This article was co-written and edited by a member of the Computer Security team at Kaspersky Lab, and has been released under the Creative Commons Attribution 3.
A member of the Kaspersky Lab’s Security Response Team (SRT) was recently questioned how the company could be assured that it was safe to install the latest security patches on corporate computers that run Windows. The member of Security Response Team interviewed SRT’s CTO, Alexey Cherenkov. This answer reveals that Kaspersky Lab is quite capable of protecting itself against some of the most common cyber threats that are not properly patched in any one of today’s corporate computers.
Kaspersky Lab says it’s working on software to prevent malware from stealing data on corporate computers, such as Windows domain controllers. The question still remains, however, whether such a patch will be available.
Kaspersky Lab said that it expects to have a patch available by the end of 2012.
The security industry faces a series of critical computer security issues, such as the fact that more and more computers are connected to the networks of the world’s most dangerous companies, and that corporations are more likely to fall victim to information theft from the unpatched cybercrime network.
In addition to the need for greater security for corporations, the cybercriminals are developing ever-more sophisticated computers and new capabilities that target more vulnerable computers.
The latest target for cybercriminals’ efforts is the corporate network, which is used by most corporations to conduct business activities and to communicate.
In order to protect corporations, the industry needs to understand better the factors that cause computer security flaws and vulnerabilities, and how to prevent them. To this end, I recently interviewed Alexey Cherenkov, director of information security for Kaspersky Lab.
Alexey Cherenkov is the director of information security for Kaspersky Lab, a Russian cybersecurity company. Kaspersky Lab develops software and provides consulting services to businesses, governments, and private businesses, and is a security research and advisory firm focused on the protection of computer systems.
“Kaspersky Lab is a global company,” said Cherenkov. “Its security business is global, covering more than 5,000 enterprises and 25,000 people.
The District Health Boards of Waikato are refusing to publish their cybersecurity reviews.
Article Title: The District Health Boards of Waikato are refusing to publish their cybersecurity reviews | Computer Security.
The District Health Boards of Waikato are refusing to publish their cybersecurity reviews.
There is an ongoing controversy in the Wairarapa about the possibility that a number of the District Health Boards have refused to publish their cybersecurity reviews. In addition, there have been reports to the Wairarapa Valley Times that DHB staff have been ‘fiddling with’ their reviews to give themselves an official stamp of approval.
In response, I have written to the DHBs concerned and expressed the concerns raised in this article. The DHBs have acknowledged the problem and have taken steps to resolve it, but there are still substantial concerns that this situation continues to exist.
The following is a summary of concerns raised by a number of Wairarapa DHBs, and a summary of the steps taken to resolve them in response.
We know from the DHBs concerned that there is concern about the fact that they are withholding their reviews from the general public. We know that several DHBs have given themselves a stamp of approval by ‘fiddling with’ their reviews to make it look like that they have completed them.
On the 1st of July, 2011, the DHBs concerned held a meeting to discuss and resolve these concerns. They decided that they would allow the general public to view the reviews which had been made by the DHBs concerned and they agreed that they would hold the public to the same standards as the DHBs concerned had.
“In light of the discussion that took place within the Wairarapa DHB recently, DHB leadership are of the view that the current situation is becoming intolerable. DHB staff will no longer allow DHB staff to ‘fiddle’ with their reviews, in order to give themselves an official stamp of approval. We will make it clear in future that the board’s reviews are to be open to the public and we will maintain the same high standards of security as applied by DHB staff.
We have followed the steps the DHBs concerned agreed to take in this letter for over 4 months. We still await a response from the DHBs concerned.
We still await a response from the DHBs concerned.
Reply to “Comment about Security and the Protection of Privacy “
Reply to “Comment about Security and the Protection of Privacy” Category: Computer Information Security Comments and Trackback Trackback URL: /thread/cs/414836 Posted by: ryan | Apr 12, 2013 4:42:47 PM This is an excellent post. My personal recommendation would be to make the “s” to a lower case. You don’t have to worry about security or privacy when you use lower case letters. On my computer, I use s- as the base of the password to make it look more like a real password. I also use the same case, which is not uncommon, to make it look more like a proper word. Your suggestion makes this a lot more complicated and not a trivial matter. Thank You! ryan Reply to “Comment about Security and the Protection of Privacy ” | Computer Security. Read More » | Computer Information Security Comments and Trackback Trackback URL: /thread/cs/414836 Posted by: cbrenn | Apr 12, 2013 6:15:53 PM Hi All – I am the author of the post “A simple way to protect passwords” and I am interested in your comments. I have included an additional screen capture of how I use my password, as part of my blog posts. You can get it at my blog site. Thanks in advance for your comments! ryan Reply to “Comment about Security and the Protection of Privacy ” | Computer Security.
I’ve not posted the full code that I did for the password protect/rejects on my blog (below), because I’m not allowed to post code on this site due to the ‘proprietry’ laws that are imposed upon me here. However, I have posted the code that I used to create the reject button, using the script on this site, and I have posted an additional screen-capture of how I did the reject button. I have included my code in a blog post on my site at the end of the post, below.
Health Boards and the SIS spy agency.
Article Title: Health Boards and the SIS spy agency | Computer Security.
The role of health boards in the surveillance of health care providers is one of the top concerns of the health sector. The board of each health system is accountable to the Minister of Health, and as such is expected to promote optimal health care among its members. The board is a central part of any health care financing system. It has the power to monitor the quality of the health care system and has the responsibility regarding the funding of health services. In all cases, this raises serious conflicts of interests between the board and health care providers, which are often subject to abuse. The board of one health system is likely to have its own interests in mind, and it is only logical to assume that those interests may be at odds with the interest of the practitioners or patients in this system. These conflicts have become so prevalent that a number of recent research and practice initiatives from the Health Systems and Health Service Management Committee(HS/HSMC) in the Department of Health and Family Welfare and the Central Advisory Board on Health Matters have dealt with the issue of conflicts of interests between health boards and the SIS and SSSC.
When the board of a national health system is involved in the monitoring of health care providers, the SIS and SSSC can play a major role in the board’s surveillance.
When a local health authority/health body is seeking to establish whether a certain person is a provider, then the board of the local authority/health body needs to consider the activities and behaviours of the person, the reasons for the patient’s referral to the health provider, and the procedures of the health provider in the process of establishing the referral. This information is then passed by the local and national boards, for it is the board of the national authority which is responsible to the Minister of Health.
Then all these information may be passed to the SIS and the SSSC.
Spread the loveThis article was co-written and edited by a member of the Computer Security team at Kaspersky Lab, and has been released under the Creative Commons Attribution 3. A member of the Kaspersky Lab’s Security Response Team (SRT) was recently questioned how the company could be assured that it was safe to install the…
