Pennsylvania Fires CISO Over RSA Talk 13.03.10 Pennsylvania's chief information securityofficer, Robert Maley, has been fired, apparently for talking publicly at the RSA security conference last week about a recent incident involving the Commonwealth's online driving exam scheduling system. A source close to the matter said Maley was terminated for not getting the required approvals from the Commonwealth's authorities to talk publicly about the incident. More detail

Spies and hackers exploit world cyber rule void 24.02.10 Without global security, cyber crime is growing danger to global economy LONDON - The best weapon against the online thieves, spies and vandals who threaten global business and security would be international regulation of cyberspace. Luckily for them, such cooperation does not yet exist. More detail

U.S. experts close in on Google hackers 22.02.10 By Joseph Menn, FT.com February 21, 2010 9:52 p.m. EST (FT) -- U.S. analysts believe they have identified the Chinese author of the critical programming code used in the alleged state-sponsored hacking attacks on Google and other western companies, making it far harder for the Chinese government to deny involvement. Their discovery came after another team of investigators tracked the launch of the spyware to computers inside two educational institutions in China, one of them with close t... More detail

Rules of Evidence - Digital Forensics Tools and how to 20.02.10 Searching for clues? Here's how to investigate and use digital forensics and e-discovery tools Digital forensics tools are intended to help security staff, law enforcement and legal investigators identify, collect, preserve and examine data on computer hard drives related to inappropriate and illegal activity, such as cybercrime, e-mail and Internet abuse, fraud, financial mismanagement, unauthorized disclosure of corporate information, intellectual property theft, and so on. Increasingly, thes... More detail

In Wake of Botnet Scare, Cybercrooks Come Creeping 19.02.10 A massive botnet tying together more than 74,000 zombiefied PCs around the world was exposed Thursday, part of a secret underground network for rent to cybercrooks worldwide. But don't look for info on how to detect and eliminate it, or you could get caught up by "poisoned" searched results. The newly uncovered, massive hacking network, dubbed the Kneber botnet the "Kneber botnet" after the username linking the infected computers, was detected and unveiled by network-forensics firm NetWitness More detail

U.S. enables Chinese hacking of Google Google made headlines when it went public with the fact that Chinese hackers had penetrated some of its services, such as Gmail, in a politically motivated attempt at intelligence gathering. The news here isn't that Chinese hackers engage in these activities or that their attempts are technically sophisticated -- we knew that already -- it's that the U.S. government inadvertently aided the hackers. More detail

Minimize Risk by Maximizing Accountability Risk management only works when it factors into everyone's thinking. Kerri Grosslight of Wells Fargo lays out steps for getting there. Faced with challenging economic times and heightened legislative and regulatory scrutiny, companies across all industries are increasingly compelled to keep risk management top of mind. Success depends upon customer and shareholder confidence in a company's ethical standards and its ability to make prudent decisions about handling risks. Whether a company's risk ... More detail

How one lost laptop can have a giant impact As the CTO of a data protection and encryption company, I hear many a tale of woe as other CTOs and CEOs confess to me the stories of how various laptops within their companies have gone astray and the destruction these lost laptops have caused in their wake.  With this in mind, here is one such tale of woe, albeit fictional, that I have heard time and time again. Where do I begin? If the evidence is to be believed it stems back to, what I assumed to be, a fortuitous meeting in the bar at the ... More detail

Managers of IT security technology are as important as the products Right about now, CIOs are finalizing budgets for 2010, and one of the main issues will be how to prepare for the next security threat. This is always a challenge regardless of the year; it's akin to looking into a crystal ball and trying to counter some ill-defined potential adversary that is largely out of an organization's direct control.However, that is most likely not where a company's biggest vulnerability lies. For all the tools and solutions won't matter if the people in charge of impleme... More detail

Recognizing the payment industry achievements of 2009 and looking ahead On a global level, the council continues to extend beyond simply defining the standards. We provide resources to address specific security challenges and mobilize the payment community through training sessions, open discussion forums and both formal and informal feedback sessions.  More detail