Business Continuity

Business Continuity news, information, and how-to advice

heartbleed
heartbleed

FAQ

FAQ: Good-bye old pal, old paint, Windows XP

Windows XP falls off the Microsoft patch list after today. Here's why, and what it means to you

Businesses face rising political pressure from data breaches

FTC encourages Congress to pass national breach notification legislation, among other efforts.

CDW Integrates with Google Apps for Cloud Collaboration

Through a partnership with Google and Esna Technologies, CDW has rolled out native access to the CDW Cloud Collaboration suite within Google Apps.

Understanding incident response: 5 tips to make IR work for you

Incident response is a plan that evolves over time to keep your organization best prepared against likely threats. CSO talked to industry experts at Black Hat about the ups and downs of IR, and how to develop a plan that's right for...

Focus cyber risk on critical infrastructure: Remote substations are vulnerable

Doug DePeppe has some especially strong feelings about protecting remote substations from cyber attacks. Here is his guest CSO blog to explain why.

Our bias for breach prevention is causing blind spots

We have an inherent bias toward prevention, even as we freely admit we can’t prevent a breach. That leads to the neglect of detection, response, and the role of culture in building a successful security program. Explore how and why to

Who put the cockroach in my supply chain?

Businesses have always had concerns about supply chain risks but, for most businesses, those risks involve shipping delays, parts shortages and labor issues. But that’s starting to change as evidenced by CSOonline’s recent coverage on

Gartner Magic Quadrant for Client Management Tools

The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.

Think data breach won't happen to you? Why we need to close the gap between perception and reality

Organizations continue to believe they are neither targeted nor likely to succumb to attack. They delude themselves into thinking that either they can invest enough to prevent breaches or their profile keeps them under the radar....

9 must-do's if you must stick with Windows XP

Without updates after April 8 Windows XP is expected to fall prey to any number of zero-day attacks for which Microsoft will provide no defense, but there are some things die-hard XP users can do to make their machines safer.

When it comes to disaster recovery, it's nothing but failure

A new study from the Disaster Recovery Preparedness (DRP) Council has nothing but doom and gloom when it comes to the state of disaster recovery.

DDoS attack on CloudFlare customer larger than Spamhaus

In a report on the DDoS attack against one of their customers earlier this week, CloudFlare says that the attackers generated an enormous amount of traffic, from 4,529 NTP servers that were running on 1,298 different networks. As a...

Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution

In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence point for other endpoint management and control functions.

If Target got breached because of third party access, what does that mean for you?

The real opportunity for security professionals is to side-step speculation and use the coverage to spark productive conversations. The kinds of discussions that help others understand your value and set the stage for necessary...

GitHub launches bounty program, promises $5k max reward

Following the success of bounty programs launched by Google, Microsoft, and Mozilla, GitHub has announced a reward scheme that promises to pay anywhere from $100 to $5,000 to researchers who disclose vulnerabilities responsibly. The...

Target credential theft highlights third-party vendor risk

Retailer discloses that attackers stole credentials from vendor to break into its network

Vulnerable vBulletin install on OpenSUSE forums exploited

A Pakistani "hacker," calling themselves H4x0r HuSsY , used a known vBulletin vulnerability to deface the openSUSE forums, and compromise databases stored by the site.

Pragmatic Endpoint Management: Empowering an SMB Workforce in the Age of Mobility

Lacking the time for proper training and education, SMB administrators often resort to taking shortcuts to keep their environment running.This paper discusses the challenges of managing different endpoints in SMB-sized

Purchase order scam targeting university suppliers

Salted Hash has obtained a copy of a warning letter from Boston College addressed to all of their suppliers. In it, the university says that emails claiming to be from the school are requesting product quotes for merchandise and...

Using the evidence of hard drive failure from Backblaze to increase the value of security

By sharing the data, they make it possible for other people and organizations to make better decisions. In security, it also gives us the opportunity to use the evidence to engage in conversations -- on a personal and a corporate...

The magical list of security predictions for 2014

About this time every year, journalists covering the InfoSec beat start seeing prediction lists being pitched. Sadly, we will see the same pitch, from the same vendor, with the same predictions, several times. The record so far for me

Amazon's promise of postal drones rides on a bed of hot air

Over the holiday weekend, millions watched as Jeff Bezos, Amazon's CEO, told 60 Minutes how he plans to use drones (customized octocoptors) to deliver packages. The service, known as PrimeAir , will fly packages that are less than...

Load More