CSO

I used to be a cynic. I wore the black geek t-shirts and firmly believed that the worst would always happen. I used to say things such as "Users are dumb." So what happened?

I've heard "Oh, I just can't wait until the next Service Pack" all too often by those loyal users that stand by their software no matter what. Most recently, I've heard it from early adopters of OS X Leopard, but it's the battle cry of Vista users the world over. Have software vendors given up on releasing good software the first time? Are they relying on patches and Service Packs to deliver software that's just decent?

Two semi-recent events have hit home for many people that have introduced them to the Distributed Denial of Service attack or DDoS. These events have shaken you to the core if you have children or if you are a baseball fan. The events: Hannah Montana and The Rockies trying to sell their tickets to online users only.

A new battle in the privacy war has broken out at elementary schools across the country. Schools seeking to speed up cafeteria lines are starting to roll out finger print scanners as a method of payment. Is this a brilliant time saver or an Orwellian threat?

Cybercrime has surpassed the illegal drug trade in revenue generated per year, yet key decision makers for companies, law makers and law enforcers still fail to see the gravity of the situation. For those of us who have "seen the light" are there a few, quick, checklist type items that we can implement to increase security immediately? Yes, there are.

I was just interviewed by a local news station (Seattle) about a story they were doing on daring hackers that have started advertising their abilities to destroy a person's life for as little as $20 per month. The interviewer wanted to know if this was really happening in the industry and if it was really easily accomplishable for such little money. My response: yes and absolutely.

Is compliance and auditing nothing more than a money making scheme or can it really help secure a company against the constant onslaught of cyber crime attacks that exist day to day?

More and more companies are taking steps to secure their data and protect themselves from the types of breaches that make headlines. They are spending millions locking down networks and applications, but what about the back-ups? What good are million dollar security measures when you let data walk right out the door?

Financial institutions are finally wising up to the threat the phishing attack. Many are rolling out new login schemes which aim to protect the user from falling victim to these attacks but a recent proof of concept exposes the flaws in these systems. In the nebulous world of the internet, how can you be sure who you are giving your secrets to?