Your Identity Up for Grabs

Security was a big issue in 2011 with more sophisticated and a wider range of threats than ever before wasting even more of everyone's time at a cost of billions of dollars.

By Mark Gibbs
Fri, January 13, 2012

Network WorldSecurity was a big issue in 2011 with more sophisticated and a wider range of threats than ever before wasting even more of everyone's time at a cost of billions of dollars.

For example, there was March's hacking of RSA and its SecurID token system (sorry to bring this up again RSA, but it really was a big deal). This incursion reputedly wound up costing EMC, RSA's parent company, around $55 million. Even bigger than EMC's financial bath were rumors that the virtual raid was conducted by our friends in China so they could hack the likes of Lockheed Martin, a SecurID customer, to acquire sensitive military intelligence.

MORE: 2011's biggest security snafus

IN PICTURES: From Anonymous to Hackerazzi: The year in security mischief-making

Then in April, Epsilon, the largest permission-based email marketer in the world, was hacked and millions of email addresses belonging to companies such as Kroger, TiVo, US Bank, JPMorgan Chase, Capital One, Citi, Home Shopping Network, Brookstone, Walgreens, The College Board, Disney Destinations and Best Buy were stolen a huge wave of phishing attempts. The cost to Epsilon is unknown but must have been mind-bogglingly huge.

Also in April ... and then in May and June as well ... Sony's PlayStation, Qriocity and Sony Online networks were hacked and personal data, including some credit card numbers, of some 78 million members were swiped by, among others, the Lulz Security hacking group. Sony had to take down its services at a loss of more than $170 million.

Those are just a few of the ridiculous number of security issues we faced last year (see Network World's "2011's biggest security snafus" for a more comprehensive list of last year's security OMGs).

Here's the thing about security: What happened in 2011 was just more of what happened in 2010, which was just more of what happened in 2009, which was ...

Thus, I was able to prognosticate in my doom-laden Backspin 2012 Outlook column that this coming year we'll see "Botnets, malware, hackers, distributed DoS attacks, spam, phishing ... just more of the same junk we've dealt with for years but an order or two magnitude worse. Several large financial organizations will suffer serious hacker break-ins and the details of millions of consumer accounts will be exposed. Business will simply carry on as usual."

That, in a nutshell, is the problem: Complacency. Many businesses will simply belly up to the bar, pay the piper and carry on.

But this isn't just an issue for the huge enterprise like RSA, Epsilon, and Sony; it's a problem that's endemic in business in general, all the way from the biggest commercial behemoths at the top down to the smallest SME outfits.

Continue Reading

Originally published on www.networkworld.com. Click here to read the original story.
White Papers »
DDoS Mitigation - Best Practices for a Rapidly Changing Threat Landscape
DDoS attacks are larger, stealthier, more targeted, and more sophisticated than ever. In this whitepaper, Verisign has identified a set of best practices that enables organizations to keep pace with DDoS attacks while minimizing impact on business operations.
Verisign State of DNS Availability Report
Few companies can afford the damage - financial and otherwise - that can result from a DNS failure. Yet, the latest Verisign State of the DNS Availability Report shows that DNS availability was a problem for many of the Internet's top-ranked sites. Read more about the risks and potential impacts of network downtime to revenue generation, business
2012 Cyber Crime Threats and Trends
This document provides a valuable overview of key cyber security trends during 2011 and how those trends and others might unfold in 2012. iDefense intends for this report to serve as a reference and a strategic complement to daily tactical intelligence reports for the purpose of providing IT security and business operations with actionable and relevant decision support.
DNS: Risk, Reward and Managed Services
In this report, Yankee Group Research outlines the pros and cons of in-house, ISP and managed service provider DNS management options.
Expert Guide to Secure Your Active Directory
Layered security is the way to go when it comes to protecting Active Directory. This expert e-guide explains the best method to use when planning and designing a security solution. Find out why it is important to secure Group Policy settings and discover how managed service accounts boost server security in R2.
Security-In-Depth Using Integrated Risk-Conscious Controls
Today's attacks on IT infrastructure are becoming more frequent, targeted and sophisticated. They range from well-funded, state-sponsored attacks to attacks from trusted employees and consultants.
Webcasts »
Gartner Next Generation Network IPS Webcast
Learn how Gartner's criteria for next generation IPS helps organizations achieve effective threat prevention despite changes in network communications, new applications, and changes in the threat landscape.
McAfee Continuous Compliance
3 minute Flash video - overview of the need for and value of Configuration Control.
Taming the Wild West: How to build a strong cloud security strategy
Cloud deployments are playing a critical role in propelling innovation for many companies. At the same time security has become the #1 one of the top concerns for IT and business leaders as they migrate into the cloud. In this webinar, learn from Accenture discusses how to recast the cloud as a "fresh chance to rethink your approach to security."
Virtualization Success is a Team Effort
As greater numbers of datacenter servers transition from the physical to the virtual world, the components of virtualization success come to the fore. What scores of organizations have discovered is that success is derived from an optimal pairing of the right software platform with the right hardware platform.
Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn about VMware customer, Navicure, and their experiences testing and evaluating the recovery manager, their progress in implementing it in their environment and their advice other customers considering using vCenter.
Quantifying the Business Value of VMware View - Webcast
Many enterprises have discovered that the use of virtualization to support desktop workloads creates a range of significant benefits. These benefits include price efficiencies, improved IT management and greater agility and choice for end users.

