Editor's News

Catastrophic issues in security can occur, but there are ways to recover. Speaking at RSA Conference in San Francisco, Bruce Schneier, CTO of Resilient Systems, highlighted the Sony Pictures attack as being an interesting case as it brings catastrophic risk uses to the fore, and not catastrophic as in a life ending sense, but in company terms. He highlighted seven ways in which a catastrophic incident could be dealt with. Firstly he recommended keeping it...

Costa Coffee has informed members of its loyalty scheme that it has detected unusual activity on some accounts. In an email seen by IT Security Guru, it says that it has conducted a full security review and in the interim, removed the ability to access user's Coffee Club account online. It said: “We have already contacted those customers affected and we are taking the additional precaution to reset the account passwords of every Coffee Club...

Partnerships between the USA and UK are important not just for Government, but for other Goverments and for private industry too. Speaking at RSA Conference in San Francisco, Michael Daniel special assistant to the President and cyber security coordinator and Natalie Black, deputy director of the Office of Cyber Security & Information Assurance (OCSIA) at the Cabinet Office, were keen to promote initiatives on enhancing skills, information sharing and success stories, such as the takedown...

Threat intelligence can be a great value-added tool for businesses if it is data collection capabilities are used effectively. Speaking at RSA Conference in San Francisco, Mark Orlando, director of cyber operations at Foreground Security said that there is “a lot more to intelligence than indicators and leveraging it for response”. He said that as a tool for defence, threat intelligence is dead as IDS signatures are not subject to quality control, have a short...

PhishMe has launched a new security solution to offer enhanced visibility into targeted phishing attacks. Named PhishMe Triage, the company said that it will allow security analysts and incident response teams to utilise internal human intelligence against phishing, malware and drive-by attacks. Security operations center (SOC) analysts and incident responders will get live insight into ongoing spear phishing attacks by automating the analysis and orchestrating the workflow to reduce the detection deficit facing their enterprises....

Cryptzone has announced the launch of an access management solution designed to offer a solution for both cloud and hybrid environments. According to the company, AppGate Secure Access enables organisations to adopt software defined perimeter approach for granular security control. AppGate Secure Access makes the application/server infrastructure effectively “invisible” and delivers access to authorised resources only, verifying a number of user variables each session before granting access to an application. Once the user logs out, the...

Centrify has launched a cloud-based privileged identity service to enable users to addresses today’s growing gap in security, visibility and control over privileged accounts. According to the company, Centrify Privilege Service (CPS) adds shared account password management for servers, network devices and Infrastructure-as-a-Service (IaaS) to its flagship Centrify Server Suite. It also addresses security and audit requirements for the management of both cloud-based and on-premises access to critical production systems and applications by remote employees...

A panel of privacy officers at RSA Conference in San Francisco have identified that there will be likely changes due to the upcoming European Data Protection changes. The panelists acknowledged the challenges of launching and maintaining privacy within their environments. Keith Enright, legal director for privacy at Google called the development of Google Glass as “a tremendous learning experience” and said that launching something that allows technologies into someone's lives was “evolutionary and wildly disruptive”. Erin...

Tenable Network Security has announced the launch of SecurityCenter 5, to add continuous network monitoring and “Assurance Report Cards”, an innovation designed to help users measure and communicate the effectiveness of their security program to C-level executives, board members and business managers, helping align security policies with business objectives. The company said that ARCs enable CISOs to measure, analyse and visualise the security posture of their IT enterprise, and report results in an intuitive report...

Government information sharing plans will be of a large benefit to both Government and the private sector. Speaking at RSA Conference in San Francisco. Andy Ozment , assistant secretary of the Office of Cybersecurity and Communications (CS&C) within the National Protections and Programs Directorate (NPPD) of the Department of Homeland Security (DHS), said that there is a need for Congress to clarify its sharing proposals. He said that many companies already are sharing information, and...