The rising number of reported data breaches in the last few months may just mean corporate security auditors are better at finding compromised systems, ITRC researchers suggest.
The number of data breaches on the Identity Theft Resource Center's 2008 breach list has already surpassed the 446 breaches reported by the organization for all of 2007.

As of the morning of Aug. 22, the number of data breaches reported had reached 449.
As to whether things are getting worse, ITRC founder Linda Foley is cautious. "This is a little frightening, knowing that we're four months ahead of last year," she said.
However, Foley also noted that her organization and others are finding out about more breaches now than they did in the past. Rather than indicating a deteriorating security situation, the rising number of reported data breaches may just mean corporate security auditors are better at finding compromised systems, she suggested.

The Identity Theft Resource Center points out that the actual number of breaches this year is probably higher than 449 so far because of underreporting and because breaches affecting multiple businesses tend to be reported as a single event. According to the ITRC, in 40% of breach events, the number of records affected is not reported or fully disclosed.
In any event, it appears that hard numbers about data breaches are hard to come by. According to survey of about 300 attendees at this year's RSA Conference, more than 89% of security incidents went unreported in 2007.

Security incidents, as defined by the RSA study, represent "an unexpected activity that brought sudden risk to the organization and took one or more security personnel to address." Clearly not all "security incidents" are data breaches, but certainly some underreporting of breaches is going on.
In addition to the underreporting of breaches, assessing the actual impact of a breach may be difficult because there's disagreement about the number of data records involved.

"The number of attacks, in addition to publicly disclosed breaches, continues to escalate as criminal networks mushroom around the world, while economies weaken," said Avivah Litan, a VP at Gartner in a statement.
Foley is hopeful that before too long, more complete data about data breaches will lead to a better understanding of such incidents. Her goal, she said, is not to point fingers but to help organizations devise better data security regimes.

 
 ONGC deploys 18000 units of Windows Vista
  NWC News Network

Microsoft has recently announced large-scale deployment of its Windows Vista operating system by the Oil & Natural Gas Corporation (ONGC). The implementation which is termed by the company as its largest Windows Vista deployment in Asia saw 18000 units of the operating system being deployed by ONGC, with an aim to achieve security, ease of use, mobile computing and increase in employee productivity.

“India has always been a trend setter in technology usage and it is fantastic that one of the largest worldwide deployments of Windows Vista is at one of the country’s Navratna companies. This implementation is a great testament to the value that the operating system brings to organizations by providing them with huge advancements in the areas of security, productivity, search and ease of use,” said Rajiv Srivastava, General Manager Enterprise & Partner Group, Microsoft India.

Specific features that ONGC expects to leverage include the security attributes built into Internet Explorer 7 (IE7) such as Phishing Filters and Protected Mode, the User Account Control (UAC) functionality, optimized deployment capabilities across thousands of machines and the Green IT features including power management and energy saving.

To ensure a smooth transition and maximum returns, ONGC has also conducted company-wide trainings for employees. During these trainings, employee feedback on the benefits of Windows Vista has been extremely positive, with over 91% rating their initial experience of the operating system as very good or excellent.
The company chose to implement Windows Vista due to its advanced security features, expected productivity benefits, search functionality and lower TCO (Total Cost of Ownership).

 
P&G taps IBM ISS for cybersecurity contract
By Thomas Claburn, InformationWeek

IBM plans to announce that Procter & Gamble has chosen IBM's Internet Security Systems (ISS) unit to enhance the consumer goods giant's cybersecurity worldwide.
The five-year deal, the largest to date for ISS, centers on the creation of a Virtual Security Operations Center (VSOC), managed by ISS. The VSOC will serve as a single point of control for a mix of P&G security products and associated data.

"By teaming with IBM ISS our objective is to both strengthen our security systems and improve the efficiency and effectiveness of our security operations," said Willie Alvarado, P&G's director of enterprise infrastructure services, said in a statement. "Working with IBM we believe we can deliver substantial cost savings and offer the business a security solution that is both strong and sustainable."
P&G expects that VSOC, a Web portal that combines vulnerability assessment, data correlation, and data analysis, will make managing its security systems easier and will lead to cost savings. The VSOC will allow ISS to more easily monitor and maintain P&G's four existing IBM ISS Proventia SiteProtector management consoles used in Asia, Europe, and North America.

The deal helps validate IBM's series of security-related acquisitions over the past two years. IBM bought ISS for $1.3 billion in October 2006, Watchfire in June 2007, and Encentuate in March 2008. Sale prices for the latter two companies, both privately held, were not disclosed.
Charles King, principal analyst for IT consulting firm Pund-IT, estimates the value of the deal to IBM to be in the low tens of millions of dollars over its five-year term. He says that P&G's decision to contract with ISS represents a significant vote of confidence. He sees the deal as a sign that large companies don't want to deal with point solutions for security.

