INFORMATION

Site Map - Cybersecurity

Cybersecurity Checklist for Business Managers

- John Bumgarner, research director for security technology with the US-CCU, says that the idea for the checklist evolved because, despite the number of industry-specific guidances (such as Sarbanes-Oxley and ISO standards), there was nothing aimed at nontechnical managers.

Worth a Look: Computer on a Stick

- COS is a USB token with an entire Linux operating system on it as well as a host of handy applications, including an e-mail client, the Firefox Web browser, and a PDF creator and viewer.

To Encrypt or Not to Encrypt? That is the Question

- Do financial services firms have to encrypt customer data? Also, a computer on a stick, and a cybersecurity checklist for business managers.

A Site To See

- If you are a wireless user, you need to know just how many tools are available to compromise wireless networks. Remote-exploit.org highlights tools such as Hotspotter, which acts like a wireless hotspot so that anyone trying to connect to a legitimate network at, say, Starbucks will attach to the attacker’s access point instead. The tools can be downloaded from the Web site along with detailed tutorials—in some cases, step-by-step Flash presentations that walk users through programs that break wireless encryption protocols or that can crack passwords. The need for information on how wireless networks can be vulnerable makes Remote-exploit.org A Site to See. @ Get there via SM Online.

Data Rivers Overflowing

- With the hurricane season underway—and with memories of last year’s catastrophes still fresh in mind—businesses in areas that are likely to be affected by summer storms are doing whatever they can to secure their premises from damage or destruction. But what about digital assets? The Florida Chamber of Commerce is helping Florida businesses to ensure that their e-mail traffic keeps flowing throughout hurricane season, even if flood waters shut down mail servers. The Digital Disaster Preparedness service is being offered for free by AppRiver, LLC, a Gulf Breeze, Florida-based company that provides e-mail security services. The company will monitor the mail servers of Florida companies that have an Internet domain name and have signed up for the service via the Florida Chamber of Commerce or App River Web sites. If bad weather hits and a company’s mail server goes down, AppRiver will reroute incoming messages to its own data centers in Texas, Virginia, and England until the damaged servers are back up, or until the company asks the mail to be redirected (messages can be made available online if requested). Spam and virus filtering are included. The free service runs through October 31. @ Point your browser to SM Onilne to link to these two sites, where you can sign up for the Digital Disaster Preparedness service if your company is based in florida.www.appriver.com www.floridachamber.com

Defining Moment

- Most bank robbers wear a mask or otherwise attempt to disguise themselves when they carry out their robberies. Likewise, online miscreants are eager to put on another persona when they launch attacks or send spam.

Numbers

- E-mail messages from the fourth quarter of 2005 believed to be spam

Worth a Look: Portable Data Safes

- Software that’s built into the drive provides encryption, an e-wallet function for storing credit card numbers, and single sign-on to applications and Web sites. Data is encrypted using 256-bit AES encryption. A 4-to-40-character password is optional.

Old E-Mail Worms Never Die

- Security and outsourcing, cell-phone risk, e-mail worms, and what’s new in secure portable data devices.

Looking for Secure Outsource Partners

- Security and outsourcing, cell-phone risk, e-mail worms, and what’s new in secure portable data devices.

A Site to See

- Unlike the bricks-and-mortar world, where you can lower your risk of becoming a victim of crime by staying out of dangerous neighborhoods, digital threats are fairly equally dispersed. Crimeware can—and probably does—arrive several times a day into your e-mail’s inbox, and an unpatched computer can pick up a “drive-by” infection simply by visiting an infected site. If you want to learn more about online fraud and crimeware, visit a new Web site from Symantec that offers detailed explanations of well-known as well as nascent threats. It also includes prevention tips and advice about what to do if you are victimized. There are even some demonstrations of phishing, pharming, and Trojan horses, as well as some quizzes that will let you test your knowledge of the online threatscape. The rich resources and explanations make it A Site to See.

Nostalgic for the Days of “My Doom”

- Under Symantec’s system, malicious code is ranked from one to five; the higher numbers—what Turner calls “bell-ringing alarm threats”—represent the threats that cause much immediate damage and are difficult to contain because they are widely distributed. “We’ve only seen six category-three worms in 2005,” Turner says, referring to the most recent statistics compiled in the report, “whereas in 2004 we saw 32.”

Does SSL Lock Trouble In?

- SSL traffic is all but invisible to an enterprise, according to a survey of 319 IT security and networking professionals by Blue Coat Systems. More than 72 percent said they had no way to look inside SSL traffic, a situation that nearly 90 percent of the respondents said was risky, particularly as it can pass through firewalls unseen and untouched.
 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.