Access "Cybersecurity threats target lack of SMB security "
This article is part of the November 2011 issue of Effectively navigating the security risk assessment process
To the cybercriminal tapping away on his laptop in Kiev or Baton Rouge, the server your small retail shop, architectural firm, or medical office depends on is just as appealing a target as a box maintained by Wells Fargo, Twitter, or the U.S. Department of Defense. In some ways, your server is more interesting to the guy. After all, you don’t have a full-time staff charged with guarding your network. You never bothered to change the default password or update your patches. Maybe your Facebook-addicted employee clicked on another “You’ve gotta see this!” link, allowing the crook to implant a little code on his or her machine. He’ll remember that place -- or rather, the code he banged out in 15 minutes will -- and he’ll be back later when it’s time to wake up the zombie farm to carry out a DoS attack. Worse yet, he might tunnel into your network and snatch sensitive customer or business data. Organized criminals are using exploits and malware to generate revenue and they value ROI as much as SMB owners. Easy, repeatable attacks that skim off a little bit of ... Access >>>
Premium Content for Free.
PCI council developing point-to-point encryption certification program
by Robert Westervelt, News Director
PCI Security Standards Council plans to release a list of certified components in April.
VDI security supports active protection strategies
by Eric Ogren, Contributor
ISM November 2011 cover story: Eric Ogren on how virtual desktop infrastructure enhances compliance, data protection and malware protection.
- PCI council developing point-to-point encryption certification program by Robert Westervelt, News Director
Overcoming obstacles in the security risk assessment process
by Craig Shumard and Serge Beaulieu
An effective risk assessment process is essential, but many factors can skew the process and get in the way of security.
Cybersecurity threats target lack of SMB security
by Amy Rogers Nazarov
Cybercriminals are zeroing in on small and midsize businesses with fewer security resources.
- Overcoming obstacles in the security risk assessment process by Craig Shumard and Serge Beaulieu
Marcus Ranum chat: Information security monitoring
by Marcus J. Ranum, Contributor
Security expert and Information Security magazine columnist Marcus Ranum talks to Richard Bejtlich, CSO and vice president, Mandiant Computer Incident Response Team (MCIRT) at security firm Mandiant.
The lack of computer security: We’re all responsible
by Elizabeth Martin
We all have an explanation for weak security, but everyone needs to do their part to improve it.
Time for discourse on China computer hacking
by Michael S. Mimoso, Editorial Director
China is being accused of hacking corporate, government and military networks in the U.S. for economic gain. Policy makers need to be versed in cybersecurity and figure out how to respond.
- Marcus Ranum chat: Information security monitoring by Marcus J. Ranum, Contributor
More Premium Content Accessible For Free
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...
Mobile device security is one of the biggest nightmares InfoSec pros face in the era of bring your own everything (BYOE). Simply banning employees ...