1. Articles in category: Cyber Security

    121-144 of 147 « 1 2 3 4 5 6 7 »
    1. Why IBM lets certain countries, including China, review its source code

      IBM said on Friday it allows certain countries to review, under strict control, portions of the U.S. technology company’s product source code to detect any security flaws in its software. China is among those countries, a person familiar with the company’s policy there said. Cybersecurity has been a major source of friction in U.S.-China ties, with both sides accusing the other of abuses. IBM has been more willing to strike closer partnerships with China’s government than many other U.S. tech companies, the Journal report said.

      Read Full Article
    2. What will the CISOs of 2020 look like?

      Ever since its inception in the late 1990s, the CISO job has tended to be a very technical job. The CISO would likely report to the CIO and have a varied background as a system or network administrator, or perhaps as a security analyst in a security operations center (SOC). Almost all CISOs were male, with either experience in computer science or perhaps as a senior manager in the military.

      Read Full Article
    3. When it comes to security, trust but verify

      It's time to rethink a bunch of security truisms, Gartner analysts said at the company's annual Symposium/IT Expo here this week. The security rules companies have relied on for decades are ready for retirement. These include: Prevention is better than cure, humans are the weakest link, and access should be limited to just an employee needs to do his or her job. These old saws have been "exploded" by today's tech trends, said Tom Scholtz, Gartner research vice president.

      Read Full Article
    4. Developers find themselves in hackers’ crosshairs

      Attackers have long targeted application vulnerabilities in order to breach systems and steal data, but recently they’ve been skipping a step and going directly after the tools developers use to actually build those applications. Consider the news that broke earlier this year that entailed how the CIA allegedly attempted to compromise Apple’s development software Xcode.

      Read Full Article
    5. Coding In The Cloud Era Demands A Structural Rethink To Bake In Security And Privacy

      Protecting privacy in an age of big data, cloud processing and increasingly interconnected digital services demands a structural shift in how software is developed.  That’s the view of academic Jean Yang, who holds a PhD from MIT and has been conducting research around data privacy for several years – including devising her own programming language, called Jeeves, which centralizes how privacy policies are handled in order to take the burden of correct enforcement off the shoulders of individual programmers.

      Read Full Article
    6. Hack iOS 9 and get $1 million, cybersecurity firm says

      Zerodium, an exploit acquisition company, promises to pay $1 million to researchers who can provide it with an "exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices." Zerodium extensively analyzes and documents all acquired vulnerability research and provides it, along with protective measures and security recommendations, to its clients as part of the Zerodium Security Research Feed (Z-SRF).

      Read Full Article
    7. How to fight denial of service - choose your battles, save your dollars

      Denial-of-service (DoS) attacks are probably the scariest online attack a business faces. Not because of the amount of damage done (data breaches are typically much more costly), but because there is so little you can do about them. Earlier this year, I surveyed my collegues to find out what they considered the number one critical security topic. DoS was the unanimous winner.

      Read Full Article
    8. Where does security fit in bi-modal IT departments?

      When restructuring an IT department, the recent trend has been to look at possibly breaking it into two factions. One group that handles the daily tasks by putting out fires, and one that looks ahead in trying to create a new landscape that is immune to those fires. The bi-modal idea has its benefits and its pitfalls but the determination seems to come down to the size of the enterprise. In the mid to smaller companies, there is not the luxury of splitting the security group out into subgroups. In the bigger companies the question becomes where do the security ...

      Read Full Article
    9. How to make money from open source software

      Last month we looked at the argument that the open source business model is flawed because selling maintenance and support subscriptions doesn't provide companies with enough revenue to  differentiate their products from the underlying open source software or to compete with the sales and marketing efforts of proprietary software companies. "Peter Levine talked about conventional open source business models using the GPL license where you can't monetize software so you struggle to raise money to invest in innovation," Raskin says. But he points out that companies can use other open source licenses which do allow the monetization of ...

      Read Full Article
    10. Retail CIOs become heroes with the help of CMOs

      In today’s hyper-competitive retail universe, striving to satisfy customer demands is more important than ever. Savvy consumers are always on, moving easily between smartphones, desktops and brick-and-mortar locations – and they expect retailers to keep up, no matter at what point-of-purchase they choose to interact. To deliver the kind of seamless experiences these customers want retailers know that fostering technology innovation is essential. However, IT departments are also keenly aware of the need for strong data security, governance and cost efficiency. To strike this important balance, CMOs and CIOs realize that they need to come together to collaborate and drive ...

      Read Full Article
    11. We’ll see you, anon

      Can big databases be kept both anonymous and useful? The anonymization of a data record typically means the removal from it of personally identifiable information. Names, obviously. But also phone numbers, addresses and various intimate details like dates of birth. Such a record is then deemed safe for release to researchers, and even to the public, to make of it what they will. Many people volunteer information, for example to medical trials, on the understanding that this will happen. But the ability to compare databases threatens to make a mockery of such protections.

      Read Full Article
    12. Data security, the achilles heel of DevOps

      Survey finds speed and quality in software delivery are the name of the game in DevOps. But does data get put at risk? There has been overwhelming momentum to the practice of DevOps in recent years, and for good reason.  However, it takes data to test and ensure that everything is running properly, and all too often that data comes out of live production systems. Once data leaves the data center, there's less assurance that it is being managed in a secure way. 

