Security Management Strategies for the CIO-
23 May 2012 Android Malware Genome Project aims to nurture mobile security research
Project will share data on malware targeting the Android platform. It has collected 1,200 Android malware samples.
Officials name FedRAMP cloud security assessors (Security Bytes blog)
Third-party assessors will review cloud providers’ security controls for FedRAMP compliance.
-
21 May 2012 Wysopal on application security training, program gaps
Application security expert Chris Wysopal of Veracode explains why some software security programs are lacking and how simple steps can produce big gains.
-
18 May 2012 MDM, security vendors scramble to address BYOD security issues (SearchSecurityUK.com)
Organisations are looking beyond NAC and MDM to resolve BYOD security issues; MDM, security and hybrid vendors are responding with new products.
-
17 May 2012 Praise, criticism for retiring cybersecurity coordinator Howard Schmidt
Security experts say some issues haven’t been adequately addressed by the White House security chief.
Division of CISO responsibilities may prevent burnout (Security Bytes blog)
CISO responsibilities can be overwhelming, according to a new IBM survey. One solution may be to divide the role into two jobs.
Maybe security is recession proof; VCs investing again (Security Bytes blog)
Venture capital firms are funding security technologies after a quiet period. The investments are a silver lining in a still bleak overall outlook.
-
16 May 2012 PCI Council urges P2P encryption for mobile payments
A PCI Council guidance document requires merchants to use a validated PIN entry device or secure card reader to accept payments using mobile devices.
Steve Lipner on the Microsoft SDL, critical infrastructure protection
Microsoft’s senior director of security engineering says core SDL principles should be at the foundation of critical infrastructure system protection.
Android security model doing best to enable mobile malware spread
At Information Security Decisions 2012, Dan Guido put the mobile malware focus on the Android security model and Google’s mobile app vetting process.
-
14 May 2012 Gartner report: UTM market on the upswing, expert says
Gartner released a report detailing market growth from 2010-2011 throughout the UTM vendor industry.
-
11 May 2012 ICO fines Welsh health board £70,000 for patient record loss (SearchSecurityUK.com)
For the first time, the ICO fines an NHS organisation for sending patient data to the wrong person.
-
10 May 2012 BeyondTrust acquires eEye Digital Security for vulnerability management
Analysts say eEye’s vulnerability and configuration management capabilities are a good fit with BeyondTrust’s privilege management and AD integration.
Going after the middlemen in the fight against financial cybercrime (Security Bytes blog)
The FBI and SOCA successfully executed Operation hAVoC, going after the middlemen, or carders, in the fight against financial cybercrime.
-
09 May 2012 PCI virtualization compliance still a challenge (SearchCloudSecurity.com)
No black and white when it comes to PCI compliance in virtualized environments, experts say.
-
Top Security Story
Android security model doing best to enable mobile malware spread SearchSecurity.com | 16 May 2012
At Information Security Decisions 2012, Dan Guido put the mobile malware focus on the Android security model and Google’s mobile app vetting process.