Optimal Security : the Lumension Blog

So, a couple of weeks ago we were all very concerned about the MS10-015 patch included in the February security update from Microsoft which seemed to cause the dreaded Blue Screen of Death (BSOD) on some machines. As we “went to press” with our blog post, the news was just breaking that the underlying cause [...]

Makes Us Wonder if Web 2.0 / Social Apps are a Boon or a Bane.

Today, Wednesday, February 17, 2010, marks one year since the HITECH Act of 2009 passed. This means that most of the Act’s provisions are now enforceable – particularly, the breach notification and penalties aspect of the Act. While most healthcare organizations are concerned about the “meaningful use” requirement, for us in the IT security space [...]

So, another Patch Tuesday has passed – and it was a big one. But the news late Thursday 02/11 was a bit less nice: it seems that one of the patches included causes that dreaded BSOD on certain Windows XP boxes.
Microsoft is aware of the problem, which involves the MS10-015 bulletin (aka the 17-year-old Windows [...]

Paul Henry, Forensics and Security Analyst, provides his insights in this February 2010 Patch Tuesday Security Briefing.

After a light start to the year in terms of patching, Microsoft is throwing out its heaviest patch load in four years for IT departments to tackle for the month of February with 13 patches in all - five of which have a maximum security rating of critical.
Three of the critical patches standout from the [...]

Recently Dennis Blair, director of national intelligence, presented the Annual Threat Assessment of the U.S. Intelligence Community to the Senate Select Committee on Intelligence and painted a much starker picture of the current state of cybersecurity in the country compared to his testimony last year.
According to Blair, the United States confronts a dangerous combination of [...]

As businesses move at a rapid pace to integrate social media as part of their overall corporate strategy to engage, build brand awareness and drive thought leadership, unfortunately, security has taken a back seat leaving businesses wide open to these Web 2.0 threats. The use of Web 2.0 has opened new risk channels for the [...]

We recently sat down with Michael Rasmussen, President and Risk & Compliance Advisor at Corporate Integrity, to discuss how public sector organizations can meet the requirements of FISMA in a cost-efficient but effective manner.
Q. How are public sector organizations adapting to FISMA compliance and why is this critical?
A. Federal agencies are trying to make the [...]

The latest fifth annual US Cost of a Data Breach study by the Ponemon Institute and sponsored by PGP was released this week. [Disclosure: Lumension has a relationship with the good folks at Ponemon.] The key findings of this report are well articulated in the Executive Summary …

US organizations continue to experience an increased cost [...]