Folks in California are so used to earthquakes that sometimes they barely notice when one happens. Folks in the security business are so busy and swamped with the noise of the market that we often miss tectonic shifts in our own world. Let me help you with that last one:
BREAKING NEWS: “Endpoint Security Earthquake Hits: McAfee Actively Endorses Application Whitelisting. Magnitude & Ramifications Are Significant.”
This week, McAfee, one of the two dominant forces in reactive, blacklist-based endpoint security, actively and unequivocally endorsed Application Whitelisting. Ironically, in hard coverage of Symantec’s recent problems with pcAnywhere, the industry is actively recommending application whitelisting too.
First, let’s cover the major quake: McAfee’s active endorsement of application whitelisting—for corporate desktops and laptops. ( Read More… )
It is a PR disaster. A group of ‘hacktivists’ have somehow managed to attack your company website and changed your content (which is actively being displayed to the entire world). Your phone won’t stop ringing, and your mailbox just melted down. So many questions running through your mind: ‘What just happened?’, ‘Who did this?’, ‘How did they do this?’, and most importantly ‘How can I prevent this from happening again???’. It certainly doesn’t help that this has the highest level of visibility within your organization. It’s going to be a very long day.
Sadly this scenario is now playing itself out more than ever. This is especially true with a loosely managed group of hactivists that call themselves ‘Anonymous’. The list of companies affected by Anonymous is large enough to raise national media attention—which is not exactly where your company wants to have its name mentioned. ( Read More… )