Security Management Strategies for the CIOAccess "Face-Off: Chinese Cyberattacks: Myth or Menace?"
This article is part of the July/August 2008 issue of Everything you need to know about today's information security trends
Chinese cyberattacks: Myth or menace? Security Experts Marcus Ranum & Bruce Schneier Offer Their Opposing Points of View Send comments on this column to feedback@infosecuritymag.com. POINT by Marcus Ranum Something is definitely going wrong with the U.S. Department of Defense and government agency networks, but it's not what you probably think. When it was announced that more than 10 terabytes of data had been stolen from DOD unclassified networks as part of an orchestrated operation from China, I was as horrified as you. Ten terabytes is a lot, and I'd have expected someone to do something after, say, the first terabyte flew by--especially because I happen to know something about the money spent on monitoring systems for some of those networks, and the sensitivity of the data on them. DOD always counters: no classified information was accessed. But that's BS--the unclassified networks carry logistical, payroll, personnel, medical and operational data. What's really going on? Could it be that many government networks have access rules that are vastly ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
How to be an Information Security Know-it-all
The essentials every chief information security officer must master, including PCI compliance, server and desktop security, securing the data lifecycle and how to best align security and business.
-
Information Security and Business Integration
INTEGRATION Security professionals can rely on the same models and frameworks used by traditional business to earn a seat at the table.
-
Product Review: Vantos' V-Flex
Investigation Management
-
Product Review: Configuresoft's Enterprise Configuration Manager 4.9
Configuration Management
-
Product Review: RSA Security's RSA enVision
SEIM
-
McAfee Secure for Websites security service review
McAfee's new security service scans websites and network infrastructure for vulnerabilities, malware, spam, malicious links and sharing of personally identifiable information.
-
How to be an Information Security Know-it-all
-
-
Secure Configuration of Windows XP Desktops
DESKTOP SECURITY 5 steps to properly configure desktop security.
-
Tech FocusShield Your Enterprise
VA scanning works with Web app firewalls to thwart assaults.
-
Product Review: Applicure Technologies' dotDefender
Application security
-
Windows Server 2003 hardening services ensures better security
Shutting down unneeded services, ports and accounts makes Windows Server 2003 tough to beat.
-
Data Lifecycle Management Model Shows Risks and Integrated Data Flow
Information flows through business processes in an orderly fashion; security must flow right along with it.
-
Avoiding Audit Trouble: Getting PCI Compliant
Get compliant with Payment Card Industry Data Security Standard Compliance (PCI DSS) with solutions and tips from auditors and audit survivors.
-
Secure Configuration of Windows XP Desktops
-
Columns
-
Time to Implement DNSSEC
Editor's Desk: DNS turns 25 this year. It's high time DNSSEC is added to the protocol.
-
Interview: CISO Adrian Seccombe on Eli Lilly from FIPCO to FIPNET
In this interview, CISO Adrian Seccombe discusses how Eli Lilly went from FIPCO (fully integrated pharmaceutical company) to a FIPNET (fully integrated pharmaceutical network, the importance of collaboration and the work of the Jericho Forum.
-
Face-Off: Chinese Cyberattacks: Myth or Menace?
Bruce Schneier and Marcus Ranum debate the threat of Chinese hackers and whether they are state-sponsored?
-
Loud Cries for National Data Protection Law
Perspectives: A national data protection law would help curtail identity theft and could boost international relations.
-
Time to Implement DNSSEC
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...