Optimal Security : the Lumension Blog

In my post some time ago about the newly released Windows 7, I made mention of a Gartner report entitled “Planning for the Security Features of Windows 7.” I want to revisit this report in a little greater detail – in particular, the statement “Use the migration to Windows 7 as the catalyst to get [...]

The latest Internet Explorer zero day threat will unfortunately catch many off guard and will have a significant impact on many organizations that are still relying on outdated defenses.
For the past decade or perhaps longer, our way of dealing with threats has been to try to filter our way out of trouble. However, with our [...]

So, the Federal Trade Commission (FTC) has, for the fourth time (!) delayed enforcement of the so-called “Red Flags” rules, according to a statement posted on the agency’s website. Compliance enforcement is now scheduled for June 1, 2010 –- in case you’re keeping score at home, the previous dates were 01-Nov-08 (original), 01-May-09 (first delay), [...]

We’ve been discussing how unprepared organizations in the U.S. are for cyber attacks, and now there’s new research that backs up these concerns and illustrates the inherent weaknesses that must be addressed if we’re to adequately safeguard our information and vital systems.
A new Ponemon-Lumension survey on the worldwide state of the endpoint shows that companies [...]

So, no sooner do I get done writing about how Win7 is a much better OS, albeit not perfect, from a security perspective than the first zero-day threat is revealed. And this after Microsoft (triumphantly?) issued no Win7 security updates in last week’s Patch Tuesday extravaganza, that included a fix (MS09-065) to a Windows kernel [...]

Windows 7 has arrived on the scene with much hoopla. Understandably, many IT folks have greeted it with some trepidation. Here are my thoughts on what you should consider before migrating to this new platform.
No. 1: Windows 7 is better than XP, which is now already eight years old. While Windows 7 may not be [...]

Paul Henry, Forensics and Security Analyst, provides his insights in this November Patch Tuesday Security Briefing.

Apple clearly seems to have taken a page from the Microsoft playbook and is now regularly delivering software patches almost monthly — typically in the shadow of Microsoft Patch Tuesday. However, this month’s Apple patch release falls on the eve of Patch Tuesday as IT teams prepare to address tomorrow’s Microsoft Patch Tuesday.
The nearly [...]

October was National Cybersecurity Awareness month. What did this initiative accomplish? Not much, I’m afraid. The fact that a lot of people in the private sector don’t even know it was Cybersecurity Month speaks to the problems we face in ensuring that people take cybersecurity seriously.
We still don’t really understand the value of cybersecurity and [...]