"Traditionally businesses have tended to deploy multiple small point security solutions, sometimes provided by multiple vendors," said King. "While that model worked pretty well for a long time, I think business infrastructures are getting complicated enough that approaching security from a single vendor point of view makes a lot of sense for many enterprises."
In a move consistent with that assessment, IBM last November launched a $1.5 billion security initiative focused on a unified strategic approach to risk management.

 
Interop: Wall St. turmoil won't slow network spending
By  W. David Gardner, InformationWeek

The current economic turmoil and the ongoing slowing of the overall U.S. economy aren't likely to slow spending for network management, according to a survey of attendees at this week's Interop New York.
IT professionals polled by NetQoS said overwhelmingly that they expect their network management budgets will either increase or remain flat next year. Only 15% of the more than 100 attendees questioned said they expect their network management budgets will decrease.

"While network security is always a concern, our customers tell us their fault and availability issues have largely been solved," Steve Harriman, senior VP of marketing at NetQoS said in a statement. "Instead, smart organizations focus on network and application performance management to understand how well they are delivering services and whether changes such as adding bandwidth or deploying WAN optimization technologies are worth the investment."

About half of the respondents reported that their budgets for security and network performance management are slated for increases, while overall IT infrastructure and management software budgets are likely to remain stationary next year.
Virtualization and wireless LAN/WAN are areas the Interop attendees have earmarked for spending increases, the NetQoS survey revealed, while spending will remain static on WAN optimization, unified communications, change management, and managed services.

NetQoS said the surveyed companies represent a cross-section of industries that include financial services, government, media, professional services, manufacturing, retail, telecommunications, and technology sectors.

 
Banks lack risk management strategy
By Mary Hayes Weier, InformationWeek

Among the challenges identified by the survey's respondents were data management and company culture, which hindered implementation of "comprehensive" risk approaches.
 Business technology managers have long talked about the problem of "information silos," in which a business lacks the culture and infrastructure for sharing knowledge and data company-wide. Could that have been a fundamental problem of financial firms hit by the mortgage crisis?

That's one conclusion by SAS Institute, which counts banks and insurance companies as among its biggest customers of business intelligence software, including risk management. The company sponsored a survey of 316 financial services executives in July, in which 70% of respondents said that the losses stemming from the credit crisis were due to failures to address risk management issues.
Fifty-nine percent of survey respondents said the credit crisis had prompted them to scrutinize their risk management practices in greater detail, partly due to anticipation of closer scrutiny from regulators.

Among the challenges identified by respondents were data management and company culture, which hindered implementation of "comprehensive" risk approaches, said SAS Institute. Some financial services execs cited access to relevant, timely, and consistent data as a major obstacle. Almost half of the respondents said fostering a culture of risk management was the most widely encountered challenge.
SAS concludes from the survey and customer discussions that many banks have "very good siloed risk management, but not a true enterprise view of the risk," said David Rogers, SAS's global product marketing manager for risk, in an interview Tuesday.

A more strategic, company-wide approach to implementing risk management software and business processes, with dashboard views of company-wide risk issues for executives, would help protect financial firms against future miscalculations, he said. But it's not the only answer. Too many banks have made the mistake of focusing on profit and treating risk management as an afterthought, and haven't done enough to educate employees on the topic.
"You can't take risk management out and treat it as a separate thing," Rogers said. "It has to be part of the business and have the respect of the business unit managers."

 
IBM unveils security enhanced blade
By Antone Gonsalves, InformationWeek

IBM recently introduced a blade server that supports CloudShield Technologies' software for real-time analysis of network traffic to prevent viruses and denial of service attacks.
The IBM BladeCenter PN41, unveiled at the ITU Telecom Asia conference and targeted at service providers and enterprise data centers, supports CloudShield's technology for examining packets of data streaming across the Internet or corporate networks. In addition, the technology makes it possible to prioritize network activity, such as video sharing, and Web traffic, to minimize end-user delays, IBM said.

"The IBM BladeCenter PN41 enables service providers to manage their network, security and telecommunications technology on a integrated platform," Jim Pertzborn, VP of telecommunications industry solutions for IBM Systems Group, said in a statement. "This integration can help service providers meet their customers' evolving requirements for data, voice and video services."
The new blade and software support are key components of IBM's hardware, software and services framework for service providers. The package also includes IBM's intrusion prevention technology and Tivoli Security Operations Manager.

IBM is building a technology "ecosystem" around the BladeCenter PN41 that can offer service providers a portfolio of integrated third-party technology. In the case of CloudShield, IBM is supporting its partner's Subscriber Services Manager and DNS Defender applications and its development environment.
The new server also supports Check Point's acceleration technology, such as SecureXL and CoreXL, to help high-end carriers and data centers increase the number of end-user connections they can handle, IBM said.

 
 Subex unveils the Nikira v7.0
 NWC News Network

Subex has recently introduced a new version of its fraud management solution called Nikira v7.0. The new version aims to provide operators with next generation fraud management capabilities for proactive fraud management through early detection of internal and external fraud.
“We believe that this innovative approach to fraud management provides flexibility and ease of operation to reduce fraud losses”, said Anuradha, Senior Vice President, Engineering, Subex. “We are proud to launch this new version  which will empower operators to detect fraud much more efficiently, while saving cost and reducing risks, paving the way for lean operations,” Anuradha added.

