Establishing Digital Trust: Don't Sacrifice Security for Convenience
But what rocketed the firm to fame last year was co-founder Mark Russinovich's discovery that Sony had dropped a rootkit onto systems when its customers popped select music CD's into their PCs. Sony's attempt at preventing piracy backfired in the most spectacular way, at least as far as the webosphere was concerned.
Now Mark Russinovich, along with with his kernel security prowess, goes to work for Microsoft, which may be good news for the future of Windows. But what about all those great, free utilities? They're still available, but their ultimate destiny is still up in the air.
In other acquisition news, EMC bought RSA Security for a cool $2.1 billion. What does that kind of dough buy? According to this report, some nice ways to boost EMC's storage security efforts:
https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i EMC said the acquisition adds identity and access management solutions and encryption and key management software to EMC's information-centric security portfolio. The acquisition is expected to be completed late in the third quarter or early in the fourth quarter.
2006 CSI/FBI Survey
Lyne Bourque took a look at this year's CSI/FBI Security survey and finds that the more things change, the more they seem to stay the same. But there is cause for hope, or is there?
On the topic of security insurance, this interesting tidbit bubbled to the surface:
The last financial issue is the question of cybersecurity insurance. You'd think that since we saw things like Katrina and other natural disasters along with some heavy-duty lawsuits over information breaches that more companies would look into insurance but the majority, nearly 75 percent, of the respondents said no to cyber-insurance. It appears that companies are willing to accept risk and deal with it rather than make a monthly payment.
It doesn't have to be an all-or-nothing proposition. Much like the fire alarms that alert you to potential dangers and the home insurance you have in case the fire department can't stop the fire, companies should invest in some sort of data protection from cyberthreats.
Looks like many organizations are braving a hostile world with little in the way of a security net.
Speaking of a hostile world, Jerry Hodgen pleads with workers not to forget their branch offices. While the damage or destruction of a headquarters would be a tough loss, ignoring the first point of contact for your customers can prove to be just as catastrophic.
In the article Disaster Recovery: Did you consider your branch offices?, Hodgen offers some tips on keeping this vital lifeline open regardless of what befalls your company.
In patching news, Microsoft last month patched that dreaded Excel flaw, along with a slew of other vulnerabilities including persistent problems in the way Windows parses some image files.
Another thorn in its side was H.D. Moore, who planned on releasing information on a browser bug a day for the entire month of July. To be fair, other browsers were fair game including Firefox and Mac's Safari.
Odds and Ends
NAC Appliance Tests Traffic Virtually
EIT Toolkit: Startup FireEye's NAC concept is simple: 'If it doesn't infect, let it connect.'
Edwards Disaster Recovery Directory
Book Review: One directory spells out many of the often-overlooked ingredients that go into ensuring your organization's survival in the face of disaster.