News Analysis

2010 Review: Top 10 IT security stories

Warwick Ashford

In Computer Weekly's review of the best of the IT year in 2010, we look back on the top 10 IT security stories for 2010.

The focus on IT security has not gone away, but the profile of cyber-threats is higher than ever after the Stuxnet worm that attacked Iran's nuclear facilities.

Google cyber-attacks are a call to action, say security advisers

Disclosures of cyber-attacks on Google, Adobe and more than 20 other companies in December 2009 provide evidence that cyber-espionage is a real and present danger.

Human factor a key focus for infosecurity

IT security policies are vital in reducing corporate liability risk under a raft of new and coming information security laws and regulations, says Stewart Room, partner at law firm Field Fisher Waterhouse.

Ten years after LoveBug: social engineering and security lessons

A decade after the LoveBug computer virus caught the online world by surprise, social engineering is still a popular element of cyber-attacks, but it has become far more sophisticated, says Paul Fletcher, a member of the first security team to intercept and name the virus.

Conficker still a threat, says Working Group

The Conficker worm continues to be a threat and businesses need to be aware of two vulnerabilities it may have introduced to their IT systems, says Rodney Joffe, director of the Conficker Working Group.

Reliance on passwords is biggest security threat, says hacking expert

Passwords are fundamentally insecure and represent the biggest security threat facing organisations, says Jason Hart, senior vice-president for Europe at security firm Cryptocard, with hackers able to use easily available software to capture every username and password of any user on a network.

Many organisations in the dark about advanced cyber-attacks, research reveals

Many organisations are unaware they are being targeted by advanced cyber-attacks and are failing to respond effectively, according to the Ponemon Institute, with 41% of US organisations unable to determine if they were being targeted by zero-day and other advanced cyber-threats designed to evade countermeasures.

Third-party apps now a top vulnerability, says security expert

Attacks on third-party applications have become a major threat to enterprise information security, says security firm NGS Secure of the NCC Group, and with operating system suppliers having reasonably effective patching regimes, falls to businesses to also check that all their other software is fully patched at all times.

Security must evolve with move to private clouds, says Gartner

Security must evolve to support the transition from virtualised datacentres to private cloud computing infrastructures, according to research firm Gartner, which predicts that by 2015, 40% of security controls in enterprise datacentres will be virtualised, up from less than 5% in 2010.

Stuxnet - the prototype cyber-weapon?

Hailed as the most sophisticated malware ever found, Stuxnet is widely seen as a prototype cyber-weapon, pushing the concept of cyber-warfare into the realm of the possible. As worrying as that is, most business IT security managers have dismissed Stuxnet as something that has no relevance to them.

UK cyber-efforts 'should concentrate on defence'

The UK government should focus its cyber-efforts on resilience and defence rather than attack, an expert panel has told the House of Commons science and technology committee, hearing evidence on cyber-attacks as part of its inquiry into scientific advice and evidence in emergencies.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy