Security Advisor
Government's Crosshairs On Cybersecurity for October
Celebrate National Cybersecurity Awareness Month with these guidelines presented by the U.S. government. Plus: Google and Microsoft fling malware accusations; Redmond hogging credit for latest botnet takedown?
October is National Cybersecurity Awareness Month, which means malware, adware, spyware, corrupt code, fake Web Sites and even fake anti-virus software and security update servings will take center stage this month.
Robert Stroud, past international vice president of ISACA and vice president of Strategy and Innovation at CA Technologies, tells Security Advisor that the government has two roles: First, government must practice effective data management processes, and second, it must impose effective legislation to ensure that enterprises manage data effectively.
Stroud says the key thing to look out for is security on mobile devices in the cloud and M-commerce era. While enterprises are limited in their ability to effectively manage and secure mobile devices that have access to their information infrastructure, there are steps they can take to mitigate the risk this poses. For example, enterprises should educate their employees on their mobile device security requirements and implement a comprehensive mobile device policy that aligns with the enterprise's risk profile.
Microsoft, Google In Tiff Over Malware
The proxy war over security via browsers heated up after Google's Chrome security team said Microsoft Security Essentials antivirus software has falsely identified the search giant's Chrome Browser as malware, in particular (PWS:Win32/Zbot). Google says some of Chrome's users on Windows PCs have been booted out of surfing sessions as a result.
The tiff started when Microsoft said on its malware protection Facebook page that it has already fixed the issue after approximately 3,000 customers were impacted.
Microsoft said if Windows users opt to use Chrome, which operates as part OS, part browser, they need to first update signature files used by Microsoft Security Essentials -- the free antivirus software launched by Microsoft for Windows users.
As more users adopt the Chrome browser, the interoperability discrepancies are likely to continue.
Microsoft Hogs Credit in Malware Takedown?
Redmond's Kelihos takedown announcement is on its face a victory against a pesky botnet, but according to news reports, the software giant has either downplayed or excluded the role of close collaborator Kapersky Labs in the alleviation of the malware.
Kapersky apparently wants its props: "Hey @msftmmpc [Microsoft Malware Protection Center] why didn't u mention all truth about Hlux/Kelihos botnet taking down?" That's what Dimitry Bestuzhev, head of global research and analysis team Kapersky's Latin America division tweeted after the announcement.
The appeal on Twitter comes at a time when Microsoft has requested cooperation of third parties in a larger ecosystem to combat things that go bump on the Web and operating system.
In the world of IT security and malware research, this incident is proof positive that ownership of data and discovery is relevant.
About the Author
Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.