Click here for the new address :


Web 2.0 technologies, such as Facebook, MySpace and Twitter, are a major security concern for businesses, according to research by Deloitte.

A survey of 200 technology, media and telecommunications firms shows 83% view the exploitation of vulnerabilities in Web 2.0 as a significant threat .

“In some cases, employees unintentionally release sensitive information without realising the consequences,” said James Alexander, partner in Deloitte’s Security and Privacy Team.

Continue reading …

Cloud computing is spreading through the IT world like wildfire, with innovative start-ups and established vendors alike clamoring for customer attention.

Generally speaking, cloud providers fall into three categories: software-as-a-service providers; infrastructure-as-a-service vendors that offer Web-based access to storage and computing power; and platform-as-a-service vendors that give developers the tools to build and host Web applications. Here are 10 cloud companies that are worth watching.

Read full story

Forrester Research analyzes the past, present and future of security information vendors and products.

Security information management (SIM) technologies experienced a pretty rocky ride since emerging earlier this decade, industry watchers says, and the ride isn’t over yet for those ready to adapt to customers’ changing needs.

According to Forrester Research, SIM technology drew in enterprise security managers looking to reduce the noise among multiple security devices distributed in large environments, but lost some ground when IDS and IPS technology gained intelligence. SIM products initially used data aggregation and event correlation features similar to those of network management software and applied them to event logs generated from security devices such as firewalls, proxy servers, IDS and IPS devices, and antivirus software. SIM products also normalized data — that is, they translated Cisco and Check Point Software alerts, for example, into a common format so the data could be correlated with one system. Like network management software, SIM tools generally consist of server software, agents installed either on servers or security devices, and a central management console.

Read full story

Network security threats abound, and news of data breaches are constantly made public. Are information security professionals doing something wrong? Where are enterprises most vulnerable? And what can network pros do to keep a company more secure? in order to solve security issues, we need to think of information security as risk management, says Interop IT security track chair John Pironti, who is president of IP Architects, LLC. Here’s why:

Read full story

Cloud computing is generating a flurry of interest as new services enter the market. Right now, cloud computing is fine for smaller companies seeking cheap computing capacity on a retail basis, but to find its place in large enterprise IT operations, it will have to meet tough requirements for governance, risk and compliance (GRC).

Read full story

Most survey respondents still haven’t achieved quantifiable benefits, study says

Can you tell if your security information and event management (SIEM) or log management tools are really saving your company money or making it more secure? If you can’t, you’re not alone.

According to a study published today by Aberdeen Grouponly about 20 percent of SIEM users can point to definite gains from using the tools, as measured by reductions in security incidents, audit deficiencies, or operational costs.

“The majority of respondents have not yet achieved those quantifiable benefits, and in some cases are seeing increases in audit deficiencies, security incidents. and operational costs associated with security management,” said Aberdeen in a press release.

Read full story