The product aims to improve usability through an improved manual grouping of subscribers, rule management and improved reporting characteristics, among others. The solution detects known fraud types and patterns of unusual behavior, helps investigate these unusual patterns for potential fraud, and uses the knowledge thus generated to upgrade and protect against future intrusions.

A significant enhancement to the solution is the eFinger printing feature. The patent-pending approach introduces behavioral mechanisms of detecting fraud early, enabling proactive fraud management. Instead of focusing only on subscriber related checks, the functionality enables operators to profile and study behavior around any entity that they feel will impact revenue such as internal users, credit cards or even cell sites. This offers a vast range of practical applications such as post acquisition subscriber checks, internal fraud detection and detecting defaulters.

Besides a new look and feel the solution also features a Reinforced Rules Engine that will detect more complex fraud behaviors in general and bypass fraud in particular and the Internal Affairs functionality which ensures protection from internal fraud by providing an independent environment that can assess data feeds from a number of internal systems and through a comprehensive logging of user activities. It also features the Workflow and usability functionality which enabled with SOA-based interoperability takes complexity out of the detection and investigation process.

 
Aladdin to provide HASP SRM migration support
 NWC News Network

Aladdin Knowledge Systems has recently announced the formation of Hardware Against Software Piracy (HASP) SRM Migration Support Team that will support software publishers migrating to the company’s HASP SRM Software DRM solution. The formation of the new team is the result of more than five years of escalating number of publishers switching to the company’s HASP SRM technology.

The team is designed to provide   “no downtime” migration guidance and a seamless technology conversion. In addition, the company will enhance the migration experience with on-site visits to research, plan and design the customer workflow and business processes, further assisting software publishers in the implementation of protection and integration to backend systems.

 
F- Secure’s online threat detection
NWC News Network

F-Secure, the anti-virus software and security tools provider’s Wellbeing 2009 family of consumer IT security products deliver enhanced protection against new online threats. With the DeepGuard 2.0 technology, which recognizes both safe and malicious software instantaneously using a real-time protection network, the company is now able to protect the online well-being of its customers in a faster manner. Instead of just using one-way comparisons of a suspicious program against white lists and black lists, the company's real-time protection network uses intelligent nodes with behavioral analysis capability to increase the efficiency of this ‘in-the-cloud’ approach.

DeepGuard is a behavior-based detection engine designed to block new malware from infecting a system by analyzing how the file behaves when it is executed on the client computer. It adds the company's real-time protection network capability to the local analysis. When a new potentially malicious program appears anywhere in the world, the first participating F-Secure protected computers that encounter it take a fingerprint of the file and instantly query the company’s highly automated security labs to see if the file can be allowed to run.

It only takes fractions of a second to query the server for the status of a file and for the technology to analyze the behavior of the executable locally. In this way participating computers of the real-time protection network help provide information that instantly benefits the security of the whole community, bypassing the time it has traditionally taken to send out virus database updates.

“We're introducing another industry first with the real-time protection network that complements the traditional reactive and proactive technologies,” said Pirkka Palomäki, Chief Technology Officer at F-Secure Corporation. “No other vendor has such ‘in-the-cloud’ protection for consumers deployed globally. This is an example of our continuous innovations in the fight against the increasingly professional online criminals, who are producing more targeted and previously unseen viruses at an unprecedented rate.”

The F-Secure Wellbeing 2009 family includes products and services like Internet Security 2009, Anti-Virus 2009, Home Server Security 2009, Health Check and Online Wellbeing portal.

 
Staples launches online backup, security service
By W. David Gardner, InformationWeek

Office supply retailer Staples has cobbled together a group of online offerings and packaged them into sophisticated IT offerings for small and medium-sized businesses.
Based on Staples' Thrive Networks unit, the package features backup, online security, virus, and spyware protection, and remote help desk support. The most prominent feature -- online backup -- is provided by EMC unit Mozy.

The new Thrive offering signals a further broadening into IT services for the office supply chain, which began as an office superstore in 1986 and has been creeping into the IT arena in recent years.
"With the launch of Staples Network Services by Thrive, we allow people to focus on their business while we make sure their technology infrastructure is there to support them," said Candy Murphy, VP of Staples' contract technology solutions, in a statement.

The offering is centered on Mozy, which EMC has advanced after buying online backup technology from Berkeley Data Systems in 2007. Aimed at businesses with 10 to 250 employees, the online backup feature calls for customers to pay for the amount of data they store online.
The security features of the Thrive offering range from anti-spam, antivirus, and anti-spyware protection to patch management that aims to keep all customer systems in sync. Help desk support is provided along with systems and network monitoring. For larger, more sophisticated businesses, Staples provides cross-platform and open source support for Windows, Linux, and Apple operating systems.

Available now in the Boston and Atlanta metropolitan areas, the Thrive service will be deployed in additional markets in the future.