Access your Pro+ Content below.
Old information security challenges persist
This article is part of the Information Security issue of January/February 2011
The world of information security moves at a rapid pace. New threats emerge, new vulnerabilities have become a constant, and new technologies are built to protect our assets. However, many of the challenges we face, as well as the technologies we rely on, are only variations and adaptations of those we've had a decade ago. I tend to be a packrat, as well as a bit of an information security history buff, and it was no surprise when I recently came across a stack of old Information Security magazine issues in my office with dates ranging from 2001 to 2003. Taking a trip down memory lane, I flipped through several issues to see what the major topics and trends at the time were. The good news is that a number of articles are still applicable in many ways today. Unfortunately, that's also the bad news. After reading some of the articles, I was a bit depressed about the apparent lack of progress we're making in information security. Here are several examples: "New Directions in Intrusion Detection" (August 2001): 85 percent of ...
Access this PRO+ Content for Free!
Features in this issue
Information security managers are getting more of a say in enterprise cloud initiatives and mobile device projects.
Enforcing endpoint security requires careful planning and deployment.
Stuxnet put the spotlight on critical infrastructure protection but will efforts to improve SCADA security come too late?
Columns in this issue
Security experts Bruce Schneier and Marcus Ranum debate whether network security should be based on whitelisting or blacklisting.
Automation hasn't killed the penetration tester – yet.
A look back at articles from the past shows that the same information security problems persist today.