Are your security professionals qualified?
- 16 August, 2012 14:08
Several lessons have been derived from the recent iCloud security incident, but the most important for me is how it demonstrates the ignorance of many security professionals, an ignorance that calls their management into question.
When the iCloud hack started hitting the news, it generated a lot of discussions among security personnel. Many of them grasped the underlying concepts reasonably well. Unfortunately, though, some of the conversations demonstrated a clear lack of understanding of fundamental security concepts.
As is widely known by now, a hacker was able to compromise the Amazon.com and iCloud accounts of a Wired reporter. The accounts were compromised as a result of operational security flaws in the password reset processes of the respective organizations. The attack itself was rather involved, but at bottom it was a fairly straightforward social engineering type of attack.
- HP Helps NEC Reduce Network Management Costs and Gain Efficiencies
- Deploying Flash in the Enterprise
- Protecting Your Data, Intellectual Property, and Brand from Cyber Attacks
- Integrated Computing Platforms: Infrastructure Builds for Tomorrow’s Data Centre
- The SPARC Difference - Reduce Risks, Cut Costs, Power Innovation
Box buys iOS app to improve its own
Review: Sony Xperia SP
Coming to a shopping centre near you: 3D body scanners
ASIC debacle: Conroy open to transparency over website blocks
Verizon, Jennifer Lopez partner on Latino-focused wireless stores