IT Security and Compliance Blog Archive
Read the news, developments and opinion pieces from years gone by about IT security and compliance from industry experts New Net Technologies.
eBay forcing users to change their passwords after systems were compromised earlier this year, shows that all retailers need to up their game when it comes to the operation of security best practices.
XP support has ended – How long have you got before your systems are hacked? All good things must come to an end and, as of 8 April, Microsoft Windows XP has finally been lain to rest in the Microsoft graveyard alongside Windows 2000, NT, 95 and all the other legacy products where development has ceased.
It may be that organizations are beginning to realize that traditional information security defense mechanisms are not sufficient against cyber criminals with constantly changing threat tactics. Even so, in this evolving threat landscape, many organizations are not utilizing the best protection to prevent cyber-attacks.
As such, when users are ‘over-privileged’ in terms of rights and permissions there is an even greater danger that they will be empowered to do far more damage to an organization if they fall victim to such a phishing attack or other malware infection.
A recent study suggesting that 41% of organizations are planning to increase their IT security budget by 16% in 2014 will, of course, comes as welcome news to those who operate within the industry.
Interesting article in Business Computing World resonated with our views on the threat landscape of today and why a real-time file integrity monitoring approach is increasingly being seen as an essential security best practice.
This opinion piece is receiving coverage in a number of publications and has ignited the debate about just how effective anti-virus is today and why file integrity monitoring is now essential.
Making a distinction between external and internal threats is becoming increasingly difficult and less and less relevant. The issue of internal security threats was highlighted by Geoff Webb's article this week.
Predictions that the IT security industry is set to expand tenfold over the next 10 years will, of course, come as welcome news to those who operate within the industry, but the imperative for more investment now has never been greater, if corporations are to counteract the present threats that are very real and ongoing.
For anyone rolling their eyes at the advent of Version 3 of the PCI DSS and believing that the need to protect cardholder data is old news, this is a reminder of why the standard is as important as ever.
Reading this article today, there were two aspects that stood out, the first being the fact that phishing attacks have increased by so much.
Comprehensive ‘change detection’ control and enhanced IT security can now be delivered to any Service Desk system through seamless, two-way integration with NNT Change Tracker Enterprise.
For a long time, much to the annoyance of QSA firms working with PCI Merchants and card payment processors, the PCI DSS suggested that Tripwire® should be used for FIM. That has long since changed.