IT management
-
Opinion
07 Oct 2025
Why it takes 11 hours to resolve one ID-related cyber incident
A recent ESG study revealed it takes an average of 11 hours for enterprises to resolve a single identity-related security incident. How did we get here, and what do we need to do differently? Continue Reading
-
News
07 Oct 2025
Alert over Medusa ransomware attacks targeting Fortra MFT
Microsoft warns it is seeing potential mass exploitation of a Fortra GoAnywhere vulnerability by a threat actor linked to the Medusa ransomware-as-a-service operation. Continue Reading
-
News
23 Aug 2005
HP sales boost as restructuring costs
HP reported a 10% increase in sales for the third quarter, and said it would spend $900m (£530m) on redundancy costs in the final quarter. Continue Reading
-
News
16 Aug 2005
Reduce risks of disaster recovery testing
Untested business continuity plans can leave your firm in the lurch, but taking down live environments is risky and complicated. Continue Reading
-
News
02 Aug 2005
Raising risk prospects with a new SQL injection threat
"Inference attacks" could deliver up your so-called secure database to an attacker. Continue Reading
-
News
31 Jul 2005
Attack: USB could be the death of me
Seemingly innocent Universal Serial Bus driver bugs may allow device attacks that many won't see coming, according to Black Hat presenters. Continue Reading
-
Feature
28 Jul 2005
Lost at sea: securing the channel
As attacks seem to proliferate almost unabated, it’s worrying to think that of the three interested parties in the security technology market — the technology makers, the technology sellers and the technology users—not everyone shares a common view on the importance of the technology. Continue Reading
-
News
28 Jul 2005
Sarbox compliance costing companies
Companies’ required investments to attain compliance with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum (ISF). Continue Reading
-
News
27 Jul 2005
Combining technology and social engineering: Hacking behind bars
In this excerpt from Chapter 11 of "The Art of Deception: Controlling the Human Element of Security," authors Kevin Mitnick and William L. Simon begin a story that shows how social engineering can be used with technology. Continue Reading
-
News
27 Jul 2005
Cisco, Black Hat litigation comes to a close
The vendor and partner ISS settle their dispute over a presentation that resulted in criminal charges and cease and desist orders. Continue Reading
-
News
26 Jul 2005
VeriSign raises stakes in battle for threat intelligence
Not to be outdone by 3Com's "Zero-Day Initiative," VeriSign says it'll shell out more cash for hackers who provide vulnerability intelligence. Continue Reading
-
News
26 Jul 2005
Experts weigh in on spyware's defining moment
We asked IT professionals to review the spyware definitions proposed by a coalition of tech firms and security organizations. They found plenty of room for improvement. Continue Reading
- News 26 Jul 2005
- News 25 Jul 2005
-
Feature
22 Jul 2005
Riding the wave of change
CIOs can thrive as pace of change quickens, argues Des Lee Continue Reading
-
Feature
22 Jul 2005
Business continuity keeps companies running
As we speak, it appears that disruption to IT services by the London bombings was minimised due to effective and realistic business continuity strategies. Sally Flood sees how you construct them. Continue Reading
-
News
21 Jul 2005
HP slashes jobs and shuts enterprise divison
HP has announced 14,500 redundancies and will close down its separate enterprise sales division as part of its attempt to streamline operations and cut costs. Continue Reading
-
News
21 Jul 2005
Users look for value boost from Microsoft licence rejig
Software Assurance needs to offer better support, say IT directors Continue Reading
-
News
21 Jul 2005
Sarbox draining corporate security budgets
Corporate investment to comply with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum (ISF). Continue Reading
-
News
21 Jul 2005
Can alcohol mix with your key personnel?
