by Thor Olavsrud

Top 12 IT Security Stories of 2012

Dec 20, 20124 mins
CybercrimeData and Information SecurityIntrusion Detection Software

The holidays are nearly here and 2012 is on the way out. It's time to reflect on some of the most popular security stories and tips of the year as we prepare for 2013.

As 2012 winds down, it’s time to take a look at the year in security. Security and data breaches made plenty of headlines in 2012. Here are 12 of the most-read security articles of 2012.

1. 6 Ways to Defend Against Drive-by Downloads

Cybercriminals are increasingly using drive-by downloads to distribute malware without end users knowing something bad has just landed on their machine–until it’s too late. Here are six ways IT departments can protect end users from the productivity sink and potential data loss that drive-by downloads create.

2. How to Tell If an Email Is a Phishing Scam

As email phishing operations have grown more sophisticated and convincing, it’s harder for even savvy corporate email users to determine whether an email is authentic or fake. Here, presents an example of a particularly convincing phishing email. We asked, Daniel Peck, a research scientist with email security company Barracuda Networks, to offer tips on how to spot a scam.

3. Are You at Risk? What Cybercriminals Do With Your Personal Data

When hackers attack a company’s systems and steal your personal data, what risk does that pose to you and other victims? How much is your name and email address worth to cybercriminals anyway? To find out what’s really at stake, asked security experts six key questions about data security breaches.

4. 4 Ways to Prevent Domain Name Hijacking

A company’s domain name is one of its most valuable assets, yet businesses do little to protect them from being hijacked. As DNS hijacking becomes more prevalent, IT leaders need to understand how they can protect their companies from the damages domain hijacking wreaks. Here are four tips.

5. How to Build Multiple Layers of Security for Your Small Business

The complex and ever-changing security landscape can befuddle small businesses, and the plain truth is that there is no silver security bullet. Small businesses would be well-advised to deploy a multi-faceted security strategy. Here are eight must-have checklist items.

6. How to Prevent Thumb Drive Security Disasters

Small USB flash drives can cause big security headaches. Learn how four very different organizations have managed to balance the need to allow employees to transfer files for legitimate business purposes with the need to prevent data leaks.

7. How to Secure Data by Addressing the Human Element

Your sensitive data is only as secure as the weakest link in your organization, and in many cases the weak link is your employees. A properly established security awareness and training program can pay huge dividends.

8. Will Tech Industry Ever Fix Passwords?

What LinkedIn and other recent breaches tell us about widespread security risks as we embrace social media and cloud applications in the enterprise.

9. Facebook Timeline Scams Prey on Wishful Thinking

If you’re not a fan of the new Facebook Timeline design, beware of bogus Facebook groups and pages promising a return to the old design.

10. Mobile Malware: Beware Drive-by Downloads on Your Smartphone

Drive-by downloads are coming to your smartphone, and they’re harder to detect than traditional PC-based versions. Here’s how you can protect yourself, your users and your enterprise from mobile drive-by downloads.

11. How to Secure Sensitive Files and Documents

Much of an organization’s most sensitive information resides in unstructured files and documents that are commonly subject to data loss and leakage–especially in today’s mobile, Web-based world. IT pros must develop an approach to securing these documents that gives the business the control it needs without stymying employees’ productivity.

12. How to Defend Against Malnets

The number of malnets has jumped 300 percent in the past six months, according to security firm Blue Coat Systems. While they are nearly impossible to kill, there are steps you can take to protect your organization.

Thor Olavsrud covers IT Security, Big Data, Open Source, Microsoft Tools and Servers for Follow Thor on Twitter @ThorOlavsrud. Follow everything from on Twitter @CIOonline and on Facebook. Email Thor at