IT Security Training News, Articles and Updates

Real threats start with humans, not technology

When the two IPs meet (intellectual property and internet protocol) the value of the business becomes vulnerable says Dave King, with IT often just providing a sticking plaster to hide C-suite ignorance.

10 steps to mitigate a DDoS attack in real-time

Get your contingency plan in place before you suffer a DDoS attack, says Gary Newe, suggesting that you prioritise revenue generators and work through the plan calmly and systematically.

Enterprise IT systems widely compromised

Businesses too complacent with software security education - Bola Rotibi, ISC(2) board member

SC Congress London: Bottom-up security awareness has C-level benefits

A stellar panel of infosec experts told a packed audience at SC Congress London on Thursday that security awareness can play an integral role in educating C-suite on threats coming from inside and outside the company.

A race for supremacy in information security

Some may say that the lack of a recognised entry qualification for the information security industry is a good thing, for while professionalising ensures a baseline of competence, it can also be a barrier to talent from unexpected quarters.

UK Government gets serious about cyber security education

The UK Government is stepping up plans for developing the cyber-security sector, with support for students and teachers.

Capgemini and Aston University launch IT university degrees

IT consultancy Capgemini has teamed with Aston University to offer two work-based BSc degrees in software engineering and information systems.

US debuts cyber security framework to protect critical infrastructure

The Obama administration has launched the Cybersecurity Framework, which aims to educate organisations on the risks facing critical infrastructure systems.

One in four UK office workers don't know what phishing is

The ignorance of most UK office workers about phishing, one of the most lethal forms of cyber threat, has been revealed in a new study.

Careless staff beats theft and malware as biggest CISO fear

Careless employees are the biggest security concern for IT professionals, research shows, prompting calls for CISOs to step up staff education and the use of technology.

League table Go-Ahead

In a special one-off case study linking our themes of PCI compliance and security spend, Random Storm technical director and co-founder Andrew Mason describes to SC a case study that tackles both issues with the aid of league tables.

BYOD: Facing up to the inevitable

Businesses can accept employee device promiscuity without causing difficulties for IT management, says Centrify's Darren Gross.

IT security job shortage: Youth may not be the answer

A New Year means new jobs for IT security experts.

IT under threat from 'major' cyber attacks

IT departments are short on time and security tools, and are under more threat than ever before.

RSA: Cybercriminals keeping up with banking safeguards

Threats are becoming more sophisticated, and cybercriminals are getting smarter at evading new authentication controls, according to an RSA Conference panel of security practitioners representing three major financial institutions.

Trustwave branches out into application pen-testing

The security services company is to try to help enterprises protect their web-based apps from attacks like SQL injection, buffer overflow and cross-site scripting

Firebrand launches disaster recovery training

How to prepare a disaster recovery plan and DR policy plus how to assess risks are among the topics taught at a residential training course aimed at security professionals

SPI Dynamics creates script-based, self-propagating website vulnerability scanner

A security researcher on Saturday is set to unveil the first website-scanning script, a tool which allows attackers to gain control of infected users' web browsers and drastically reduce the time it takes to search the web for vulnerabilities.

RSA Conference 2007: Does end-user education work?

Educating consumers about internet risks is a dicey proposition, one security expert said during a panel at RSA Conference 2007 in San Francisco.

RSA Conference 2007: Don't worry, be happy to achieve security agenda, says ConAgra Foods risk exec

Smile, relax, listen and exude confidence — but keep that ego in check. Oh, and don't forget that morning pep talk with yourself.

IT security industry gathers at RSA Conference 2007

Security professionals from around the globe gathered in San Francisco today to kick off RSA Conference 2007.

Experts say global cooperation key to fighting cybercrime

International cooperation among law enforcement agencies is key to taking the allure from cybercrime, a panel of experts said today at a Kaspersky Lab-sponsored breakfast in New York.

Data security firms start Payment Card Industry Vendor Alliance

A handful of data security companies announced they're forming a new alliance to advocate for firms who must comply with the payment card industry data security standards (PCI DSS).

Webroot: Windows Vista is more secure, but not secure enough

Windows Vista may be hailed as Microsoft's most secure operating system to date, but the platform contains weaknesses in its default anti-malware capabilities, one security vendor has concluded.

Academics warn of fingerprint biometrics weaknesses

Experts from the University of California, Davis warned this week that the reliability of fingerprint biometrics has declined considerably due to technological concerns and a growing world population.

Sophos: U.S. still world's spam leader; attackers warm to web threats

While the percentage of infected emails declined significantly last year, web-related threats rose significantly, reported researchers at Sophos this week.

No slowing growth of image spam in 2006

The use of image spam continues to grow, now accounting for as much as two-thirds of all spam, security researchers said this week.

Spammers hijacking legit newsletters

Newsletter creators aren't the only ones hoping their products don't get caught in spam filters now that hackers have begun using newsletters to launch spam.

Court orders to limit pop-ups

A U.S. District Court in California has ordered a movie download service to stop barraging users with pop-up advertisements.