- +
How to Get Real About Strategic Planning 04/02/2008 12:50:59
Everyone agrees that having a strategic plan for IT is a good thing but most CIOs approach the process with fear and loathing. In fact, the majority of CIOs (and the enterprises they work for) are faking it when it comes to strategic planning. Isn't it time we all got real?Oh, it must be nice to be the CIO of a FedEx or a GE or a Credit Suisse. Places where IT and the business are so tightly aligned you can barely tell the two apart. Where corporate leaders understand that IT is a strategic asset and support it as such - +
9 Paths to Higher Performance 10/12/2007 14:09:23
When an organization brings together talented people in a creative, collaborative environment it fosters a culture of high performance, which in turn leads to superior business resultsLike high-achieving individuals, some organizations seem to have the Midas touch. Virtually every initiative they touch earns them gold and even those that fail never seem to cost them much of anything at all - +
Strategies for Dealing With IT Complexity 24/12/2007 10:30:47
Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business.Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business. - +
Hiring Manager: Emphasize Integrity, Attitude 14/12/2007 11:18:07
William Howell shares his hiring mistakes and his secrets for selecting the best job candidates, finding objective references and using LinkedIn as a recruiting tool.William Howell shares his hiring mistakes and his secrets for selecting the best job candidates, finding objective references and using LinkedIn as a recruiting tool. - +
Toxic Mix or Bit of a Mixed Blessing? 31/12/2007 10:36:30
“Eye of newt, and toe of frog, Wool of bat, and tongue of dog . . . ” The inter-generational office brew of Boomer, Gen X and Gen Y may not be quite as odious as that of the three witches in Shakespeare’s Macbeth, but even so it makes “for a charm of powerful trouble”"Eye of newt, and toe of frog, Wool of bat, and tongue of dog . . . " The inter-generational office brew of Boomer, Gen X and Gen Y may not be quite as odious as that of the three witches in Shakespeare's Macbeth, but even so it makes "for a charm of powerful trouble"
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Wireless LANs: Is my enterprise at risk?
Why Security SaaS Makes Sense Today
Solve Exchange Storage Problems Once and For All: A New Approach without Stubs or Links
Revolutionising Back-up and Recovery
Choices in Storage Architecture for Oracle Environments
Dude! You Say I Need an Application-Layer Firewall?!
How to Beef Up Your Sales Pipeline
Email Archiving Implementation: Five Costly Mistakes to Avoid
Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
A penetration test of 200 of Australia's largest enterprises has found severe network security flaws in 79 percent of those surveyed.
The tests, undertaken by University of Technology Sydney (UTS), saw 25 non-IT students breach security infrastructure and gain root or administration level access within the networks of Australia's largest companies, using hacking tools freely available on the Internet.
The students - predominately law practitioners - were given 24 hours to breach security infrastructure on each site and were able to access customer financial details, including confidential insurance information, on multiple occasions.
High-level business executives from the companies surveyed, rather than IT staff, were informed of the tests so the "day-to-day network security" of businesses could be tested.
Faculty of Law lecturer and LogicaCMG chief security officer, Ajoy Ghosh, who commissioned the test said students were able to breach 24 enterprises or 12 percent in less than an hour, in fact most systems were foiled in the first few minutes.
"More than half of those that passed the penetration test had freeware Intrusion Detection Systems (IDS), notably Snort; we only had two responses from security teams even though sites were down for more than an hour," Ghosh said.
"Organizations that couldn't be penetrated typically had Web servers were on hardened operating systems and many had done code reviews on Web pages and installed apps."
Ghosh pointed out that one in three intrusions occur on networks already protected by certified gateways, even those certified by government common criteria."
Most of the 21 percent of companies who passed the penetration tests owed their success to freeware Intrusion Detection Systems (IDSs), according to Ghosh.
"Over half of those that passed the test had freeware IDSs and already had or were implementing an Information Security Management System (ISMS)," he said.
"This proves that it's not costly to implement an IDS."
An equal distribution of Microsoft, Apache and Domino servers were used by the successful 21 percent.
High Tech Crime Centre federal agent Nigel Phair said it is "almost impossible" to collect accurate data on online security breaches because of the secrecy of the private sector.
"It is easier to sweep intrusions under the carpet and bring in a consultant to mop it up [than] to go to the Police," Phair said.
"People stand close to ATMs so they don't expose their passwords, but they do not apply real-world sensibilities in online environments.
"Users buy computers with antivirus as [OEM], but don't bother renewing updates and think they are still protected."
He said awareness of cybercrime has suffered from a lack of holistic security surveys, such as the recently-scrapped AusCERT Computer Crime and Security Survey, which Phair said has "left a hole" in the industry.
Have an opinion on this story? Click to e-mail Darren Pauli.
Computerworld Member Login
Prioritizing Services with IT Service Management (ITSM)
Computerworld Live Webinar
Wednesday 20th, August 2008
11:00am EST (Sydney, Australia)
To be repeated on:
Thursday 4th, September 2008
11:00am EST (Sydney Australia)
Sign up and receive a free copy of The Forrester WaveTM Service Desk Management Tools, Q2 2008 at the conclusion of the Webinar.
Attend and discover:
- How to deliver value to your business through ITSM
- Best practice ITSM implementation
- Why emphasis is changing from optimizing IT management processes to better servicing customers and demonstrating real dollar value
- If service-oriented ITSM is best for your business
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Viva la Verticals! Key to Vendor Growth is Through Vertical Market Opportunities, Says IDC 2008-09-05 11:05:00+10
F-Secure delivers fastest protection in the online world 2008-09-04 16:50:00+10
NETGEAR expands ProSafe team as business-class products take off in SME market 2008-09-04 16:27:00+10
Rogue security apps dominate Fortinet's Aug 2008 IT threat report 2008-09-04 16:00:00+10
Adaptec Intelligent Power Management Reduces Storage Power Consumption Up to 70 Percent 2008-09-04 11:28:00+10
Why Security SaaS Makes Sense Today
Corporate IT teams are waging a significant security battle on two fronts these days: stopping attacks via the Web and through email. Security SaaS can solves these problems and more. Read on to discover 7 reasons why security SaaS makes sense for your business.
