Business Continuity

Business Continuity news, information, and how-to advice

heartbleed
heartbleed graffiti

heartbleed
breaking

Heartbleed vulnerability linked to breach of Canadian tax data

The Canada Revenue Agency (CRA), Canada's tax-collection agency, confirmed in a statement on Monday that the Heartbleed vulnerability was to blame for the loss of tax-related information.

heartbleed

Heartbleed (CVE-2014-0160): An overview of the problem and the resources needed to fix it

After only a few days, the Internet is buzzing with news surrounding CVE-2014-0160, better known as the Heartbleed vulnerability. CSO has compiled the following in order to offer a single source to help administrators and security...

CDW Integrates with Google Apps for Cloud Collaboration

Through a partnership with Google and Esna Technologies, CDW has rolled out native access to the CDW Cloud Collaboration suite within Google Apps.

FAQ

FAQ: Good-bye old pal, old paint, Windows XP

Windows XP falls off the Microsoft patch list after today. Here's why, and what it means to you

Businesses face rising political pressure from data breaches

FTC encourages Congress to pass national breach notification legislation, among other efforts.

Understanding incident response: 5 tips to make IR work for you

Incident response is a plan that evolves over time to keep your organization best prepared against likely threats. CSO talked to industry experts at Black Hat about the ups and downs of IR, and how to develop a plan that's right for...

Focus cyber risk on critical infrastructure: Remote substations are vulnerable

Doug DePeppe has some especially strong feelings about protecting remote substations from cyber attacks. Here is his guest CSO blog to explain why.

Redefining Endpoint Security With Isolation Technology: An innovative, new security architecture

Find out how to secure your enterprise and empower your users to click on anything, anywhere without the fear of being compromised.

Our bias for breach prevention is causing blind spots

We have an inherent bias toward prevention, even as we freely admit we can’t prevent a breach. That leads to the neglect of detection, response, and the role of culture in building a successful security program. Explore how and why to

Who put the cockroach in my supply chain?

Businesses have always had concerns about supply chain risks but, for most businesses, those risks involve shipping delays, parts shortages and labor issues. But that’s starting to change as evidenced by CSOonline’s recent coverage on

Think data breach won't happen to you? Why we need to close the gap between perception and reality

Organizations continue to believe they are neither targeted nor likely to succumb to attack. They delude themselves into thinking that either they can invest enough to prevent breaches or their profile keeps them under the radar....

9 must-do's if you must stick with Windows XP

Without updates after April 8 Windows XP is expected to fall prey to any number of zero-day attacks for which Microsoft will provide no defense, but there are some things die-hard XP users can do to make their machines safer.

Predictive Defense and Real-Time Insight: The Next Step in Advanced Threat Protection

Download this complimentary report, featuring the Gartner Research "Designing an Adaptive Security Architecture for Protection From Advanced Attacks", and learn why organizations can't rely solely on traditional blocking

When it comes to disaster recovery, it's nothing but failure

A new study from the Disaster Recovery Preparedness (DRP) Council has nothing but doom and gloom when it comes to the state of disaster recovery.

DDoS attack on CloudFlare customer larger than Spamhaus

In a report on the DDoS attack against one of their customers earlier this week, CloudFlare says that the attackers generated an enormous amount of traffic, from 4,529 NTP servers that were running on 1,298 different networks. As a...

If Target got breached because of third party access, what does that mean for you?

The real opportunity for security professionals is to side-step speculation and use the coverage to spark productive conversations. The kinds of discussions that help others understand your value and set the stage for necessary...

GitHub launches bounty program, promises $5k max reward

Following the success of bounty programs launched by Google, Microsoft, and Mozilla, GitHub has announced a reward scheme that promises to pay anywhere from $100 to $5,000 to researchers who disclose vulnerabilities responsibly. The...

Healthcare Information Management: A New Urgency

With the challenges of an evolving regulatory environment and the information overload problem with management practices, many organizations have now reached an inflection point.

Target credential theft highlights third-party vendor risk

Retailer discloses that attackers stole credentials from vendor to break into its network

Vulnerable vBulletin install on OpenSUSE forums exploited

A Pakistani "hacker," calling themselves H4x0r HuSsY , used a known vBulletin vulnerability to deface the openSUSE forums, and compromise databases stored by the site.

Purchase order scam targeting university suppliers

Salted Hash has obtained a copy of a warning letter from Boston College addressed to all of their suppliers. In it, the university says that emails claiming to be from the school are requesting product quotes for merchandise and...

Using the evidence of hard drive failure from Backblaze to increase the value of security

By sharing the data, they make it possible for other people and organizations to make better decisions. In security, it also gives us the opportunity to use the evidence to engage in conversations -- on a personal and a corporate...

Load More