Blog

The end of April was a busy time for IT security analysts. April 24th to 26th was Infosecurity Europe (InfoSec) at Earl’s Court, the biggest such trade show in Europe and the following week was the Eskenzi PR annual IT Security Analysts Conference and CISO Forum (a gathering of chief informati ...

Several people have asked me for a response to Eugene Kaspersky’s views on Apple, as expressed at Infosecurity Europe last week, suggesting that Apple is ten years behind on security. But having spent some time on an analysis that no-one has used, I guess I’ll use it here – it ...

By Stuart Lisk  Business continuity remains a major concern for enterprises as they move more mission-critical processes to the cloud. Outsourcing B2B integration while ensuring cloud security in order to effectively integrate business processes is challenging at best, and ambiguous for certai ...

Bring Your Own Device or Consumerization of IT are fairly hot themes in a lot of customer organizations. When I talk to customers, there are typically different reactions, once we bring this up. Some tell us that it is not part of their strategy; some tell us that they plan to do it but that they ha ...

By David Meltzer As a member solution provider in the Cloud Security Alliance, paying careful attention to risk and planning for improvement is second nature for my own companies’ security services. As a consumer of many start-up cloud services built completely outside the security industry, ...

By the (ISC)² U.S. Government Advisory Board Executive Writers Bureau (EWB)   The title of a recent InformationWeek article, “Skills Shortage? Quit Whining” caught our attention. In the article, the author highlights data from a recent Deloitte Consulting survey, which report ...

I missed this info-graphic first time around, so thanks to securecloudreview.com for posting a link.   Like all info-graphics, it makes the process of digesting rather stodgy numbers much more enjoyable. Kind of like a good glass of wine. Or custard, with a jam roly-poly (for those with f ...

Some of the confidence Mac users have in the security of their chosen operating system derives from over-reliance on proactive patching. This outbreak highlights the need to be aware that patching of known vulnerabilities in system software or applications is not necessarily prompt enough to foresta ...

Most IT users will have suffered the frustration of losing work because their access device (PC, tablet, smartphone etc.) fails and has not been backed up, or indeed they may have deleted a file accidentally. This is inconvenient for the individual and those associated with the project they are work ...

By Andrew Wild It’s clear there are many compelling reasons, both financial and productivity-related, for enterprises to move IT functionality into the cloud, so it’s not surprising that they’re moving quickly to adopt popular collaboration services like Box.net, Yammer, Jive, and ...

If you follow my Mac Virus blog, you’ll have noticed that I’ve been tracking some of the coverage of Mac malware incidents to hit my radar in the last couple of weeks. In fact, hits on Mac Virus have been skyrocketing in the past 24 hours, so perhaps this a good time to recap on a couple ...

A recent law enforcement sting corralled 25 alleged members of the Anonymous hacktivist group. As it turns out, the information fed to the FBI and other participating agencies came from within: Hector Xavier Monsegur (aka, ‘Sabu’) leader of the Anonymous offshoot LulzSec, had appare ...

Quocirca has written extensively about privileged user management over the years, including two research reports Conquering the sys-admin challenge in 2011 and Privileged user management – it’s time to take control in 2009. One of the dangers highlighted in both reports is that if privil ...

I’m guessing that the myth of OS X invulnerability to malware is pretty much busted by now: at any rate, there has been wave after wave of OS X-related malware reports in the past week or two. Sophos were the latest big name to weigh in on the OSX/Imuler malware that DrWeb, Intego, ESET and yo ...

By Chris Hinkley Cloud Security is not a myth. It can be achieved. The biggest hindrance on debunking this myth is for enterprise businesses to begin thinking about the Cloud differently. It is not the equipment of co-location dedicated servers, or on-premises technology, as it is changeable, flexi ...

By the (ISC)² U.S. Government Advisory Board Executive Writers Bureau (EWB) At a recent GOVERNING Conference in DC, state and local jurisdictions discussed the recent collapse of agency information technology (IT) staffs in an effort to save scarce financial resources. Among the reported casu ...

Intego recently posted some information on its blog concerning the Imuler information-stealing Trojan. The variant that Intego calls OSX/Imuler.C uses a different stealth/social engineering technique to that used by previous variants. It seems to be intended to spread via .ZIP archives containing th ...

In recent Quocirca research, businesses report that on average their system administrators (sys-admins) make errors carrying out about 6% of tasks. This might not sound like much, but actually it adds up to quite a big number. If system administrators carry out and average of 10 tasks per day, or 5 ...

I was driving home today from a conference on online copyright enforcement, and in case you missed our frenzy of Tweets ( #copyrightcitp) live from the event, I promise to write more about it in our upcoming news feature on anti-piracy legislation. But this blog is not about digital pirates. My att ...

I believe security professionals have something special – they have the knowledge to effect change, and to assist our individual communities, societies, and with proactive willingness to engage, to make that difference, no matter how small, to help secure those who may be exposed to bad things ...