I persuaded our MD to hire a dedicated IT security expert. I am pleased with his work, but on several occasions he has smelled strongly of drink. How do I nip this in the bud? Continue Reading
-
News
12 Jul 2005
Tony Asaro: Blogs and more
Read what Tony Asaro is talking about in this month's blog, and listen to him speak in a number of webcasts. Continue Reading
-
News
12 Jul 2005
Sarbox challenge drains security budgets
International corporate spending on compliance with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum. Continue Reading
-
Feature
06 Jul 2005
Phishing for the missing piece of the CardSystems puzzle
A banking insider examines the ties between customized phishing attacks this spring and the CardSystems breach announced soon after. Don't miss his revelations on how they're linked and what the phishers really needed. Continue Reading
-
News
06 Jul 2005
This is not your father's hacker
While Sasser author Sven Jaschan awaits the outcome of his trial this week in Germany, a new cybercrime report explains why the teenager is becoming an anachronism. Continue Reading
-
News
06 Jul 2005
PING with Karen Worstell
The Microsoft CISO discusses how she keeps Redmond and its products secure. Continue Reading
-
News
04 Jul 2005
Sasser author issues courtroom confession
Sven Jaschan's mea culpa was expected after he earlier admitted to creating the last major malware outbreak more than a year ago. Continue Reading
-
News
21 Jun 2005
Continuing education options for CISSPs: Top 10 ways to earn CPEs
Who says you can't have fun while earning CPE credits? Check out the top 10 ways to meet CISSP® and SSCP continuing professional education requirements. Continue Reading
-
Feature
19 Jun 2005
How to survive a data breach
When Colin Crook offers advice on how companies should deal a security breach, he speaks from experience. He was CTO of Citicorp [now Citigroup, parent company of Citibank] 10 years ago when a hacker penetrated the company's network.
Crook is now senior advisor to the Wharton Fellows at the University of Pennsylvania, a member of the New York Academy of Sciences; fellow of the Royal Academy of Engineering and co-author of "The Power of Impossible Thinking." He shared his experiences with customers of Framingham, Mass.-based ID management firm Courion Corp. during the company's Converge05 conference last week. Business executives, he argues, must do better at listening to others and understand security is about humans, not machinery.
In the first of a two-part question-and-answer feature, Crook explains how companies can survive the fallout from a data heist.
Continue Reading -
News
13 Jun 2005
Gartner underscores five overblown threats
Two Gartner analysts debunk five overhyped security risks they claim are causing companies to miss out on some key emerging technologies. Continue Reading
-
News
06 Jun 2005
Spyware removal checklist
A step-by-step guide on how to remove spyware using antispyware tools including Spybot -- Search and Destroy, and HijackThis. Continue Reading
-
News
06 Jun 2005
Know your enemy: Why your Web site is at risk
In this Lesson 1 technical paper from Web Security School, guest instructor Michael Cobb outlines the threats to Web sites and who is behind them. Continue Reading
-
News
06 Jun 2005
Developer's active content delivery checklist
Rules for developing secure dynamic content for an IIS Web server. Continue Reading
-
News
05 Jun 2005
Quiz: Secure Web directories and development, answer No. 4
Quiz: Secure Web directories and development, answer No. 4 Continue Reading
-
News
05 Jun 2005
Quiz: Secure Web directories and development, answer No. 5
Quiz: Secure Web directories and development, answer No. 5 Continue Reading
- News 05 Jun 2005
- News 05 Jun 2005
-
News
05 Jun 2005
Quiz: Secure Web directories and development
Evaluate your knowledge of Web threats and how to defeat them. Questions cover security risks of dynamically created content and proper security management. Continue Reading
-
News
04 Jun 2005
Top tools for testing your online security, part 2
Michael Cobb explains what tools are helpful in maintaining Web security, including security scanners, benchmarking tools, monitoring services and online resources. Continue Reading
-
News
04 Jun 2005
Life at the edge part 4: When things go wrong
A checklist and other hints to protect your Web servers from a worst-case scenario. Continue Reading
-
News
03 Jun 2005
Quiz: Identify and analyze Web server attacks, answer No. 3
Quiz: Identify and analyze Web server attacks, answer No. 3 Continue Reading
-
News
01 Jun 2005
Zombie machines used in 'brutal' SSH attacks
IT managers use SSH to gain secure access to remote computers. Hackers are using it to crack your network, with help from their zombie friends. Continue Reading
-
News
29 May 2005
Patching resource kit
From vulnerability scanning to patching flubs, here's a collection of other helpful resources to ensure your patching efforts are effective. Continue Reading
-
News
23 May 2005
Pre-CISSP: Options for the security newbie
Shon Harris advises novice security practitioners on the value of entry-level certifications -- and good, old-fashioned experience -- in preparation for the CISSP®. Continue Reading
-
News
17 May 2005
Should the government define spyware?
