Infosecurity (UK) - the online magazine dedicated to the strategy and technique of information security

Latest News

CeBIT: Kaspersky warns over highly intelligent smartphone malware
Last week saw the giant CeBIT Computer Fair taking place in Hannover, Germany, and German newspaper Bild published an interesting interview with Marco Preuss, a security analyst with Kaspersky Lab, in which he warns of the increasing sophistication of mobile phone malware.
CIFAS reports identity theft fraud soaring
CIFAS, the UK's fraud prevention service, has reported a surge of almost a third in identify theft fraud during 2009, something that it says points to collusion between criminal gangs and staff working inside financial services companies.
Kaspersky Lab reports that Gumblar is rising again
After quietly fading away for several months, the February malware lists from Kaspersky Lab show that the Gumblar worm – a trojan downloader – has dominated the charts during the month.
Keynote Theatre Agenda
The 2010 Keynote programme will address the security issues and pressures that organisations face in an increasingly mobile and global working environment. Leading security experts, industry innovators and speakers from the end-user community who will provide expert analysis, real-life case studies, strategic advice and predictions.
NEW - The Discussion Den Theatre
In the new Discussion Den you can get involved in high-level, technical and interactive panel sessions.

Podcasts

The Art of the Possible ... engaging your audience for information security awareness
Infosecurity Magazine’s Eleanor Dallaway speaks to Paula Davis, global head of client services at SAI Global about the evolving tools, techniques and technologies available to businesses for addressing the human element of information security through creative, effective employee awareness training. This podcast will examine the options available to you for information security training and will: • Provide an overview of the various training media that can effectively engage employees in information security. • Give advice on how businesses can respond to the changing needs, habits and expectations of learners by using new media to raise awareness of information security • Explain how tried and trusted training methods such as e-learning can be made even better • Look at the pros and cons of using emerging technologies and new media for information security awareness • Give guidance on how to ensure your choice of media is ‘fit for purpose’ and appropriate to your audience and budget
Securing your business against future internet threats
Infosecurity’s Eleanor Dallaway speaks to Gerhard Eschelbeck, CTO of Webroot, about how to secure your business against future internet threats. This podcast will examine how the internet has influenced business practices, and will look at the current and future threat landscape. This podcast will also: • Look at hacker motivations • Consider how businesses are protecting employees remotely • Touch on the evolution of malware • Analyse the impact of social networking • Highlight and recommend at multi-layered security approach • Address the hype around cloud services
Editorial Podcast: 27 November 2009
Kari Larsen summarises the week's news
Editorial Podcast: 5 November 2009
Kari Larsen summarises the week's news

Webinars

Password Management: Top Ways to Deal with the Necessary Evil
Password management sounds like a mundane aspect of IT security, but as recent high-profile media reports have proven, it's now a central part of effective company technology management. Anecdotal evidence in the industry suggests that the technology and techniques to handle password management is a black art. Not so. Join us for an entertaining and informative webinar in which our panel of experts will explain the strategies that are required for the efficient, secure and compliant management of passwords.
End point security - How to stay out of the headlines and avoid a £500,000 fine.
April 2010 sees the introduction of new data breach penalties from the Information Commissioner's Office (ICO). Criminal penalties and data breach notification mandates are also on the horizon, so it's essential that you review your organisation's mobile data security strategy.
Understanding the IT security total cost of ownership puzzle
IT security and the financial function are starting to become happy partners, now that key performance indicators (KPIs) and total cost of ownership (TCO) figures can be created for most IT systems and software. Join us for an entertaining and informative webinar in which we'll explain how to balance the requirement of future-proofing your IT security resource, whilst at the same time balancing the time and budget issues that also come to the fore.
The 60-Minute IT Compliance Formula: Breaking Down Regulations to Their Essential Elements
Most security experts will tell you that the formula for success in passing regulatory compliance audits can be complex and expensive - but how complex and expensive is it really?

