Risk assessments metrics and frameworks

  • April 25, 2006 25 Apr'06

    Microsoft customers want more out-of-cycle patches

    Customers say Microsoft was right to issue an out-of-cycle fix for its flawed Windows Explorer patch. In fact, they wish the vendor would do it more often.

  • April 18, 2006 18 Apr'06

    Microsoft to close security updates on old Windows

    As of mid-July, Microsoft will no longer provide security updates for Windows 98 and Windows Me. Experts say the decision is likely long overdue.

  • April 12, 2006 12 Apr'06

    Report: IM, P2P threats on the rise

    Research shows a steady increase in threats that target unauthorized IM and peer-to-peer applications. Worse yet, most IT departments have no way of knowing the threats exist.

  • April 06, 2006 06 Apr'06

    Opinion: Military security legacy is one of innovation, integrity

    In response to a recent column criticizing corporate use of military security guidelines, infosec pro Norman Beznoska Jr. says corporate America has borrowed much of its technology from the armed forces, and could still stand to learn a thing or two.

  • April 06, 2006 06 Apr'06

    Opinion: The importance of a military mindset

    The military security mindset shouldn't be so quickly dismissed, says Michael Tanji, because military science has spawned many commercially successful technologies and trained many of the professionals who today are the lifeblood of the industry.

  • March 20, 2006 20 Mar'06

    Poor government security makes industry wary

    The annual review of government security practices shows several agencies still aren't improving. Experts are worried it could harm Homeland Security's ability to work with the private sector to stop cyberterrorism.

  • March 07, 2006 07 Mar'06

    Security pros aren't stained by BlackBerry tiff

    A BlackBerry blackout would have been tough for on-the-go e-mail addicts, but it was never a security concern, if a survey of IT professionals is any indication.

  • March 07, 2006 07 Mar'06

    Attacks driven by love of money

    Symantec's latest threat report shows digital desperadoes are exploiting Web application flaws and using "modular" malcode to launch lucrative attacks.

  • March 03, 2006 03 Mar'06

    Security Blog Log: Hacking for grades causes a stir

    A college exercise in hacking doesn't sit well with some bloggers. Meanwhile, a bear shows us a thing or two about security and Webroot loses its public voice.

  • February 21, 2006 21 Feb'06

    IT pros: We can't stop every threat

    Mergers, staff shortages and fast tech deployments mean some security incidents probably went undetected last year, a recent survey found, and many fear it will happen again.

  • February 10, 2006 10 Feb'06

    Review: Lucid Security's ipAngel far beyond standard IPS fare

    ipAngel is a cleverly integrated package that will help stop exploits at your perimeter and assess the security of your network.

  • February 09, 2006 09 Feb'06

    Nyxem's lessons can't be ignored

    The worm didn't create the chaos that was expected, but security pros say it would be a mistake to dismiss it as a dud and ignore the valuable lessons.

  • February 07, 2006 07 Feb'06

    For CISOs, fitting in was never so hard

    As more organizations move their security officers out of IT, it may become easier for CISOs to succeed, but harder for other security pros to avoid a career dead-end.

  • January 26, 2006 26 Jan'06

    Passwords still the weakest link

    But more software is beginning to keep insiders from using shared or administrative passwords to access restricted data files, helping to ensure SOX compliance.

  • January 20, 2006 20 Jan'06

    Security Blog Log: Oracle makes Microsoft look good

    Microsoft gets plenty of flak for slow patching, but this week bloggers say they'll take Microsoft's patch process over Oracle's any day.