Last weekend the Washington Post published an analysis showing how the notorious Stuxnet worm could become the model for a cyber attack on US infrastructure. The article quotes former US energy regulators and industry experts who share concerns about future cyber weapons that use Stuxnet as the blueprint to cause devastating…
When it comes to handling insider security threats, casino industry IT professionals face challenges that set them apart from peers in other markets.
The article includes details of how Commerzbank – Germany’s second largest banking institution – safeguards its infrastructure from insider threats using a combination of Enterprise Random Password Manager from Lieberman Software and ArcSight Enterprise Security Manager.
The important thing to know is that Identity and Access Management (IAM) systems generally don’t provide either PIM or PUM capabilities since privileged identities are associated with hardware and software assets, and not with the individual user identities controlled by IAM.
This week there was speculation in the press that the infamous Stuxnet worm is actually purpose-built malware designed to cripple a single targeted institution: Iran’s Bushehr Nuclear facility.
For the most part, PCI-DSS is a good idea that improved the overall security of credit card payment handlers. However, PCI security flaws exist.
A recent New York Times article, “A Strong Password Isn’t the Strongest Security,” offers a great assessment of the complacency of many IT security professionals. The assertion that password strength is not as important as protecting passwords against interception has some real validity. However, user logins are just one aspect…
Now that we’ve reached the last real month of summer the US vacation season will slowly wind down. However if the 2010 Global Security Report from Trustwave is any indication, the hospitality industry won’t feel relief from hackers anytime soon. According to the multi-industry report, hackers infiltrated hospitality services more…
Paul Roberts posted an interesting story on Threatpost about the limitations of conventional password security.
Not surprisingly, the research also identified the misuse of privileges as the top threat vector for the year. Even less of a surprise is the fact that database servers were the top target in terms of both the number of breaches (25%) and volume of records (92%).