Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »

CIO Executive Council

A Peer-Advisory Service and Professional Association for CIOs

Webcast: In the Google Apps Cloud: How to Achieve Your Business Objectives

Dec 3rd, '09, 1 - 2 pm US/Eastern (GMT-5)

Join Council member Brent Hoag, Director, Global IT, at JohnsonDiversey, as he discusses the adoption of Google Apps which has helped meet four corporate goals; sustainability, simplification, increased employee productivity and global collaboration.

Webcast: Collaboration Initiatives: Benchmarks & Best Practices

Dec 15th, '09, 4 - 5 pm US/Eastern (GMT-5)

Join Council members Ruth Thorpe, VP & CIO at the U.S. Pharmaceutical Operations of Sanofi-Aventis, and Gary Kuyper, CIO at Bethany Christian Services, as they speak about their collaboration initiatives and experiences in how and why they chose the social networking and collaboration tools they are using and their business goals for collaboration, and facing culture change challenges.

Data Overview: Collaboration Initiatives Field Guide: Benchmarks & Best Practices

This appendix to the Council Field Guide provides an analysis which discusses benchmarks for collaboration IT implementation costs, adoption rates and payoffs. The overview identifies top IT and business goals and satisfaction rates for collaboration initiatives as well as best practices and lessons learned for implementing collaboration IT.

More / Register »

Learn more about the CIO Executive Council »

RESOURCE CENTER

buy a link »

News Feature

Top 10 IT News Stories of the Week

New browser attack, the dangers of laser printers, Mass. and open documents formats, Dell's angry customers and more...

Leave a comment

By Nancy Weil

August 03, 2007 — IDG News Service —

"Web Browser Attack Skirts Corporate Firewall,"
CIO.com, August 2

Amid all the news out of the annual Black Hat conference in Las Vegas this week, a decade-old security problem got attention. A researcher at IO Active detailed how problems in the way software works with the Internet Domain Name System could be exploited to penetrate corporate firewalls. The attack was detailed in a 1996 paper by Princeton University researchers, who showed how a Java applet could be used to access systems. Dan Kaminsky, director of penetration testing at IO Active, has been among those warning that flaws in the security model of Internet applications are vulnerable to exploit, with hackers getting into PC resources behind firewalls or Web sites visited by unsuspecting victims. "It's one of the few things that's actually come back from the dead," he said of the exploit.

2. "Warning: Laser Printers Could be Hazardous to Your Health,"
Computerworld, July 31

Certain home and office laser printers could release enough particulates into the air to cause serious health risks, according to an Australian air quality researcher. Seventeen of 62 printers were classified as "high particle emitters," with one of the 17 churning out particulates comparable to those from cigarette smoke, said Lidia Morawska, who conducted the study with a colleague at the Queensland University of Technology. Because the particles are small, they can be easily inhaled and lodge in the deepest and smallest passageways of the lungs, leading to simple irritations and more serious illnesses, including cardiovascular problems or cancer. Even the smallest concentrations can be hazardous, the researchers said.

3. "Evil Javascript Mutates to Evade Detection,"
Techworld, August 3, 2007

Hackers have figured out how to avoid antivirus detectors as they access desktop computers using compromised Web sites, the SANS Institute said. The exploit used to deploy malicious code via Javascript isn't new, but researchers found that the server sending out the malicious Javascript was "obfuscating" or heavily modifying it to sidestep detection. The obfuscation is generated randomly and on the fly, researchers said. The code takes advantage of known vulnerabilities in ADODB, QuickTime, WinZip and other software, some of it not as commonly used.

4. "Massachusetts Adds Open XML to Standards List,"
InfoWorld, August 2
"Massachusetts Remains Lightning Rod on Open Documents," Network World, August 2

Massachusetts is adding Open XML to the list of acceptable document formats used by government agencies, a decision viewed as a victory for Microsoft, which is trying to get its XML-based file format approved as a technology standard. The company submitted Open XML to a standards organization in November 2004, with the International Organization for Standardization set to vote on the matter later this year. Critics charge that Microsoft has tried to control a process that is supposed to be open. Some of them have wondered aloud how it is that Massachusetts wound up where it is with Open XML given that it started out with the intent of banning Microsoft Office and its proprietary lock-in. The Commonwealth went through two CIOs during that process, with one quitting because the debate was "disruptive" and "harmful." Others seem happy with the move, though, applauding Massachusetts for boldly going where others have feared to tread.