Editor's News

Cyber security remains a major priority for the US Government, but it continues to struggle with encrypted traffic. Speaking at RSA Conference in San Francisco, secretary Jeh Johnson from the Department of Homeland Security (DHS) said that advancing the security mission is a top goal for the Government and while it does not have all the awarness or talent, he said that cyber security must be a partnership between Government and the private sector. “We...

Security needs fresh direction and perspective and five areas to resolve it have been identified. Speaking in the opening keynote at RSA Conference in San Francisco, RSA President Amit Yoran referred to the character Morpheus from the Matrix, who said there is a “difference between knowing and walking the path”, and the path forward requires knowing but not changing how we operate. Identifying five key areas on navigating the new terrain, Yoran listed these as:...

A lack of visibility and the failure of security incident and event management (SIEM) technology to work efficiently has harmed business. Speaking in the opening keynote of RSA Conference in San Francisco, RSA President Amit Yoran said that security remains in the dark ages, and we are at an inflection point “where technology can create its own detsiny and the results of which we cannot predict”. Referring to 2014 as the year of the “mega”...

In an effort to broaden reach of threat intelligence sharing, HP will now integrate threat data from AlienVault Open Threat Exchange (OTX) to HP Threat Central, its cloud-based threat intelligence sharing and analysis platform. The collaboration will be reciprocal, as AlienVault also intends to integrate data from HP Threat Central into OTX. As part of the joint effort, AlienVault OTX and HP Threat Central intend to offer users broader access to anonymised, analyzed and validated...

Dating website Match.com has been revealed to not be using SSL to protect user data. According to Ars Technica the dating site does not use HTTPS encryption to protect its login page, potentially allowing anyone with a man-in-the-middle vantage point to pilfer the credentials. Ars reader Scott Bryner, alerted Ars to the issue, but it is unclear exactly how long the site has failed to encrypt user credentials. Bryner provided the screenshot immediately above this paragraph,...

More partnerships with academia and better traning and mentoring are needed to help reduce the skills shortage. Speaking on a panel at RSA Conference 2015 in relation to the (ISC)2 Global Workforce Study, Angela Messer, executive vice president of Booz Allen Hamilton said that better and increased partnerships with academia, not for profit organisations and Government, and working with our own employees is a solution. “We are starting back in middle and high school and...

Raytheon is to acquire 80 per cent of Websense from its parent Vista Equity Partners to form a new company combining Websense TRITON with Raytheon's advanced cyber security technologies. With an initial investment of $1.57 billion in net cash for majority ownership of the new company, which Vista will also invest into too, the new company will provide broad set of defense-grade solutions. Following successful completion of the transaction, the new company will be a...

Better voluntary coordinated collaboration will be achieved if “smart people can coordinate their actions”. Speaking at BSides San Francisco, Allan Friedman said that as individuals cannot make decisions and expect a free hand to fix it and role of Government is to understand market failures, paricularly in this space, there are a lot of questions at to where the market and Government are. “There are decisions people fail to make,” he said. He said that...

Northrop Grumman and the Cyber Security Challenge UK will today hold the National Finals Competition of CyberCenturion, UK’s first national cyber security competition for 12-18-year-olds.   With eight teams of teenagers descending upon the National Museum of Computing at Bletchley Park, their task will be to protect sensitive customer data and valuable intellectual property for a fictitious video games company under attack by rival businesses trying to steal valuable industry information.   Candidates got to...

Open source projects would benefit from a funding system that would secure funds for future development.   Chris Wysopal, CTO of Veracode, said that the model which Wikipedia uses to ask for cash donations could work for open source projects to ensure that a developer could be paid to fix future escalating flaws.   He said: “I wonder if when you downloaded OpenSSL, it said ‘donate $1 to make sure that there is a security...