Site Sponsor:

mcafee_logo.gif
line

Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Dan or post a comment to the blog.

« Today is Computer Security Day | Main | What is the Trusted Computing Platform and Why You Should Care »

Maintaining a Balanced Perspective on Security Alerts

The US-CERT issued a warning to U.S. financial institutions about a possile series of denial of service attacks, according to ComputerWorld. Not long after, the same publication was quoting security analysts who argued the threat was overblown and former government officials defending the warning.

Johannes Ullrich chief technology officer at the SANS Internet Storm Center (ISC) in Bethesda, Md was quoted "We did see the bulletin board post that triggered all of this ... The overall tone of the bulletin board is that of kids exchanging hacker tips. Things like software serial numbers, how to use some common tools like VNC and such,"

But the ComputerWorld article went with a quote from Howard Schmidt, former White House cybersecurity advisor who said "I think the DHS was very clear this was a non-credible source,"

The take away from this is that we need to read the fine print in any security warning, vulnerability notice or threat assessment otherwise we risk spending too much time on relatively low risk, low impact threats.

Tags:    
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Dan Sullivan on December 1, 2006 8:05 PM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-websecurity.com/type/mt-tb.cgi/138

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Latest White Papers

line

Blog Roll

line

Dan Sullivan's Bio:

Dan Sullivan is a systems architect with 20 years of IT experience that includes engagements in enterprise security, application design, and systems architecture. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, and education. Dan’s security-related project work has ranged from requirements analysis for enterprise information security to designing and implementing security for database applications and enterprise portals. Dan has written about information security and other enterprise information management topics for Business Security Advisor, DM Review, Intelligent Enterprise, and E-Business Advisor. You can contact Dan at: dan_sullivan@realtimepublishers.net