Description: Positive security, in which it whitelists everything from entire applications down to specific functions before allowing access, sounds extreme. Unfortunately, the desktop environments we know and love prioritize ease of use over security, and we’re all feeling the pain: More than half of respondents to our 2008 InformationWeek Analytics Strategic Security poll have been hit by a virus this year, and nearly 30% have been attacked through OS vulnerabilities.
Description: In 2008, the average number of security breaches increased slightly from previous years. Although the number of security breaches remained moderate over the last few years, the data indicates the severity levels have increased. This suggests many organizations have made significant progress in dealing with security issues, but the number and types of threats have increased in step. The most significant costs of security breaches remains the overall impact on employee productivity. About one-third of U.S. respondents cite lost productivity as the top consequence of a breach, followed by a disruption of revenue-generating activities. The primary cause for the most severe security breaches remains unintentional in nature and typically caused by human error. This demonstrates a need for more employee trainings and deeper knowledge of technology functions.
Description: Yahoo was under attack, the first of several in one week that would dramatically expose cyberspace’s dirty secret: though the Internet is an amazing creation that has boosted our economy and provided lots of cheeky Super Bowl ads, it is still a work in progress that can be knocked silly with surprising ease. Even the e-commerce giants are no sturdier than any others. All it takes is a well-directed “denial of service” attack to blow away the edifices, at least on a temporary basis. And when you try to track the culprit, it turns out that all you can find is a shield–the dummy computers through which the cyber vandal laundered his poisonous computer code.
Description: 7:36 minutes. YouTube video about the “governance,” or management, of information. Many companies govern “money, finances, risks.” This video presents argument about need for special, specific, different attention to the importance of controlling these assets; a context for what needs to be done.