Late last year, when I interviewed Google Apps senior security manager Eran Feigenbaum and his marketing partner, Adam Swidler, they talked up Google's place in cloud computing and how it was in a prime position to make a difference with cloud security.
Bill Brenner | 20 May | Read more
Research from security vendor Finjan Inc. suggests enterprise IT shops are losing the war against those who would hijack company computers for botnets. Almost half the victims appear to be in the U.S. -- most using Microsoft's Internet Explorer (IE) browser.
Bill Brenner | 05 May | Read more
From a security perspective, service oriented architecture (SOA) is a tricky thing. It's not hard for bad guys to compromise it with SQL injection, capture-replay and XML denial-of-service attacks, which they can ultimately use to bust through walls around a company database.
Bill Brenner | 07 May | Read more
IT security administrators have had a fairly easy case to make against such social networking sites as Myspace in the past. Myspace in particular tends to be a place for the mostly personal, and some profiles are simply front companies for online mobsters and malware pushers.
Bill Brenner | 16 Apr | Read more
Security experts say it all the time: If a company thinks it has suffered a data security breach, the key to getting at the truth unscathed is to have a response plan in place for what needs to be done and who needs to be in charge of certain tasks. And, as SANS Institute instructor Lenny Zeltser advised in CSOonline's recent How to Respond to an Unexpected IT Security Incident article, "ask lots and lots of questions" before making rash decisions.
Bill Brenner | 16 Apr | Read more
The perpetual proliferation of botnets is hardly surprising when one considers just how easy it is for the bad guys to hijack computers without tipping off the users.<br/>
Bill Brenner | 16 Apr | Read more
A cybersecurity bill may be filed in the U.S. Senate expanding government enforcement to the private sector. Security practitioners say more oversight of critical infrastructure wouldn't hurt. But anything more than that probably would
Bill Brenner | 09 Apr | Read more
Orbitz CISO Ed Bellis says penetration testing is a valuable tool in his data loss prevention arsenal. But it won't help him find everything.
Bill Brenner | 02 Apr | Read more
Sure, there was hype leading up to the Conficker catastrophe that never came. But Bill Brenner thinks security vendors and their PR reps deserve some credit for restraint this time around.
Bill Brenner | 02 Apr | Read more
We all know the economy is in bad shape. At SOURCE Boston 2009, Martin Roesch and other security industry heavyweights offered these tips for surviving the bad times and preparing to thrive when skies brighten.
Bill Brenner | 19 Mar | Read more
A couple security bloggers suggest Bill Brenner spreads FUD in a column that's supposed to be anti-FUD. Why he agrees -- to a point.
Bill Brenner | 19 Mar | Read more
A Symantec/Ponemon report points to an ominous byproduct of the economic crisis: laid-off employees stealing data in acts of vengeance. Bill Brenner is skeptical of this report's news value.
Bill Brenner | 25 Feb | Read more
Kaspersky Lab and F-Secure were up-front in acknowledging recent hacks against them, but the negative fallout is still justified.
Bill Brenner | 19 Feb | Read more
Two members of Google's application security team explain why the future belongs in the computing cloud -- and how Google Apps is dealing with the constant barrage of security threats.
Bill Brenner | 18 Dec | Read more
Companies that suffer serious security breaches have almost always committed one (or all) of 7 deadly security sins. Is your company guilty?
Bill Brenner | 11 Dec | Read more