Officials: DNS servers stood up well to attack
Government security officials at RSA Conference 2007 said the Internet's backbone appears to have stood tall against Tuesday's massive DNS server attack.
Panel: Privacy legislation too premature for RFID
A group of public policy and technology experts at the RSA Conference 2007 said legislation could make radio frequency identification technology too costly for enterprises and hamper its innovation.
Experts: Companies need data theft response plans
Enterprises that have solid response plans in place before a data breach are more likely to survive after being hacked, said experts at RSA Conference 2007.
Gates touts secure access anywhere
Microsoft's chairman tells RSA Conference 2007 attendees that a combination of authentication and access management strategies is what it takes to protect corporate data, but information security pros are willing to wait for the proof.
Rootkit dangers at an 'all-time high'
Industry experts at RSA Conference 2007 say not only have rootkits become the weapon of choice for malicious hackers, but they've also emerged as useful tools for legitimate businesses trying to exert control over users.
Cryptographer's Panel: Founding fathers still eager for new advances
On the eve of cryptography's 30th anniversary, the men who invented the field say they're proud of what's been accomplished, but new cryptosystems are needed to keep on top of emerging threats.
Symantec chief: Consumer confidence in data protection is key to online growth
In his keynote at RSA Conference 2007, Symantec CEO John W. Thompson said Big Yellow is ready for the shifting dynamics in the information security market, and implied that Microsoft's growing presence in security is a conflict of interest for its customers.
CA backup bug exploitable on Vista
A previously patched buffer overflow vulnerability in CA BrightStor ARCserve Backup has been exploited, the first such flaw for a third-party app running on Vista. One security firm says ISVs aren't taking advantage of Vista's new security features.
Coviello: In 3 years, no more stand-alone security
RSA President Art Coviello said today's patchwork of monolithic security devices will disappear in the next three years as security is integrated into the larger IT infrastructure.
Gates to outline Microsoft's new strategy for secure computing
Bill Gates is back at RSA. At this year's conference, Gates plans to speak today about the evolution of authentication, network policies and data protection, signaling a change in his vision of a "Digital Decade."
Vista exploitable, researcher says
A well-known security researcher later this week will reveal a new way to elevate system privileges by exploiting a flaw in Windows Vista.
Keynoters speak volumes
Times have changed, and RSA Conference keynote speakers no longer need cryptography and security backgrounds. This year's headliners include several rock stars of the IT industry, along with some newcomers and a few old veterans.
NAC gains traction
Until recently, the network access control market had been all style and little substance, but at last vendors large and small are proving that NAC may be worth the investment.
Vendor alliance wants PCI certification program
Debuting this week at RSA, the Payment Card Industry Security Vendor Alliance will provide guidance to the industry and hopes to ultimately get a PCI certification program off the ground.
Intrusion detection systems are alive and kicking
IPS hasn't overtaken intrusion detection systems just yet. Senior News Writer Bill Brenner reveals what customers want when they're shopping for IDS products.
Pitfalls aplenty going SOA
A service-oriented architecture's efficiency has often been more of a priority than SOA security. Vendors, however, are compensating with new Web services security features.
Web apps remain a trouble spot
Contributor George Hulme examines how cross-site scripting and code injection have become even bigger development issues than buffer overflows.
Spam, phishing, IM attacks rise
Malicious attacks using social engineering techniques are on the rise. While botnets may finally be forcing ISPs into the battle, enterprise security pros are working overtime on strategies to keep the threats at bay.
Going Wi-Fi? Go safely
Today's security professionals are forced to balance the convenience that wireless technology offers with the need to enforce a solid security policy.
When physical and logical security converge
For an enterprise to protect itself from today's internal and external threats, more companies are considering security programs that integrate both physical and logical security.
Flurry of state disclosure laws creates confusion for CISOs
Now that nearly three dozen states have enacted breach disclosure laws, national companies face the challenge of reconciling a vast array of guidelines and their implications.
CISOs mastering 'softer' skills
Learn why a mix of interpersonal skills have to be blended with knowledge of business administration to create a well-rounded leader.
A new awareness for SIMs
Experts say the use of security information and event management systems can not only give organizations overall visibility into their network security and improve their incident response, but also meet compliance demands.
Developing a mind-set for application security
Baking security into applications can be a difficult process, but experts believe developing an application security mind-set can help create more secure software systems.
FFIEC, HSPD-12 fuel growth in authentication market
Enterprises aren't the only ones who have had to deal with regulations like FFIEC and HSPD-12. The vendor community has adjusted by offering cost-effective and unobtrusive authentication products, primarily focused on financial institutions.