Information Security Policies Procedures and Guidelines

  • January 04, 2008 04 Jan'08

    Sears spyware illustrates perils of online commerce

    My colleague, Dennis Fisher, has already blogged about Sears using spyware on its customers. But since I've come across plenty of blog chatter that reflects his opinion and mine, I've decided to ...

  • January 04, 2008 04 Jan'08

    Why is Sears tracking users’ Internet activity?

    It seems that Sears, which sells just about everything under the sun, has decided to get into the spyware business too. The retail giant recently has come under fire from a researcher at CA who ...

  • January 03, 2008 03 Jan'08

    Security pioneer James Anderson dies

    James Anderson, one of the pioneers in the field that eventually became computer security and the author of some of the seminal papers on the subject, died in mid-November. His passing seems to ...

  • January 03, 2008 03 Jan'08

    McAfee glitch leads to false detections

    A reader emailed us yesterday warning that a link in our Dec. 20, 2007 Security Wire Perspectives email newsletter points to a page containing an exploit script. We puzzled over this one yesterday ...

  • December 21, 2007 21 Dec'07

    Money for nothing and security for free

    During a time of year when it seems like we all spend waaaay too much on presents, holiday decorations and travel, among other things, it's always nice to get a little something for free. To that ...

  • December 20, 2007 20 Dec'07

    America’s Next Top H4×0r

    Maybe it's a result of the TV writers' strike or maybe it's just the natural next step in a world in which there are reality shows about dueling choirs and kids living alone, "Lord of the Flies" ...

  • December 20, 2007 20 Dec'07

    From Russia with love

    Being in the Christmas spirit and all, I'm going to dispense with the usual advice-oriented column this week. Fear not, I'll get back on theme after the New Year. For this week, I want to focus on ...

  • December 20, 2007 20 Dec'07

    Mozilla releases Firefox 3 beta 2

    Mozilla has delivered on its promise to release the second beta for Firefox 3 by year's end. Security is to be a major part of Firefox 3, and I recently asked some IT professionals to play around ...

  • December 17, 2007 17 Dec'07


    Every once in a while someone gets it so right that there really isn't much to add. This post by Chris Hoff is as good as it gets. If you're not reading his frequent posts on security, ...

  • December 17, 2007 17 Dec'07

    Top 5 security stories of 2007? You tell us

    It's that time of year where we in the news business love to make lists of the top news stories of the year. I've drawn up a Top 5 list of my own for your amusement, but admit that my judgment ...

  • December 13, 2007 13 Dec'07

    eEye founder Maiffret leaves the company

    Marc Maiffret, the founder and longtime CTO of eEye Digital Security, has left the company to work on other projects. Maiffret is among the best-known hackers on the security scene and made his ...

  • December 11, 2007 11 Dec'07

    Bad holiday PR

    I absolutely love Christmas, and even have a soft spot for a lot of the tacky stuff that comes with it, like fake silver trees, loud-colored garland and the Coca-Cola version of Santa Claus. But ...

  • December 10, 2007 10 Dec'07

    Pay no attention to the pop-up box behind the curtain

    Bill Clinton may be the world's champion when it comes to parsing words and phrases to suit his own purposes, but to give credit where credit is due, executives from software companies are making ...

  • December 07, 2007 07 Dec'07

    The changing role of the CSO

    In the last few months I've been hearing more and more from CEOs, CIOs and CSOs about the changing role of the CSO (or CISO, depending on your org chart) in the enterprise. In the past, the CSO has ...

  • December 07, 2007 07 Dec'07

    Time to update your Skype

    Skype users will want to upgrade to version for Windows to close a security hole attackers could exploit to run malicious code on vulnerable machines. According to Danish vulnerability ...