Data security strategies and governance

  • June 12, 2007 12 Jun'07

    Richard Clarke: Don't ignore data risks, deploy encryption

    At a recent keynote with CISOs during the Gartner IT Security Summit, former White House cybersecurity czar Richard Clarke warned that firms are doing little to prevent data theft.

  • May 31, 2007 31 May'07

    Two men plead guilty in supermarket data security breach

    Two Los Angeles area men plead guilty to using devices to bilk debit and credit card data from Stop & Shop supermarkets in Massachusetts and Rhode Island.

  • May 31, 2007 31 May'07

    Springing leaks: Getting smart about data loss prevention

    Companies are showing increased interest in data loss prevention (DLP) products, but they won't work well unless the business needs are understood and well defined.

  • May 22, 2007 22 May'07

    Database authentication, encryption getting priority in some businesses

    While more organizations are seeking database authentication and encryption technologies, others are turning to database monitoring to secure data.

  • May 09, 2007 09 May'07

    Experts: Easing standards like PCI DSS a bad idea

    Financial services practitioners say security standards like PCI DSS can be hard to heed, but that easing them would be a bad idea given the data fraud epidemic.

  • May 09, 2007 09 May'07

    Companies plug FTP holes with secure FTP servers

    Some companies are investing in secure FTP suites to give employees and business partners the ability to transfer large files such as large documents, audio, video and photos.

  • May 08, 2007 08 May'07

    The trouble with Google hacking techniques

    Some IT security professionals say the threat posed by Google hacking techniques is overblown and that companies can easily avoid it with a layered security program. One skeptical expert is Ira Winkler, founder of the Internet Security Advisors ...

  • April 17, 2007 17 Apr'07

    SaaS offering a first for Symantec

    Symantec has launched a beta of the Protection Network, a software-as-a-service platform for small-to-medium-sized businesses. Resellers will be able to offer customized versions.

  • March 21, 2007 21 Mar'07

    IBM uses model to understand data governance

    Steven Adler, program director of Data Governance Solutions for IBM and chairman of the Data Governance Council, has been working to understand the growing need for data security, the issues surrounding data compliance and data protection problems. ...

  • March 19, 2007 19 Mar'07

    Symantec: Data thieves thrive on zero-day flaws

    According to Symantec's threat report for the second half of 2006, attackers exploited misplaced USB drives and zero-day flaws to steal vast amounts of data. Expect more of the same in 2007.

  • March 14, 2007 14 Mar'07

    Online game exploits threaten IT security

    Gary McGraw, chief technology officer of Dulles, Va.-based security firm Cigital Inc., is a security luminary with several books to his credit, including "Software Security: Building Security In," "Java Security" and "Exploiting Software." His ...

  • February 06, 2007 06 Feb'07

    CA backup bug exploitable on Vista

    In what appears to be the first exploit for a third-party app running on Vista, a previously patched buffer overflow vulnerability in CA BrightStor ARCserve Backup has been exploited. One security firm says ISVs aren't taking advantage of Vista's ...

  • January 18, 2007 18 Jan'07

    Data breach at TJX could affect millions

    Retailer TJX Companies said a hacker gained access to its systems exposing the credit card data of millions of customers.

  • January 10, 2007 10 Jan'07

    More users increase risk for Volkswagen AG

    With 1.5 million users on the network, Volkswagen AG depends more than ever on strong ID and access management to safeguard intellectual property, according to its CISO.

  • January 10, 2007 10 Jan'07

    Federal government pushes full disk encryption

    Businesses need to follow the federal government's lead in reducing data breaches by holding employees responsible and examining full disk encryption (FDE) products.