Access "In enterprises, proactive information security finally taking hold"
This article is part of the April 2004 issue of Depth charge: Survey shows big spending on defense in depth
"Current systems offer little or no protection from viral attack -- the only provably 'safe' policy as of this time is isolationism." --Fred Cohen, "Computer Viruses: Theory and Experiments," 1984 Funny how the more things change, the more they stay the same. Twenty years after Cohen wrote these words, we still haven't got a clue how to stop viruses, and the state-of-the-art in virus defense remains soft. I understand it's a difficult problem. Windows has more holes than a sieve. AV scanners are inherently reactive. End users are double-clicking dopes. You can't patch systems fast enough. Budgets are tight. Yada, yada, yada. Andrew Briney If you're a security pro, these explanations make perfect sense. But if you're not, they sound like, well, a bunch of excuses. For a profession that's struggling to gain respect, credibility and funding, that's not a good thing. You can talk all you want about security's growing role in the business, but it's hard to be taken seriously when you can't solve 20-year-old problems. One of the reasons security remains a black ... Access >>>
Premium Content for Free.
IT security spending 2004: Firms diversify as security budgets tighten
by Andrew Briney
Fearing the worst on IT security spending, companies are diversifying their security spending.
Audit failure: How one lab raised IT security awareness and its audit grade
by Anne Saita
Learn how Argonne National Lab raised IT security awareness and its audit grade from 'F' to 'A'.
- IT security spending 2004: Firms diversify as security budgets tighten by Andrew Briney
The future of software security vulnerabilities
by Gary McGraw & Greg Hoglund
The evolution of software security vulnerabilities opens new vistas for business... and the bad guys.
Ensure audit success with sound security audit procedures
by George Wrenn
A security review doesn't have to be a sink-or-swim proposition.
- The future of software security vulnerabilities by Gary McGraw & Greg Hoglund
Using tax depreciation to increase security budgets
by Lawrence Walsh
The depreciation of capital assets, such as security hardware and software, is a tax benefit that every infosec manager should take into consideration.
Cyberwar myths: Are cyberwarfare and cyberterrorism overblown?
by Marcus J. Ranum, Contributor
Marcus Ranum explains why the whole notion of cyberwarfare is a scam.
A little betrayal: Windows purists using Linux security features
by Jay Beale
Jay Beale explains how Windows purists can leverage Linux security features without compromising their allegiance to Redmond.
Database security tools for preventing SQL injection attacks
by Pete Lindstrom, Contributor
An emerging breed of database security tools is helping security teams spot attackers' favorite techniques, like SQL injection.
In enterprises, proactive information security finally taking hold
by Andrew Briney
Editorial director Andrew Briney says frustration with failure is driving proactive information security spending on new technologies.
- Using tax depreciation to increase security budgets by Lawrence Walsh
More Premium Content Accessible For Free
As more security professionals take on greater roles in global risk management, Global 2000 companies are investing in cybersecurity measures above ...
All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't ...
The Fast Identity Online (FIDO) standards reached the public draft stage in February, and the first deployments of FIDO-ready technologies followed ...