Evidence that criminals are targeting the computer systems of small businesses continues to mount. The Wall Street Journal recently drew attention to the way cybercriminals are sniffing out vulnerable firms. The article highlighted the fact that about 72% of the 855 data breaches world-wide last year that were analyzed in Verizon's Data Breach Investigation Report
With the recent announcements of password breaches at LinkedIn, and warnings from Google about state-sponsored attacks on Gmail accounts, it seems like a good idea now to review some password security basics. In this blog post, we’re going to take a look at a rather low-tech solution to a decidedly high-tech problem: How to guard
Security can't be purely the responsibility of the government, the police, the security industry, the ISPs, the public sector, private industry, or any permutation thereof.
An emerging information security threat highlighted this week by Róbert Lipovský, namely theft and abuse of digital certificates by malware creators, serves as a timely reminder that these certificates are highly valuable digital assets that should be accorded the highest levels of protection. If your company uses certs purchased from root authorities such as Verisign,
The news that Japan's top defense contractor and weapons maker, Mitsubishi Heavy Industries, fell victim to cyber attacks in August is likely to increase the pressure to improve information system security from Tokyo to the Pentagon and every government contractor, outside vendor, and supplier in between. As pointed out in the Reuters report, the Japanese contractor–commonly
Nearly three years old, the Conficker worm continues to pose a threat to PCs. Aryeh Goretsky wants to know why this is, and what can be done about it.
...So here are what we consider to be the 10 commandments of corporate security...