Access "2013 Security Priority Survey, security risks when buying IT hardware from China"
As Gary McGraw mentioned in his [In]-Security column this month, every enterprise depends on software. On the one hand, this is merely stating the obvious. Software carries out the processes, enforcing the rules that reflect the business purpose. Each company tries its best to select or develop software that best enables it to carry out its organizational mission. On the other hand, the primary role of software begs to question why so little attention is paid to software security. Historically, security has tried to protect software from itself; building a firewall perimeter around it, watching for telltale symptoms in the network packet stream that might indicate an application attack, and by locking down privileges so only authorized people can direct requests to the software in the first place. McGraw argued that we should take the time to consider whether our software is unacceptably buggy from a security point of view. We should take a crack at it using the “badness-ometer.” That seems reasonable, but only a portion of the security community seems to be... Access >>>
Premium Content for Free.
The Huawei security risk: Factors to consider before buying Chinese IT
by Joel Snyder, Contributor
Cover story: The U.S. government says Chinese IT giants Huawei and ZTE pose too much risk. But do they? Joel Snyder offers his take.
BYOD security strategies: Balancing BYOD risks and rewards
by Lisa Phifer, Contributor
Allowing employee-owned mobile devices doesn’t have to mean accepting all BYOD risks. Infosec pros share their BYOD security strategies.
- The Huawei security risk: Factors to consider before buying Chinese IT by Joel Snyder, Contributor
IT Security Trends 2013: Mobile security concerns tops the list
by Robert Richardson
- IT Security Trends 2013: Mobile security concerns tops the list by Robert Richardson
Offensive security involves proactive deception tactics
by Robert Westervelt
Going on the offense doesn’t mean actively targeting cybercriminals, experts say. Deceptive tactics, phony documents can help trip up attackers.
- Offensive security involves proactive deception tactics by Robert Westervelt
2013 Security Priority Survey, security risks when buying IT hardware from China
by Robert Richardson, Editorial Director
Information Security Magazine reveals the results of its 2013 Security Priority Survey and examines the security risks associated with purchasing IT hardware from China. Elsewhere in the issue, infosec pros share their strategies for BYOD security.
Information assurance training programs create new cadre of IT security pros
by Doug Jacobson and Julie A. Rursch
University information assurance programs are varied, but they are beginning to provide technology disciplines a level of security knowledge.
Testing, assessment methods offer third-party software security assurance
by Gary McGraw, Contributor
No ultimate test can give third-party software a clean bill of health, but careful assessment can help organizations gain more control over vendors.
- 2013 Security Priority Survey, security risks when buying IT hardware from China by Robert Richardson, Editorial Director
More Premium Content Accessible For Free
Threat intelligence and risk: Why cybersecurity hangs in the balance
As more security professionals take on greater roles in global risk management, Global 2000 companies are investing in cybersecurity measures above ...
How to respond to the latest distributed denial-of-service attacks
All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't ...
Figuring out FIDO as the first products emerge
The Fast Identity Online (FIDO) standards reached the public draft stage in February, and the first deployments of FIDO-ready technologies followed ...