Who's best qualified to define what is and isn't spyware -- your congressman or your online user community? Security experts say no entity can do it alone. Continue Reading
-
News
17 May 2005
Some vendors get labeled as spyware pushers
To win the battle with spyware, you must be able to spot it. That's not as easy as you think. Continue Reading
-
News
11 May 2005
A new era of computer worms: Wireless mobile worms
In this excerpt of Chapter 9 from "The Art of Computer Virus Research and Defense," author Peter Szor dissects the Cabir worm. Continue Reading
-
Feature
10 May 2005
Learning Guide: Low-cost storage
Resources on low-cost networking, iSCSI, SATA and IP storage Continue Reading
-
News
25 Apr 2005
Tight contract management vital, users told at SSRG debut
The Strategic Supplier Relationships Group, which brings together 10 of the UK's most influential IT user groups, was formally... Continue Reading
-
Feature
25 Apr 2005
Lead from the top
The starting line for effective data security is at board level, writes John Kavanagh in this review of current thinking and... Continue Reading
-
Opinion
25 Apr 2005
Seeing the big picture
Information security is about securely bringing together the organisation's two most important assets - information and people. Continue Reading
-
News
19 Apr 2005
LogicaCMG on Met payroll
The Metropolitan Police Authority has selected LogicaCMG to provide a £31m fully-managed payroll and pension administration... Continue Reading
-
Feature
15 Apr 2005
The acceptable rules of the mobile game
Mobile networks allow you to connect to your network from almost anywhere by the appropriate methodology. Yet that may also mean... Continue Reading
-
News
14 Apr 2005
Who should be on (and off) the hook for ID theft?
An influential cryptographer and a panel of technologists today debate how best to fight false authentication and fraudulent transactions. Continue Reading
-
News
14 Apr 2005
Spike ** LogicaCMG to manage Met payroll
The Metropolitan Police Authority (MPA) has selected LogicaCMG to provide a £31m fully-managed payroll and pension administration... Continue Reading
-
News
12 Apr 2005
Met Police gets LogicaCMG on payroll
The Metropolitan Police Authority (MPA) has selected LogicaCMG to provide a £31m fully-managed payroll and pension administration... Continue Reading
-
News
03 Apr 2005
Are identities safer on laptops than central databases?
Microsoft pledges better ID security. Given the theft of a laptop storing 100,000 Social Security numbers, Redmond's approach could prove controversial. Continue Reading
-
News
29 Mar 2005
Quiz: Do you have a firm e-mail security foundation?
