What’s HOT in Application Security Vol #4

Mar 11, 2012 By Administrator

Where is NASA’s security?Application Security News

5,408 successful eruptions since 2009, 48 stolen laptops and mobile devices,47 advanced persistent threats (APTs) and 13 that managed to jeopardize thousands of NASA’s computers causing serious damage and leaving NASA with an approximated $7 million bill.


Increase in IT security burnout

As opposed to other industries it appears that in IT security it’s much harder to measure achievements. “It’s like a fungus,” said Security consultant Gal Shpantzer. “You’re trying to get rid of it,but it keeps growing.” Another reason for the burnout increase is the lack of social behavior. Panelist Stacy Thayer, executive director of SOURCE Conference: “info sec is an isolating profession and that lack of human contact on many days can make things seem bleak”.

Results from a survey that was carried out based on 124 valid security specialists present, 13% already burnt out and in need of help.


BYOD – Bring Your Own Device 

IT specialists are trying to figure out how risky work related mobiles and other kind of electrical appliances can be to the security of the company.

  • 24% of employed adults use their own Smartphone to access and/or store company information
  • 41% for personal laptops and 47% for personal desktops.

These devices are being used almost everywhere and are connecting to public networks. On air planes, coffee shops and many other public places and not even half are secure even by the simplest security method.


Biggest information security risks as told by British Telecom CTO Bruce Schneier at the RSA Conference

1)      Users are forgoing their information rights and frequently depending on companies to safeguard their information; however these companies are preoccupied with making money by advertising products and services to users

2)      Negative impacts of the new regulations-

  • Large enterprises proposing irrelevant law enforcements solely to promote their businesses
  • Lowering the amount of anonymity and requiring user identity
  • Granting government access to an “internet kill switch” in case of emergency

3)      An anticipated outcome is that Governments will slowly take control of the internet; building up cyber capabilities in order to secure themselves from cyber threats.


IT Security Neglect

While the amounts of cyber attacks are significantly increasing companies are neglecting and not investing in sufficient resources that can prevent such attacks.
Due to careless security on the part of companies and employees hackers were able to gain access hundreds of thousands of accounts, releasing top secret information that were exposed through chats, surveys, forwarding work emails to a Gmail account and checking accounts by iphone.


The following two tabs change content below.


Latest posts by Administrator (see all)

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.