Security Management Strategies for the CIOAccess "The threat landscape and Web 2.0 technologies"
This article is part of the July/August 2011 issue of Computer incident response teams are a new line of defense
There’s been a lot of talk lately about Web. 2.0 --Web applications that facilitate sharing, collaboration and user-managed design, such as social media, blogs and wikis -- greatly expanding the threat landscape. The first time I heard this, I didn’t take it seriously because it was made by someone outside of information security. However, as of late, fellow information security professionals have begun to make the same or similar assertions. Frankly, the threat landscape has not expanded because of Web 2.0. Threat Considerations Web 2.0 may represent another attack vector, but the same old threat landscape exists. Even without Web 2.0, technology still is highly vulnerable to threats and attack. Humans make technology. As much as we want to be perfect, we are not. Sure, companies can embed quality checks into technology; however, the dynamic life of technology makes it hard to match quality 100 percent of the time. Case in point, the non-profit Open Web Application Security Project (OWASP) is doing a fantastic job of evangelizing secure coding. It’s working... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Information security market consolidation: A mixed bag
by Marcia Savage and Michael S. Mimoso
Big tech companies are scooping up security vendors with mixed results.
-
PCI virtualization guidance warns of compliance challenges
by Robert Westervelt
PCI group outlines challenges in achieving compliance with payment data on virtualized systems.
-
Information security market consolidation: A mixed bag
by Marcia Savage and Michael S. Mimoso
-
-
Turn your computer incident response team into counter-threat operations
by Richard Bejtlich, Contributor
Fending off modern computer attacks requires actively hunting down intruders.
-
Striving for better information security intelligence
by Scott Crawford
Security teams strive to gain visibility from a deluge of security information and put that data to work.
-
Turn your computer incident response team into counter-threat operations
by Richard Bejtlich, Contributor
-
Columns
-
Your information security career and the job market: Value of information security skills
by Lee Kushner and Mike Murray
Be aware of changing technology and industry trends, and your job prospects will fall in line.
-
The threat landscape and Web 2.0 technologies
by Ravila Helen White, Contributor
The idea that social media and other Web 2.0 technologies have vastly altered the threat landscape is plain wrong.
-
Does information security market consolidation mean the end of the line?
by Marcia Savage
Large IT companies are buying up security vendors, but that doesn’t mean there won’t be plenty of room for innovative startups.
-
Your information security career and the job market: Value of information security skills
by Lee Kushner and Mike Murray
More Premium Content Accessible For Free
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...
Emerging threat detection techniques and products
E-Handbook
Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...
The rapid evolution of MDM solutions
E-Zine
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...