This VMware sponsored webcast with IDC will provide both quantitative measurement of the business value -- defined as the expected ROI -- and qualitative analysis associated with the use of VMware View™. IDC will also provide an analysis of the View Composer and ThinApp™ features of VMware View, including the business value of these solutions and an overview of how they work.

Attend this webcast to learn about:
- Challenges and barriers that might impede the adoption of desktop virtualization
- Navigating roadblocks to facilitate a strategic implementation
- Optimizing qualitative and quantitative benefits to IT and your business
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

DDoS Mitigation - Best Practices for a Rapidly Changing Threat Landscape

Verisign State of DNS Availability Report

2012 Cyber Crime Threats and Trends

DNS: Risk, Reward and Managed Services

Expert Guide to Secure Your Active Directory

Security-In-Depth Using Integrated Risk-Conscious Controls

Continuous Monitoring: Responding to New Threats in More Complex IT Environments

Overcome Top 7 Admin Challenges of Active Directory

Insiders Can Ruin Your Company. Take Action.

Top Solutions and Tools to Prevent Devastating Malware

X-Ray of the PCI Process-4 Proactive Steps

Streamline Compliance and Increase ROI

Identity Governance: The Business Imperatives

CA Technology Brief: CA Point of View: Content Aware Identity & Access Management

Aberdeen Analyst Insight: Does Your Enterprise Have a Dropbox Problem?

Google: Security for Google Apps Messaging & Collaboration

Architecting the Security of the Next-Generation Data Center

Who Owns Security in the Data Center?

Virtual Patching with Network Security

Gartner Next Generation Network IPS Research Note
Sponsored Links

Eliminate storage boundaries with HP.View the on-demand webinar to learn more

HP Enterprise Security recognized as leader in Gartner's DAST Magic Quadrant - get it now!

Push the limits of virtualization with HP. Get the tech dossiers and learn how you can put an end to runaway virtual sprawl.

Splunk translates machine data into "aha" moments for IT and the business.

Evolving Your Data Center for the Cloud

Get Ethernet speeds from 1 Mbps to 10 Gbps - Comcast Business Class

Gain cutting-edge insights at MIT in 2-5 day executive programs.

Converge your infrastructure with HP. Access a valuable case study in the CI Resource Center now.

Redefine Software support with HP

Click to see how Accenture has delivered high performance to clients

Learn how Accenture helps clients become high-performing businesses.

Join the Conversation. Follow Oracle EPM & BI on Twitter Today.

Check Point Trusted by the Global 100

BlackBerry® Mobile Fusion. Different mobile devices. One platform.

It's time to Be Bold. See what's new at BlackBerry World 2012.

Customized information views & Twitter events at New Fulcrum Point

ShoreTel UC cuts costs like no other. Mobilize your business today.

E-book: Discover Business-Ready Storage Systems For Oracle Environments

Managed Hosting Buyer's Guide - Benefits to key considerations

Discover how integration of operations mgmt and service mgmt enhances productivity.

Converge your infrastructure with HP. Access white papers, case studies, videos and more.

High performance. Delivered. Click to see Accenture's client successes

See how Accenture helps clients perform at the highest levels

Compare risk and TCO in single and multivendor networks on Feb 23.

Connect with global CIOs now at Enterprise CIO Forum

Resource Center
buy a link »
Ads by TechWords