Stories about: Computer Security Institute

Cox Communications employee William Bryant recently pleaded guilty to information technology sabotage, having caused the loss of computer, telecommunications and emergency 911 services for thousands of Cox's business and residential customers throughout Dallas, Las Vegas, New Orleans and Baton Rouge . Bryant faces a 10-year jail sentence and a US$250,000 fine, but the future is less certain for Cox. Although services were fully restored, the incident's effect on Cox's reputation has yet to be determined.

When it comes to outsourcing security functions, skepticism still rules the day for many users. The idea of handing over control of network security to an outside firm paid to maintain gear, monitor for attacks, perform scans, collect logs or update security software for employees is, to say the least, controversial.

An overwhelming percentage of US businesses still fall far short in their efforts to comply with industry data-handling regulations and reduce their likelihood of experiencing a serious leakage incident, according to new a survey.

The IT Policy Compliance Group today released research showing 20 percent of enterprises suffer from more than 22 sensitive data losses per year.

IT vulnerabilities such as inadequate documentation and poor PC access controls put enterprises at risk of being noncompliant with regulatory mandates and prone to security events -- and most companies have at least a few such deficiencies present in their environments, according to research released Monday.

Hackers working for criminal gain are using increasingly sophisticated methods to ensure that the malware they develop is hard to detect and remove from infected systems, security researchers warned at this week's Computer Security Institute (CSI) trade show in Orlando.

Regulatory requirements and increasing consumer concerns about information security breaches are making data-level security controls a top priority for 2007, according to IT managers at the Computer Security Institute (CSI) trade show in Orlando this week.

Enterprise security executives need to make practices such as safe USB use and discreet handling of patient or customer data as commonplace as not accepting luggage from strangers in airports or wearing a seat belt when driving.

IBM announced a new security product Friday that helps protect companies from internal attacks on their IT systems.

A panel of security experts at the RSA Conference last week said businesses still overlook fundamental security questions when buying or building software.

Companies that make regulatory compliance the sole driver of their information security efforts could be weakening their long-term security posture instead of improving it, according to IT managers at the 32nd annual US Computer Security Institute conference held last week. Therefore, it's better to make compliance a by-product of a broader corporate security strategy -- not its sole end objective, they said.