Enterprise Security 2008 Learning Guide

Some problems of the past, like VoIP technology vulnerabilities, poor application software development and PCI compliance headaches, have not disappeared and have yet to be effectively addressed in many organizations' information security policies. The articles below -- written by professionals whose experience ranges the full spectrum of enterprise security -- explain what can be done to take on these common concerns.

But 2008 won't just be a year of the same old network, application and compliance issues. New malware has hit the scene, cyberterrorist attacks have become more common, and virtualization technology has presented different enterprise network security challenges. Mike Chapple, Michael Cobb, Joel Dubin, Mike Rothman and Ed Skoudis explore various information security areas and point out the new threats that every organization needs to be ready for.

ENTERPRISE SECURITY 2008 LEARNING GUIDE

Emerging Information Security Threats
Malware trends suggest new twists on old tricks
Taking hints from last year's range of cyberattacks and malicious code, information security expert Ed Skoudis reveals how enterprises can prepare for five key threats that are likely to dominate headlines in 2008.
Addressing VoIP and virtualization
In this tip, network security expert Mike Chapple takes a look into the crystal ball and examines the future of virtualization and VoIP, two technologies growing in popularity -- and perhaps security vulnerabilities as well.

Identity and Access Management
Assessing access management
Access management troubles were hardly few and far between in 2007, and according to IAM expert Joel Dubin, access management challenges aren't going away in 2008. Dubin outlines this year's key issues, including remote access, provisioning and Web authentication.

Application Security
Building trust into the application development process
The Storm botnet, launched a year ago, proved that malicious hackers were developing more sophisticated botnets -- and more sophisticated business strategies. As Michael Cobb explains, it's just one reason why application security pros need to keep a closer eye on their organizations' code-builders in 2008.

Compliance
Security management in 2008: What's in store
Looking back on 2007, compliance and PCI DSS preoccupied the minds of most security management professionals. Security expert Mike Rothman outlines what information security managers can expect to be the hot management topics for the year to come and how CISOs and security professionals alike can prepare for 2008.

About the authors:

Mike Rothman is president and principal analyst of Security Incite, an industry analyst firm in Atlanta, and the author of The Pragmatic CSO: 12 Steps to Being a Security Master. Rothman also offers SearchSecurity.com readers advice on security management.

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Emerging Information Security Threats Critical infrastructure security grim, study finds New malware exploits Microsoft RPC flaw Smartphone security: The growing threat of mobile malware Microsoft sees OS flaws drop, application breaches rise Security Squad: Security pros face troubles Trojan exploiting Microsoft RPC flaw Malicious program poses as Windows Security Center Adobe addresses clickjacking in latest Flash Player Clickjacking details released after attack proof-of-concept emerges Billy Hoffman on AJAX security and browser attacks

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary DNS rebinding attack  (SearchSecurity.com) drive-by pharming  (SearchSecurity.com) JavaScript hijacking  (SearchSecurity.com) man in the browser  (SearchSecurity.com) phlashing  (SearchSecurity.com) polymorphic malware  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary