• Agency wants data on enterprise cyber forensics system products

    TSA solicits information about commercially available computer security forensics technologies it could use for information technology security; TSA is interested in products that would give the agency the ability to scan, capture, identify, report, and resolve IT forensics matters

  • Melissa Hathaway highlights nine important cyber bills

    Congress is getting more and more involved in cyber issues; Melissa Hathaway, former White House cybersecurity official, examines the pending legislation and highlights nine bills — out of the 40-odd bills at various stages in the legislative process — which she considers to be the most important ones to watch

  • Today's IT security professionals are expected to offer more than a school certificate

    Demand for IT security specialists in both the private sector and government grows steadily; IT security is the No. 1 growth industry in the government and government contractor sectors; employers, however, no longer see IT security certification as a sufficient qualification, and are looking for a broader set of skills

  • Cybersecurity summit pays little attention to control system's security

    Despite threats of infrastructure attacks, scant attention was paid to control systems during a global security conference; the problem is safeguarding infrastructure’s control systems against attackers is that such protection requires a different approach to securing PCs or networks; Windows-based security products will not help; says one expert: “All the devices that sense things — temperature, pressure, flow, and things like that — are not Windows, those are proprietary, real-time or embedded, and there’s no security there”

    • view counter

  • Infosec 2010: Prepare for the information security revolution

    New PwC report shows how information security threats will evolve until 2020; the huge increase in the amount of data available on the Web is largely the result of the number of people who have internet access. This will mean more money is transacted online, which will attract cyber criminals

  • New research offers security for virtualization, cloud computing

    Virtualization allows the pooling of the computational power and storage of multiple computers, which can then be shared by multiple users; problem is, gains in efficiency and cost-saving are offset by increased cyber vulnerability; researchers have now developed software, called HyperSafe, that leverages existing hardware features to secure hypervisors against such attacks

    • view counter

  • Passwords may be passé, but biometrics is not yet viable for portable devices

    Passwords may be heading toward extinction, but biometric identification is not yet a viable means of authentication for mobile devices; smart phones and other portable devices do not currently have the sophistication to be adapted easily for biometric technology, and users are likely to be reluctant to carry yet another device and its electrical charger along with their smart phone simply to login to their bank account when not at their desktop computer

  • Data protection manager for the cloud

    More and more companies begin to offer cloud security solutions; Iron Mountain offers CloudRecovery links into DPM; Seagate’s i365 business has launched the EVault for DPM 2010 backup and recovery appliance

  • Companies ignore cloud security

    New study finds that few businesses build security into cloud contracts; in fact, three-quarters of businesses surveyed said they had no procedures and policies for using cloud computing; Sixty-eight percent said end users and business managers — not the organization’s IT professionals — are made responsible for evaluating cloud computing vendors

  • Floating security tools make the cloud more secure

    Cloud computing offers efficiency and economy — but the Achilles Heel of the technology is security; where there is a security need there is a business opportunity, and some companies begin to offer cloud security tools, hoping to enjoy the benefits of first movers

  • Cybersecurity incidents in industrial control systems on the rise

    The good news is that only about 10 percent of U.S. industrial control systems are actually connected to the Internet; the bad news is that even with minimal Internet access, malware and breaches are increasingly occurring in utility, process control systems; cybersecurity incidents in petroleum and petrochemical control systems have declined significantly over the past five years — down more than 80 percent — but water and wastewater have increased 300 percent, and power/utilities by 30 percent

  • Congress to address important cybersecurity initiatives

    Congress is setting to tackle important cybersecurity-related issues — including the confirmation hearing on Army Lt. Gen. Keith Alexander to be military cyber commander, markup sessions on bills to fund cybersecurity research and development, and realign the National Institute of Standards and Technology’s (NIST) laboratories

  • First computer forensics private investigation firm opens in Nevada

    Expert Data Forensics is the first computer forensics-only PI firm in the state of Nevada; the firm says it has already helped in almost a hundred clients get the electronic evidence used to make a difference in the outcome of their cases; the data is retrieved from cell phones, PDAs, and computers

  • The 2010 Security Treasure Hunt cybersecurity competition launched in California

    California on Tuesday launched the 2010 Security Treasure Hunt; the online competition is part of a national effort to identify young men and women with the potential to become world-class cybersecurity professionals

  • To avoid cyberwar and protect infrastructure -- fight cybercrime first

    Fighting cybercrime is the first step to avoiding cyberwar, protecting infrastructure; Christopher Painter, the White House’s senior director for cybersecurity: “There are a couple of things we need to do to harden [critical infrastructure] targets” — “But the other thing you need to do is reduce the threat. And the predominant threat we face is the criminal threat — the cybercrime threat in all of its varied aspects”