Search Results

This story was originally published on Nov. 15, 2013, and is brought to you today as part of our Best of ECT News series. ...

By now, if you're an IT professional and you're in an organization that has the Payment Card Industry Data Security Standard in your scope -- that is, you store, process or transmit credit card data -- you probably already know that an update to the standard, Version 3.0, was released late last year. ...

As most security and compliance pros already know, PCI 3.0 is now officially out ...

The Internet of Things has been receiving quite a bit of attention. Definitions vary, but at its core the concept is a simple one: Extend computing and data-processing capability to the physical world around us. The earliest manifestations of this are starting to be seen already in the growth of smart devices: televisions, automobiles, appliances, electric meters, etc.

As the prolific trend of adoption would suggest, the case for cloud is compelling from both a business and technology perspective. There are a number of reasons for this, but one of the more compelling reasons from a technologist's point of view has to do with the ability to abstract lower levels of the application stack. ...

It seems cloud has gone from "emerging" to "entrenched" faster than any technology in recent memory -- and much of cloud adoption is of the Software as a Service variety. For example, 71 percent of the organizations that responded to a 2012 Gartner survey had been using SaaS for less than three years, highlighting just how quickly enterprises were adopting. ...

By now, most organizations have adopted cloud. Increased and widespread adoption as well as expansion of existing deployments are reflected in surveys such as the 2013 Future of Cloud Computing Survey from North Bridge Venture Partners and GigaOm. This suggests that if you're a technology pro and your organization is like most, you've already spent considerable time addressing how to field cloud in a secure way. ...

For most technologists in the enterprise nowadays, cloud is a pretty big deal -- and securing it can be an even bigger deal still. Security was the top concern of 46 percent of respondents to a recent survey by North Bridge Venture Partners (The Future of Cloud Computing). While this number is actually down from last year's 55 percent, it does underscore the relative importance of security in these efforts. ...

This past week, a lesson about enterprise information security found its way to me via a somewhat unorthodox channel: specifically, an episode of Gordon Ramsay's Kitchen Nightmares. If you haven't seen it, the premise of the show is that Ramsay shows up at a restaurant -- usually one "in crisis" -- and leverages his experience to put it on track. ...

Did you know Julia Child was 37 before she learned to cook? It was a full decade later that she first set foot in front of a television camera. Before becoming the phenomenon we all know, she'd already had quite a career: She'd worked as a typist, an advertising copywriter, and later as a researcher in the intelligence community (for which she was awarded a civilian medal). ...

Everyone knows that protecting an organization's technology footprint has always been a delicate balancing act. Nowadays, literally everything about a given organization's technology portfolio is in a near-constant state of change; technologies change, usage changes and the threat landscape changes. Changes come at higher frequency -- and at increasing scale.

Sometimes you can do everything right and still run into trouble. To see this in action, pay attention the next time you're driving at dusk -- for example during an evening commute, if you have one ...

If you're a technology professional in a small or mid-sized business, chances are pretty good that information security is something you've had on your radar for quite a while now. ...

For folks on the East Coast of the United States, the past few weeks have been pretty intense. Between hurricane Sandy and the associated fallout -- flooding, lack of public transportation, power outages, dark cell towers -- many firms in impacted areas have experienced firsthand the value of their BCP -- business continuity planning -- and DR -- disaster recovery -- planning efforts...

Technology professionals who work in and around SMBs know that sometimes bringing up information security in a smaller IT shop can be a tough sell. In many cases, SMBs feel that they don't present an attractive or large enough target for hackers to be interested in them ...

As almost everyone has probably already noticed by now, there are some radical changes going on in the way that organizations purchase, manage and use technology. Since IT is (by its very nature) adaptive, this is not totally unexpected. However, even though we expect technology to change, there are periods when it changes faster than others. And right now, changes are coming quickly: between virtualization and cloud, mobile and BYOD, VDI, large-volume storage and the slow uphill push to Exascale computing, IT is in a period of transition. ...

Most cars nowadays come with driver and passenger airbags. It's a great safety feature that's helped save numerous lives since installing them routinely has become the norm. But sometimes, though it is rare, airbags fail to deploy even when circumstances arise where they should. Ask yourself: How would you know the difference between an airbag that works compared to one that doesn't? The "airbag" light may be on, everything might appear to be working, but do you actually have any hard evidence that the system works? Short of actually crashing the car to test it, the answer is probably no...

Most security professionals are probably very comfortable with using open source tools to implementtechnical security functionality. From nikto to snort to openssh -- there are literally hundreds of well-known, sophisticated, open source tools that perform useful and critical security functions. ...

If you're in IT and your job involves securing your organizations' infrastructure, you've probably spent a good deal of time thinking through control selection -- in other words, picking the controls that most directly help you accomplish the goal of securing your environment. And you've probably also spent an equally large amount of your and your staff's time evaluating how the controls you've selected perform. ...

Information security has changed a lot over the years. Way back in the dinosaur days, life was simple. Companies set up a firewall at the border and life was good. Bad guys stayed on one side of the fancy flashing box, and our personnel lived in the pristine, attacker-free paradise on the inside. ...