This Security School quiz is the first in a series of three on e-mail security essentials. Continue Reading
-
News
24 Mar 2005
Atos wins DWP deal extension
The Department for Work and Pensions has renewed a contract with IT services company Atos Origin to deliver medical advice and... Continue Reading
-
News
21 Mar 2005
Linux lags Windows in new security report
A controversial research paper takes a critical look at two popular platforms' track record on vulnerabilities and fixes. In turn, its findings are facing sharp scrutiny as well. Continue Reading
-
News
17 Mar 2005
Botnets more menacing than ever
Researchers from the Honeynet Project and iDefense say bots are spreading quickly, digging their heels into more than a million machines around the world. Continue Reading
-
Feature
16 Mar 2005
Managed services: Looking to the long term
IT directors looking for an easy way to manage increasing volumes of data by buying more hardware could be storing up problems... Continue Reading
-
News
15 Mar 2005
ID theft and national security
Check out what some ITKnowledge Exchange members had to say about this controversial issue. Continue Reading
- News 14 Mar 2005
-
News
14 Mar 2005
HIPAA causes data security problems for small businesses
If your local dentist isn't complying with HIPAA's security rules, he's not alone. Experts say most doctors' offices aren't getting it. Continue Reading
- News 14 Mar 2005
-
Feature
14 Mar 2005
Healthcare system designer explains HIPAA pitfalls
Kate Borten is president of The Marblehead Group Inc., has more than 20 years of experience designing, implementing and integrating healthcare information systems and is author of HIPAA Security Made Simple. This Q&A focuses on how she believes hospitals are meeting HIPAA's security guidelines.
Continue Reading -
Feature
13 Mar 2005
Winning the cyber arms race in the classroom
In the struggle for cybersecurity, Lenny Zeltser's most important weapons are the classroom and the pen.
For the past few years he has taught part-time at the SANS Institute, creating a course on how to analyze malicious software,. He's also directed security efforts for several organizations as a consultant and employee. As a writer, he co-authored Inside Network Perimeter Security and contributed a few chapters to the book Malware: Fighting Malicious Code.
In this Q&A, Zeltser outlines his latest course offerings and book projects, and what he sees as today's greatest threats.
Continue Reading - News 08 Mar 2005
-
News
08 Mar 2005
A sound architecture involves both strong technology and a professional approach
Although many large organisations need to respond rapidly to changes in the market as well as to competition and globalisation... Continue Reading
-
News
07 Mar 2005
Windows vulnerable to LAND attack
Security researchers say this type of attack leaves enterprise customers of popular Windows products open to a denial of service. There is good news, though. Continue Reading
-
Feature
25 Feb 2005
Whisky galore with IP
Chivas can toast future success thanks to a cost-effective IP data network Continue Reading
-
News
24 Feb 2005
Security Bytes: Cisco patch available for ACNS flaws
Workaround outlined for new php exploit. IBM issues patch for DB2 flaw. Payroll service goes offline to investigate security claims , and BoA loses personal data on customers. Continue Reading
-
News
15 Feb 2005
Federal agency security still poor, but improving
Report cards give federal security a D-plus average, but the Homeland Security Department is still failing. Continue Reading
- News 14 Feb 2005
-
News
14 Feb 2005
Strategic Storage: DR planning blueprint
Developing a good disaster recovery (DR) plan is similar to good dental hygiene -- and almost as exciting. Similar to going to the dentist twice a year, you should also test your DR plan with the same frequency. Wait too long to clean up your plan and you'll be stuck with the root canal of recovering your data. Continue Reading
-
News
09 Feb 2005
The Controversy of Hacking Books and Classes
Read this excerpt and download Chapter 1, Ethics of Ethical Hacking from Shon Harris' All-in-One Gray Hat Hacking. Continue Reading
-
News
07 Feb 2005
CEOs and CIOs split on IT success
Business and IT directors are still at loggerheads on key technology issues, according to a new survey by the Economist... Continue Reading
-
News
02 Feb 2005
Compressed files strike another blow to AV
The "alternative" .rar files are picking up where popular .zip files left off as attack vectors. Continue Reading
-
News
31 Jan 2005
