May 2011

• May 31, 2011 31 May'11

  Sony breach timeline shows missteps, says security firm

  Sony has spent $171 million cleaning up its massive data breach. One security firm outlines mistakes. Spring 2011 has not been good for executives at Sony. Security vendor Lumension Security put ...  Continue Reading

• May 31, 2011 31 May'11

  Government cybersecurity: User-level security tools mitigate Fed insider risks

  Taking on a new zero-trust model, many federal agencies are implementing insider threat controls at the user level.  Continue Reading

• May 31, 2011 31 May'11

  IPv6 myths: Debunking misconceptions regarding IPv6 security features

  Aggressive marketing has helped perpetuate a number of security-related IPv6 myths. Expert Fernando Gont helps separate myth from fact to ensure a secure IPv6 deployment.  Continue Reading

• May 31, 2011 31 May'11

  Application log management: Enabling application security compliance

  Expert Michael Cobb discusses how application audits and information and event management can save you time and energy with application security compliance.  Continue Reading

• May 27, 2011 27 May'11

  Google Wallet gains interest from security researchers

  Google’s NFC service will be thoroughly vetted for vulnerabilities, access for cybercriminals. Cloning may be possible. Google’s new near field communication (NFC) payment service, Google Wallet, ...  Continue Reading

• May 27, 2011 27 May'11

  Lack of SMB security opens door to online criminals

  Online criminals have smaller targets firmly in their crosshairs.  Continue Reading

• May 27, 2011 27 May'11

  Marcus Ranum and Bob Blakley discuss risk management failures

  Security expert and Information Security magazine columnist Marcus Ranum continues a new bimonthly feature where he goes one-on-one with a fellow security industry insider.  Continue Reading

• May 27, 2011 27 May'11

  Get actionable results from a security information management system

  In order to get the best results, you need to limit your goals for SIM.  Continue Reading

• May 27, 2011 27 May'11

  Revamped FISMA requirements aim to improve federal security

  An automated tool and mandates for continuous monitoring try to improve federal information security efforts.  Continue Reading

• May 27, 2011 27 May'11

  Data breaches show enterprise need for better data security management

  Sony and other data breaches suggest need for data accountability, better configuration management.  Continue Reading

• May 27, 2011 27 May'11

  IT consumerization drives new security thinking

  The influx of personal smartphones and other computing devices into the enterprise is forcing a shift in security strategy.  Continue Reading

• May 27, 2011 27 May'11

  Mobility trend takes off in the enterprise but leaves out security

  Banks and other businesses are rushing to jump on the mobility trend but leaving security behind.  Continue Reading

• May 25, 2011 25 May'11

  Eye On: Virtualization Security

  SearchSecurity.com's "Eye On" series examines a security topic each month. In May, the series explores virtualization security and the technologies and methodologies available to reduce vulnerabilities and improve virtualization processes.  Continue Reading

• May 25, 2011 25 May'11

  Reduce virtualization security risks by thinking physical, experts say

  Firms reassessing their virtualized infrastructure should apply the same security best practices they’ve been using to secure their physical systems.  Continue Reading

• May 24, 2011 24 May'11

  Smartphone theft, loss outweighs malware risk, McAfee report finds

  Lost and stolen devices are seen as the greatest security concern for IT professionals, according to a new report by McAfee and Carnegie Mellon University.  Continue Reading

• May 23, 2011 23 May'11

  tokenization

  Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.  Continue Reading

• May 20, 2011 20 May'11

  Symantec to acquire Clearwell for its eDiscovery processing platform

  Acquisition of Clearwell Systems Inc. bolsters Symantec's eDiscovery capabilities in a crowded market for software that helps contain civil litigation costs. Symantec Corp. has agreed to acquire ...  Continue Reading

• May 19, 2011 19 May'11

  IPv6 connectivity: Innovations address IPv6 security concerns

  Researchers at Virginia Tech have created a tool called Moving Target IPv6 Defense in order to address looming IPv6 security issues.  Continue Reading

• May 19, 2011 19 May'11

  PCI DSS survey finds need for credit card tokenization guidance

  Companies are considering tokenization as an alternative or in addition to encryption, a recent survey found.  Continue Reading

• May 18, 2011 18 May'11

  Wikileaks insider threat: A lesson for government cybersecurity managers

  The Wikileaks insider threat is not the first and will not be the last, however with the media hype Wikileaks has garnered, government cybersecurity managers are beginning to take different approaches to security.  Continue Reading