2010
There is an old Chinese proverb that reads "may you live in interesting times." For security professionals, this does not ring hollow because a security career is always evolving and responding to emerging threats; "interesting" is our daily mission. While our charge is broad, from architecture and policy, through awareness and compliance, much of what we do is defending against threats to the security of the information we protect. As the proverb tells us, this is where the interesting portion of our role gets defined. We have witnessed the evolution of threats migrate from attacking the vulnerabilities of the Web, through the weaknesses of messaging, on to data protection, and now into the realm of Web 2.0. What exactly is Web 2.0? You would find a myriad of answers to this if you asked all of your security (and non-security) friends. It is now the Internet as we now know it, and is known as the second generation of the World Wide Web. Web 2.0 refers to Web design, development, and use that foster interactive information ...
Features in this issue
For the fifth consecutive year, Information Security readers voted to determine the best security products. Nearly 1,500 voters participated this year, rating products in 14 different categories.
The collaborative nature of Web 2.0 introduces myriad threats to data that must be proactively countered.
What you can expect from this fall's update to the Payment Card Industry Data Security Standard.
Tools help protect privacy but safeguarding personal data in the age of Google and Facebook is getting harder.
Columns in this issue
Embedding security in hardware isn't new, but is it worth an $8 billion investment? Time will tell on the Intel-McAfee acquisition.
Targeted attacks on corporations and their crown jewels have become routine. Companies need to be prepared.
Bruce Schneier and Marcus Ranum debate the risks associated with employees using personal computing devices.