ID theft remains No. 1 worry
For the fifth straight year, the FTC said most complaints came from identity theft victims. And that's a problem for enterprises. Continue Reading
-
News
23 Jan 2005
Cyberstorm chasers: The folks who look out for the latest Internet threats
They keep a 'round-the-clock watch on conditions in cyberspace. CTO Johannes Ullrich discusses the volunteer effort behind the SANS Internet Storm Center. Continue Reading
- News 19 Jan 2005
-
Feature
14 Jan 2005
Financing the future
Don't get a headache working out the best ways to pay for hardware and software. Danny Bradbury offers a user-friendly guide to... Continue Reading
-
News
10 Jan 2005
Security Bytes: George Mason U. hacked; new Trojans on the loose
Hackers steal personal data of more than 30,000 members of George Mason University. Two new Trojans emerge. BMC Software buys a Parisian company. Continue Reading
-
News
10 Jan 2005
Security on a Shoestring: Creating Internet policies on the cheap
No matter how small the organization, it's impractical to stand over employees and make sure they properly use the Internet. So here's how to write a decent acceptable use policy, and make sure everyone abides by it. Continue Reading
-
News
19 Dec 2004
Transforming the cybersecurity culture
Eleven New Year's resolutions can help employees at all levels empower the security function at their organization. Continue Reading
-
News
08 Dec 2004
The security lingo of 2004
This was the year of botnets, zombie PC armies and phishying online schemes. Continue Reading
-
News
28 Oct 2004
MoD may write off £200m Chinook helicopters
The Ministry of Defence could write off more than £200m spent on eight Chinook Mk3 helicopters. Continue Reading
-
Feature
21 Oct 2004
IP everything, essentially
What are the fundamental deliverables of IP networks? How can you use IP networks to gain financial benefits in addition to... Continue Reading
-
Feature
21 Oct 2004
The basis of profitability
Not so long ago, you didn't have much choice - your IT and communications requirements were acquired, implemented and maintained... Continue Reading
-
News
08 Oct 2004
First integrated children's system goes live
The first web-based system to help councils meet new legal requirements for information sharing among teachers, social workers... Continue Reading
- News 04 Oct 2004
-
News
03 Oct 2004
Training for CISSP Certification: SearchSecurity.com's Security School
Study guides for each of the ten domains of the CBK for those preparing to take the CISSP exam or expanding their knowledge of security concepts and practices. Continue Reading
-
News
26 Sep 2004
Authorize.Net says it has 'learned' from attack
The credit card processing service was unprepared for the kind of attack it suffered last week, but it will use the experience to improve security. Continue Reading
-
Feature
14 Sep 2004
The gift of CRM
For Red Letter Days, a provider of gift experiences for corporates and consumers, a CRM system was essential to give it market... Continue Reading
-
Feature
14 Sep 2004
Management matters
Cath Everett finds out how you stay on top of networking. What are the management issues related to your telecoms and networks... Continue Reading
-
News
27 Aug 2004
Over-specify when buying low cost replacement for Frame Relay
A project manager reveals how a VPN saved £275,000 a year Continue Reading
-
News
24 Aug 2004
Latest worm uses IM to lure victims
A version of the worm which spread from infected Microsoft Internet Information Services (IIS) web servers in June has been... Continue Reading
-
News
27 Jul 2004
New attacks and vulnerability trends highlighted at Black Hat
Presentations beginning today will analyze vulnerabilities, zero-day code, phishing and secure wireless deployment, among many other topics. Continue Reading
-
News
26 Jul 2004
Fewer IT supplier conflicts are going to court
Law firms have reported a sharp fall in the number of IT disputes reaching the courts over the past 12 months as more users turn... Continue Reading
- News 25 Jul 2004
-
News
18 Jul 2004
Debian fixes multiple flaws
Denial-of-service, buffer overflow and format string vulnerabilities in Debian GNU/Linux that an attacker could use to remotely execute malicious code has been fixed. Continue Reading
-
News
18 Jul 2004
Enterprise-class RAID functions, part 2: N-way mirroring, splitting and more
With the convergence of RAID and lower-priced storage technologies, advanced RAID functions can be enjoyed by any small-to-medium sized organization with critical data. Continue Reading