Midmarket IT Security News

Week of 13 Feb 2012 Infosec certifications valuable in security job market, (ISC)2 finds (SearchSecurity.com | 14 Feb 2012)

Survey of more than 2,000 IT security pros finds many getting raises and promotions despite lagging economy and tighter IT budgets.
Week of 28 Nov 2011 Duqu Trojan attackers cleaned their tracks well, analysis finds (SearchSecurity.com | 02 Dec 2011)

Analysis of the command-and-control server network connected to the Duqu Trojan found hackers worked fast to wipe any data that could be traced to a source.
New Facebook worm poses as a screensaver (SearchSecurity.com | 29 Nov 2011)

Like previous Facebook worms, the new malware uses stolen credentials to log into accounts and spam contacts.
Week of 14 Nov 2011 CSA Congress roundup: Cloud SLAs, compliance and 7 dirty words (SearchCloudSecurity.com | 18 Nov 2011)

Topics highlight array of cloud security challenges

Midmarket IT Security News Archive

Security Channel
- HIPAA security checklist: 10 services your customers need
  
  HIPAA compliance services can lead to solid business growth for solution providers. Kevin McDonald's HIPAA security checklist has 10 ways to begin.
- Survey results: VARs report customers’ IT spending 2012 expectations
  
  VARs expect customers to increase spending on security more than any other IT area in 2012. See which security segments will grow the most.
- Create a computer security blog to attract and retain customers
  
  Blogging can produce new leads for security solution providers. Focus on content in your computer security blog that connects with customers.
Cloud Security
- Using SSAE 16 standard, SOC reports to assess cloud provider security
  
  The SAS 70 report has been replaced by the SSAE 16, but how does it stack up as a tool to measure a provider’s security?
- Cloud computing security issues on tap at RSA Conference 2012
  
  Data privacy, cloud security standards among the topics to be discussed.
- Massachusetts 201 CMR 17.00 and cloud services
  
  Organizations face a March 1 deadline for ensuring their cloud and other service providers comply with Massachusetts’ data protection regulation.
Security
- IBM QRadar adds X-Force threat intelligence to SIEM system
  
  Big Blue unveils integration of its Q1 Labs acquisition giving IT security pros the ability to add rule-based alerts using threat intelligence feeds.
- Cyberespionage attacks shine harsh light on security technology failures
  
  High-profile attacks on Nortel, RSA and others have thrust cyberespionage attacks into the spotlight ahead of RSA Conference 2012
- RSA 2012 talk to offer help understanding IPv6 security issues
  
  Understanding IPv6 security issues can be a challenge, but the protocol's co-inventor says enterprises can no longer afford to ignore IPv6 security concerns.
Security UK
- How to audit cookies for compliance with PECR regulations
  
  Concerned about the PECR regulations for website tracking cookies? Learn how to audit cookies on your site to find out if you are in compliance.
- Using Burp Suite proxy tool to examine client-side requests
  
  The free Burp Suite proxy tool can be used for good or for bad. Expert Rob Shapland provides usage scenarios for both.
- Open source software security issues: How to review OSS for security
  
  A reader asks how to judge the security of open source software products. Expert Michael Cobb lists three areas to check.
searchCIO-Midmarket
- CIO takes ‘bottom up’ approach, with a BI platform built for ERP
  
  An IT exec schooled in database design chooses a "bottom-up" BI platform developed expressly for his ERP system, with a little help from an outsider.
- What's the big deal about big data analytics?
  
  Are businesses chasing Hadoop and Teradata just because they're the hot new thing? CEO John Weathington advises CIOs to stop and think before they jump into big data analytics.
- Virtualized desktops and DR virtualization for quick ROI
  
  CIO Tom Gainer found that deploying virtualized desktops and disaster recovery was the quicker path to cost savings and recovery times. Server virtualization, not so much.
Compliance
- Compliance Q&A: EPIC rep discusses objections to Google privacy policy
  
  In this Q&A, EPIC Consumer Protection Fellow David Jacobs discusses the organization’s objections to Google’s privacy policy and how to improve online consumer privacy.
- Our dangerous overdependence on information technology audits
  
  Although information technology audits can uncover GRC gaps, lower-level issues are often overlooked when relying on them for security assurance, says contributor Kevin Beaver.
- Online Trust Alliance guide offers tips for data protection strategies
  
  With the number and severity of breaches increasing, data protection strategies are vital. To help, the Online Trust Alliance has released a guide to online data protection.

Latest Headlines

Topics

Assessing and Managing Risk

Windows Security

Network Security

Threats and Vulnerabilities

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Ask a Question

Research Library

Product Demos

Blogs

Midmarket IT Security News

Week of 13 Feb 2012 Infosec certifications valuable in security job market, (ISC)2 finds (SearchSecurity.com | 14 Feb 2012)

Week of 28 Nov 2011 Duqu Trojan attackers cleaned their tracks well, analysis finds (SearchSecurity.com | 02 Dec 2011)

New Facebook worm poses as a screensaver (SearchSecurity.com | 29 Nov 2011)

Week of 14 Nov 2011 CSA Congress roundup: Cloud SLAs, compliance and 7 dirty words (SearchCloudSecurity.com | 18 Nov 2011)

Most Read News

More from Related TechTarget Sites

HIPAA security checklist: 10 services your customers need

Survey results: VARs report customers’ IT spending 2012 expectations

Create a computer security blog to attract and retain customers

Using SSAE 16 standard, SOC reports to assess cloud provider security

Cloud computing security issues on tap at RSA Conference 2012

Massachusetts 201 CMR 17.00 and cloud services

IBM QRadar adds X-Force threat intelligence to SIEM system

Cyberespionage attacks shine harsh light on security technology failures

RSA 2012 talk to offer help understanding IPv6 security issues

How to audit cookies for compliance with PECR regulations

Using Burp Suite proxy tool to examine client-side requests

Open source software security issues: How to review OSS for security

CIO takes ‘bottom up’ approach, with a BI platform built for ERP

What's the big deal about big data analytics?

Virtualized desktops and DR virtualization for quick ROI

Compliance Q&A: EPIC rep discusses objections to Google privacy policy

Our dangerous overdependence on information technology audits

Online Trust Alliance guide offers tips for data protection strategies