You are the content you publish.
Sign up with Facebook
Sign up with Twitter
I don't have a Facebook or a Twitter account
Start a free trial of Scoop.it Business
The time and energy to optimize a service or process is often seen as an unaffordable luxury, says Jesse Bowling senior information security engineer, American University.
Are you sure you want to delete this scoop?
What skills, background and education does a security executive need if they want their career to evolve?
National Cyber Security Awareness Month is just 3 months away. Have you started planning events and activities for your campus yet? Join EDUCAUSE and NCSA as we celebrate the 11th annual #NCSAM this October.
From smartphones that know you’re near to tattoos and even pills, high-tech companies are busy replacing pesky strings of text with easier ways to authenticate. Check out the future here.
Ten cyberexperts offer up their best ideas for stemming the threats we face when it comes to digital security.
The pace of change for Information Technology is challenging established notions of "What is IT?" and "What is Information Security in the modern age?" For one example, the "new" data center technologies such as virtualization, Software-Defined Networking (SDN), service-oriented delivery models, and cloud computing have radically changed the typical IT infrastructure from a defined set of assets owned and controlled by the organization to a constantly fluctuating roster of resources that can come and go from IT department visibility and control.
As this has occurred, we have witnessed the equivalent of a Cambrian Explosion of new Internet-connected life forms--mobile devices, tablets, sensors, actuators, home appliances, monitoring systems, content access devices, and wireless terminals. Applications running on these devices range from recreation to services critical to the functioning of our social and economic infrastructure. Put it all together, and we expect that world population of Internet-connected devices will grow from today's 10 billion to over 50 billion by the year 2020.
From a security point of view, these IT changes, including the expansion of Internet-connected devices, lead to a corresponding increase in attack surface. Instead of the mission of protecting a reasonably known and enclosed IT perimeter, we now must be ready to secure any connected device humans can make against any threat a hacker can innovate. Clearly, using established security practices, except on a larger scale, will not suffice.
Plainly said, we need to think differently about cybersecurity.
Maintaining security on campus may at times appear to be an intractable problem. Yet, a recent survey by the security-focused SANS Institute suggests that some schools may be bringing on their own problems.
Original SANS Report: https://www.sans.org/reading-room/whitepapers/analyst/higher-education-open-secure-35240
If private companies don't improve their security efforts, the agency will step in with regulations, the FCC's chairman said
Unsecure Wi-Fi networks have been a well-known vulnerability in the tech industry for years. They can let even an unsophisticated hacker capture your traffic and possibly steal your identity.
AIG said it's expanding cyber insurance to cover property damage and bodily injury. It's another sign the digital and physical worlds have merged.
The online-education boom has made technology vendors powerful. So powerful, in fact, that some university officials say it’s getting harder and harder to update their technology without placing themselves under the sway of outside companies.
Now four major research universities are trying to promote strength in numbers. They are creating a consortium, called Unizin, that they hope will help member institutions innovate on their own terms.
“Unizin is a strategic move by universities to assert greater control and influence over the digital-learning landscape than would otherwise be possible by any single institution,” the founders write in a news release. The four institutions are Colorado State University, Indiana University, the University of Florida, and the University of Michigan.
Unizin will negotiate contracts with technology vendors for products and services that many universities already buy individually. But instead of implementing the technologies locally, member institutions will get a set of “sewn-together services” from Unizin in exchange for dues, says Bradley C. Wheeler, vice president for information technology at Indiana.
More businesses are buying policies, but losses are difficult to quantify because attackers are constantly getting more advanced.
Many email providers don’t encrypt messages while they’re in transit. When you send or receive emails with one of these providers, these messages are as open to snoopers as a postcard in the mail.
A landmark “right to be forgotten” ruling against Google in Europe risks damaging the next generation of internet start-ups and strengthening the hand of repressive governments looking to restrict online communications, Larry Page, the search company's chief executive officer, has warned.
While the Internet has given us the ability to run down the answer to almost any question, cybersecurity is a realm where past myth and future hype often weave together, obscuring what actually has happened and where we really are now. If we ever want to get anything effective done in securing the online world, we have to demystify it first.
A California company has found as way to turn energy-saving LED bulbs into smart networks that can collect and feed data
The constant barrage of headlines trumpeting high-profile security breaches makes it easy to understand at a high level that hack attacks are on the rise, but mere words alone don't truly convey the scope of the constant threats. A mesmerizing example of data visualization by computer security firm Norse lets you see penetration attempts in real time, via a DEFCON-esque map that feels like it was ripped right from the old WarGames movie.
Witnessing the constant ping-ping-ping of individual penetration attempts is hypnotic. If you watch long enough, the map will explode in a frenzy of color, as coordinated mass-hack attacks blast across the globemost often out of China, and often pointed toward the U.S. The U.S. itself is the steady number two on the map's "Attack Origins" list, however.
Also see the Smithsonian's article showing the map: http://www.smithsonianmag.com/smart-news/nets-dark-side-watch-people-try-hack-each-other-live-180951823/?no-ist
Code Spaces was hacked and had to shut down - what can you learn from this?
The old adage that the only thing that's constant is change certainly applies to the world of information security. Whether it's the ever-shifting threat scenarios or the technologies designed to thwart them, new developments seem to be happening all the time.
Because of the dynamic nature of the security discipline, the skills organizations and their security programs need are also continually changing.
We checked in with a number of security executives, industry analysts and recruitment specialists to find out what they see as the most in-demand skills today and in the coming months. Here are some areas they noted.
Duke University Press alerted users on Tuesday that its website had suffered a “security incident.” In an email blast to people with site accounts, the publisher said that usernames and encrypted passwords had been exposed as a result of the breach but that no financial information had been compromised.
According to a spokeswoman, the press learned of the breach on May 29 and had been working with the university’s Office of Information Technology in the weeks since then to gauge the extent of the damage.
A new global survey of consumers found that businesses — more than hackers or government — are seen as a threat to the privacy of personal information.
When Apple releases iOS 8 in the fall, corporate employees who use their iPhones and iPads for work will have better privacy protection when walking in places with Wi-Fi networks.
Another privacy feature being added to iOS 8 is to make DuckDuckGo the default search engine in the Safari browser. DuckDuckGo is considered more secure than competitors because it does not track users or collect and store personal information.
We looked at 15 top companies and services that handle your email or store your data every day to see what steps they take to keep it from prying eyes. See how they stack up.
Over the past year, we've learned a lot about what the National Security Agency can do. Our technology correspondent allowed his phone and Internet activities to be monitored to see what was revealed.
During the summer of 2010, Symplicity Corporation knew it wasn’t keeping up with the competition.
Trying to stand out in the small world of technology companies that supply colleges with software to track student disciplinary cases, Symplicity CEO Ariel Manuel Friedler noticed more colleges and universities picking its main competitor, Maxient, because its software “feels like a website,” he emailed to employees. “We are bleeding ... we have lost close to a dozen [clients] this year.”
To win back colleges, Symplicity’s top leader and two other employees hacked their way into Maxient’s servers to stock up on the competitor’s product design, new features and software layout.
US Department of Justice Press Release: http://www.justice.gov/usao/vae/news/2014/05/20140521friedlernr.html
Critical infrastructure is a big target for attack, but new data shows some operators in that industry suffer fewer security incidents than other industries.