Blogs

Why it pays to be secure – Chapter 5 – I need tools!
Posted by Roger Halbheer • 06 March 2010
Our EMEA Security Program Manager, Henk van Roest, started this series internally and with his consent I am publishing it here in my blog as I think it contains a lot of great information for you to u...
tags
rated:
Virus Alert! Twitter, Google, Hallmark and Others Subject To Attack
Posted by Patrick Walsh • 05 March 2010
The eSoft Threat Prevention Team is warning customers today of a new email scam circulating very quickly. These fraudulent emails claim to be from Google Staffing, Hallmark, Twitter as well as o...
tags: virus, bot, spam
rated:
Making the Management of Security Compliance Easier!
Posted by Roger Halbheer • 18 February 2010
As you all know, I have two main pet themes: Risk Management and Compliance Management as I see very often that there is room for improvement when it comes to such processes within our customers. Inte...
tags: Compliance, Policy
rated:
SANS Top 25 Most Dangerous Programming Errors – the same as very often…
Posted by Roger Halbheer • 17 February 2010
I just worked my way through the list SANS published. Looking at the list it is not surprising but scary to see which errors made it to the top of the list: Cross-site Scripting SQL Inject...
tags: Cybercrime, Secure Development
rated:
Hotmail Users Look for Answers in Dangerous Places
Posted by Patrick Walsh • 17 February 2010
An outage of the Windows Live ID service affected a large number of MSN users today, including users of the popular Hotmail email service. Hotmail is one of the largest web-based email outlets and not...
tags: Blackhat SEO, PageRank Bomb, Rogue AV, Fake AV, Rogue Anti-Virus
rated:

Features

The charmed life of cybercrime The charmed life of cybercrime
Crimes, scams, and various forms of nonsense are hardly inventions of the digital age. In fact, they are likely as old as human civilisation. Wendy M. Grossman examines why criminals are finding it easier to engage in cybercrime over more traditional forms of physical theft, and why law enforcement finds it difficult to prosecute the perpetrators
What’s in store for 2010? What’s in store for 2010?
The Noughties are behind us now, but memories of a decade of data breaches will continue to haunt the infosec professional. If only there was a way of knowing what the threat landscape would look like in the months to come. Well you’re in luck as Davey Winder has dusted off the crystal ball and spoken to a broad church of infosec professionals to get some informed predictions for 2010
An Olympic effort to secure the Games An Olympic effort to secure the Games
Managing the security of the 2010 Olympic Games in Vancouver is no mean feat. Danny Bradbury went behind the scenes at the Olympic site to talk to the people who are tasked with ensuring the event goes smoothly
Comment: Maintaining data integrity for your organization
Simon Morris of Pentura debates the issue of data security and the importance of identity authentication when dealing with confidential and sensitive data.

Downloads

PCI: Using Microsoft Active Directory to Address Payment Card Industry (PCI) Data Security Standard Requirements in Heterogeneous Environments
Learn how to simplify compliance reporting for stringent PCI DSS regulations by linking all access rights, privileges, and audit logs to a single, definitive Active Directory identity.
Data Handling Procedures in UK Government
The Cabinet Office published the "Data Handling Procedures in UK Government", which highlights the need to restrict access to public sector data and encrypt data held on removable storage media such as CDs, USB keys and laptops.
Demystifying IT Risk to Achieve Greater Security and Compliance
Managing IT risk is part of running any business these days. Regardless of what business you’re in, understanding IT risk can help you increase network security, reduce management costs and achieve greater compliance. Corporate leaders who fail to identify, assess and mitigate IT risk are setting themselves up for serious security breaches and financial losses down the road. And those leaders who think that managing IT risk is the job solely of the IT staff may be in for a big shock.
The Essential Series - Security Information Management
Maintaining information security is a multi-faceted operation that is best managed with a single comprehensive strategy rather than mix of tactics based on whatever point solutions are already deployed. Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM.

Latest News

Podcasts

Webinars

Blogs

Features

Downloads

Members' Login

Not a member?