      Read Full Article
    13. New data uncovers the surprising predictability of Android lock patterns

      The abundance of password leaks over the past decade has revealed some of the most commonly used—and consequently most vulnerable—passphrases, including "password", "p@$$w0rd", and "1234567". The large body of data has proven invaluable to whitehats and blackhats alike in identifying passwords that on their face may appear strong but can be cracked in a matter of seconds. The Tic-Tac-Toe-style patterns, it turns out, frequently adhere to their own sets of predictable rules and often possess only a fraction of the complexity they're capable of. 

      Read Full Article
    14. AT&T helped the NSA spy on the UN's internet traffic

      It's no secret that telecoms have cooperated with the US' surveillance efforts, but at least one was unusually eager to help out. Thanks to Edward Snowden leaks, both the New York Times and ProPublica have discovered that AT&T not only agreed to aid the National Security Agency's spying campaigns for decades, but has shown an "extreme willingness" to participate. It was the first to start forwarding internet metadata (like email participants) to the NSA in 2003, and was quick to offer call metadata in 2011. 

      Read Full Article
    15. Global privacy advisory market topping $3B

      How much do companies around the world spend each year on data privacy services to fix the problems we read about in the headlines every day? Nobody as far as I can tell has published an answer to this question. So this month I set out to pull together the best available data points on the market. What did I find out? The first discovery was that you need to define what you’re estimating. Because no one before Computerworld has sized up the privacy sector, that task falls to us.

      Read Full Article
    16. Why every CIO needs a cybersecurity attorney

      Cyber security has long been one of the main issues keeping CIOs awake at night. Now, with the number of high-profile cyber attacks seeming to increase each month, security is haunting IT leaders during the daytime, too. Distinguishing the technical experts from those responsible for legal obligations and risks will help companies develop better breach response plans. Understanding the role of an external cybersecurity firm will only help.

      Read Full Article
    17. Hornet Tor alternative for high-speed anonymous browsing revealed

      Academics have developed a Tor network alternative for users which allows for high-speed anonymous web surfing. This week, researchers presented Hornet, a high-speed onion routing network which leverages next-generation architecture to make user tracking more difficult. The low-latency onion routing system enables end-to-end anonymous channels and has been designed as a quicker and more secure alternative to Tor.

      Read Full Article
    18. CIOs need to reboot supplier relationships

      While large amounts of IT spending still goes to maintaining systems from the big four software providers - IBM, Microsoft, Oracle and SAP - all the real innovation seems to be coming from elsewhere. At the same time, experts are talking about "bimodal" or two-speed IT, where back-office IT systems that support corporate "systems of record" applications, are separated from a more agile, customer-facing IT function, working directly with the business on social, cloud, big data and mobile initiatives - so-called systems of engagement. As a result, what it means to be in IT is changing. 

      Read Full Article
    19. The Secret to IT Business Alignment

      The Secret to IT Business Alignment

      In my interviews of CIOs, they have told me that connecting what IT is doing to business strategy remains their highest priority, even above things like improving technical orchestration and overall process excellence. Being a CIO today is clearly more about business alignment than technology alignment. One CIO I spoke with recently said that this means that “CIOs and their teams need to understand their firm’s business problems almost as well as they understand their implementation of information technology.” I couldn’t agree more!

      Read Full Article
    20. Hacking Team gets hacked; invoices suggest spyware sold to repressive govts

      Hacking Team gets hacked; invoices suggest spyware sold to repressive govts

      A controversial company that sells weaponized spyware has been penetrated by hackers who claim to have plundered more than 400 GB worth of e-mails, source code, and other sensitive data—including invoices showing that the firm has done business in countries ruled by highly repressive governments. Italy-based Hacking Team has long denied selling to nations with poor human rights records.

      Read Full Article
    21. Encryption's holy grail is getting closer, one way or another

      Encryption's holy grail is getting closer, one way or another

      Whether it's a reaction to the Snowden revelations, a reaction to the continual news of massive data breaches, or just the obvious need to secure data in the cloud -- or all of the above -- new technologies for working directly on encrypted data are getting plenty of attention. Working with encrypted data without decrypting it first sounds too good to be true, but it's becoming possible.

      Read Full Article
    22. MasterCard to trial using selfies as authentication

      MasterCard to trial using selfies as authentication

      MasterCard users may soon be able to pay for online purchases with their face or finger, with the payments giant to begin experimenting with facial-scan technology as well as fingerprint identification in an attempt to eliminate digital fraud. According to a report by CNNMoney, MasterCard will launch a pilot program with 500 participants over the next few months to develop the infrastructure to approve purchases without the need to enter a password.

      Read Full Article
    23. Is the Internet of Things over-hyped? ; Attention IT managers: Mainframers need your love too

      Is the Internet of Things over-hyped? ; Attention IT managers: Mainframers need your love too

      Is the Internet of Things greatly over-hyped? Technology experts speaking at a recent panel suggest 'yes', and stated the trend should really be called the Internet with things. As noted by CIO, panelists said there are still a number of issues that stand in the way of many devices and items joining the inter-connected world. Chief among them are issues related to security, standards, trust and privacy.

      Read Full Article
    121-144 of 147 « 1 2 3 4 5 6 7 »
  1. Popular Articles