Gartner Blog Network

Tag: 'malware' Blog Posts

from the Gartner Blog Network

Playing chess with APTs

by Dan Blum  |  December 28, 2012

During a briefing from the top security analyst at one of the Washington-area cyber centers, I got the idea that resisting targeted attacks from sophisticated adversaries (so-called advanced persistent threats,...

Read more »

Long Live Client Server

by Jay Heiser  |  August 13, 2012

Has anyone ever created a web-based application that wasn’t flaky and prone to data loss? Every time Facebook comes out with some new functionality, the entire service gets slower, and...

Read more »

You may not write down unmemorizable passwords

by Jay Heiser  |  April 19, 2012

I frequently see end user policies that contain the following two elements: Passwords must be so complex that they cannot be guessed Passwords may not be written down This is...

Read more »

Are you the SaaS Scapegoat?

by Jay Heiser  |  July 5, 2011

I get a never-ending stream of questions that usually amounts to something like "What control tasks do I need to do to be sure that this SaaS service we are...

Read more »

Time for a rant about passwords

by Jay Heiser  |  May 13, 2011

How much mental anguish is the result of ignorant accounting grads working for Big 4s, struggling to find SOX-relevancy, totally oblivious to the huge amount of HCI research that has been done...

Read more »

Hypothetical attacks arrive in their own sweet time

by Jay Heiser  |  October 1, 2010

In the mid-90s, I attended a conference on the topic of infosec and the utility industry. The agenda consisted of a string of power company CIOs who all got up...

Read more »

20 years of phishing

by Jay Heiser  |  May 3, 2010

I was cleaning up some old notebooks (paper, not digital) this weekend, and found this diagram from a 1997 Powerpoint presentation (if you look carefully, you can see my 'Excite'...

Read more »

Are you being cross-notified?

by Jay Heiser  |  March 19, 2010

I've recently become aware of several incidents of client data being lost because their service provider administrators had managed to infect their administrative workstations with malware. If your service provider...

Read more »

Yes, Virginia, industrial espionage is real

by Jay Heiser  |  January 27, 2010

[caption id="attachment_100" align="alignright" width="288" caption="(photo by the blogger)"][/caption] Google's January 12 blog about their apparently falling victim to a cyberattack of Chinese origin, a cyberonslaught which also targeted several dozen...

Read more »