Introducing Checkmarx Software Composition Analysis (CxSCA)

What’s HOT in Application Security Vol #4

Where is NASA’s security?Application Security News

5,408 successful eruptions since 2009, 48 stolen laptops and mobile devices,47 advanced persistent threats (APTs) and 13 that managed to jeopardize thousands of NASA’s computers causing serious damage and leaving NASA with an approximated $7 million bill.

Increase in IT security burnout

As opposed to other industries it appears that in IT security it’s much harder to measure achievements. “It’s like a fungus,” said Security consultant Gal Shpantzer. “You’re trying to get rid of it,but it keeps growing.” Another reason for the burnout increase is the lack of social behavior. Panelist Stacy Thayer, executive director of SOURCE Conference: “info sec is an isolating profession and that lack of human contact on many days can make things seem bleak”.

Results from a survey that was carried out based on 124 valid security specialists present, 13% already burnt out and in need of help.,1

BYOD – Bring Your Own Device 

IT specialists are trying to figure out how risky work related mobiles and other kind of electrical appliances can be to the security of the company.

  • 24% of employed adults use their own Smartphone to access and/or store company information
  • 41% for personal laptops and 47% for personal desktops.

These devices are being used almost everywhere and are connecting to public networks. On air planes, coffee shops and many other public places and not even half are secure even by the simplest security method.

Biggest information security risks as told by British Telecom CTO Bruce Schneier at the RSA Conference

1)      Users are forgoing their information rights and frequently depending on companies to safeguard their information; however these companies are preoccupied with making money by advertising products and services to users

2)      Negative impacts of the new regulations-

  • Large enterprises proposing irrelevant law enforcements solely to promote their businesses
  • Lowering the amount of anonymity and requiring user identity
  • Granting government access to an “internet kill switch” in case of emergency

3)      An anticipated outcome is that Governments will slowly take control of the internet; building up cyber capabilities in order to secure themselves from cyber threats.

IT Security Neglect

While the amounts of cyber attacks are significantly increasing companies are neglecting and not investing in sufficient resources that can prevent such attacks.
Due to careless security on the part of companies and employees hackers were able to gain access hundreds of thousands of accounts, releasing top secret information that were exposed through chats, surveys, forwarding work emails to a Gmail account and checking accounts by iphone.

Jump to Category