Deb Radcliff — On the Cybercrime Beat

Highlights from 2007

• Is FISMA working?; Even as the ink dries on NIST's guidelines for assessment, management frameworks, security controls and mapping/categorization of information systems to security, NIST has already begun Phase II - a Common Criteria-like certification program for assessment and credentialing vendors. – SC Magazine, November 1, 2007
• Virtualization security needed - now!; Experts say it's only a matter of time before malware writers weasel their way into the core of a virtual server platform. Here's how to stop them. – Networkworld, August 20, 2007
• Developers of Web 2.0 apps must build in security from the start; Web 2.0 is not a specific set of technologies and it's not well-defined, but it amounts to an increased share of data between the client browser and the service side application. – SC Magazine, April 2007
• When World of Warcraft spreads to your world; How enterprise networks can take collateral damage. – Computerworld, April 2007
• ID Card Help; Pentagon Taps Contractors for ID Card Help CSO. – CSO Online, June 2007
• Inside the X-Force; On the front lines in the global war on cybercrime with the vulnerability threat team from ISS Network World. – Networkworld, February 2, 2007
• Deb Radcliff with 8 Tips to Keep Data Safe; From around the globe to around the block, here's help securing your systems. – Fedtech Magazine, February 2007
The Surprising Security Threat: Your Printers.; Radcliff on how networked printers can open your corporate network to malicious attacks and how you need to patch them. – Computerworld, January 15, 2007

---

Highlights from 2006

• Crypto Vision: defensesystems.com; Beyond its digital eavesdropping and code-cracking efforts, NSA has another long-term objective: keeping DOD, and even civilian, data riding along on public networks safe from prying eyes. – Defense Systems, December 2006
• Fake network gear; Counterfeit goods have popped up in the channel and could be in your organization.Networkworld, October 23, 2006
• The 21st-century CSO; Poineering CSOs at Nortel and TriWest describe their evolution into converged enterprise systems and corporate risk management, mapping out risk management structures adoptable by any organization as complex as theirs. – Enterprise Leadership, July 7, 2006
• Remote control wars; Millions of remote controlled 'bot' computers are being found in networks of tens of thousands of computers to send Spam, log keystrokes, relay phishing information, and other nefarious purposes. – SC Magazine, June 6, 2006
• Smart Attacks Call for Smarter Measures, Part 1; Smart devices have become the latest attack vector for online criminals, putting intellectual property, regulated and personal financial information stored on them at risk. In this three-part article, uthor Deb Radcliff explores these new attack vectors into the enterprise. – Enterprise Leadership, May 22, 2006
• Sport phishing morphs into cybercrime wave; Organized criminals unleash armies of botnets to steal confidential information. – Network World, May 22, 2006
• TalkingPortraits; Deb Radcliff talks about computer crime and remote controlled botnets. – Talking Portraits, April 2006
• Protecting data throughout its life cycle; Data life-cycle protection is becoming just as important in New Data Center architectures as network security, but challenges abound. – Network World, March 20, 2006

---

Highlights from 2005

• Of Avatars and Mob Justice: Invasion of Privacy, or Just Desserts?; A group that calls itself Perverted-Justice is going after suspected pedophiles by luring them into chats with adult hackers acting as underage girls. A worthy cause, yes. But should they be acting as judge, jury and executioner without due process? – Informit, August 12, 2005
• How to prevent pharming; Protect your company's online reputation by locking down DNS and guarding against domain hijacking. – Network World, July 18, 2005
• Get Smart on Web Application Security; Web applications are the latest gold mine for criminals bent on gathering valuable corporate and consumer data. – DevSource, July 14, 2005
• Radcliff wins TABPI award; Network security writer Deb Radcliff produces the "Security Chief" Network Life column with advice about how best to safeguard home networks from the ever-shifting threats such as rampant viruses and worms, spyware and phishing. – Networklife, June 30, 2005
• Don't ditch the landline yet; Security Chief: Home VoIP is cool, but needs safety and reliability fixes first. – Network World, June 6, 2005
• Fighting back against phishing; In the past year, attacks have grown in volume and sophistication, but online merchants are on the offensive with consumer education and new authentication tools. – Network World, April 11, 2005
• Hooking a phisher; See how the FBI works with Internet companies to track and catch the bad guys Phish facts and figures. – Network World, April 11, 2005
• Security automation; Beyond virus protection and patch management. The next wave. – Network World, March 21, 2005
• Radcliff Picked as FBTW President; Freelance Business and Technology Writers Association elected Deborah Radcliff to lead the organization through the new year. Radcliff is an experienced, two-time Neal Award-winning technology writer who freelances for NetworkWorld, Computerworld, she is now also writing a personal online safety column and working on a book. – FBTW, January 12, 2005
• Mining SIM; Security information management helps the Mine Safety and Health Administration boost its security score from F to B. – Network World, November 21, 2005
• After a security breach; Every network is vulnerable to some type of attack. The important thing is how you respond. – Network World, October 24, 2005
• Deb Radcliff talks about security in VentureMomentum e-zine – Venture Momentum, October 12, 2005
• Digging out new rootkits; These attacker tools have become stealthier than ever. Even so, they may not require specialized protection. – Network World, September 26, 2005

---

Highlights from 2004

• Identity Management in the Real World; What's identity management? Ask 20 vendors, get 20 answers. But CSOs aren't waiting for a universal definition; they're busy tackling whatever projects meet their business needs. – CSO Magazine, November 2004
• The evolution of IDS; Security advances push intrusion detection deeper into the network, relegating its role to forensics investigation and internal monitoring. – November 2004
• This Is Only A Test; Simulations and tabletop exercises help CSOs practice and plan the best response for worst-case scenarios. – CSO Magazine, October 2004
• Companies adapt to a zero day world Financial institutions with critical systems and cash on the line are reorganizing to deal with the closing gap between the hole and the patch. – Security Focus, July 13 2004
• How to Protect Yourself from Identify Theft; Identity theft can ruin your family's financial history. Here's what you can do about it. – Better Homes and Gardens Online, March 2004
• Inside DoD Forensics Labs; Radcliff gets invited into the Defense Computer Forensics Labs to see how a team of dedicated technologists using state of the art technology uncovers digital evidence that puts some serious bad guys behind bars. Read (Related Stories: Careers * Tools testing * Corporate investigations) – Network World, March 8, 2004
• Phear of Phishing; Scams are a potential disaster for Internet commerce. – Network World, May 31 2004

---

Highlights from 2003

• Breaking the Glass Firewall; IT women are gravitating to information security, where cross-disciplinary skills are key. – Network World, November 17, 2003
• Keep Hackers out of your Website; Hal Pomeranz sees it all the time: A corporate Web site gets hacked and the business manager calls him to fix it. "The dot-com companies are so busy building a Web infrastructure that security is just an afterthought," says the San Francisco-based information security consultant, who specializes in Internet start-ups. "Often, we're just the clean-up guys." – KBeta Security Web - Feature Article, November 17, 2003
• SMPD blue; San Mateo cops create wireless web to snare criminals. – Network World, October 27, 2003
• Verisign's 'SiteFinder' finds privacy hullabaloo; Privacy advocates have joined the chorus of critics of Verisign's "SiteFinder," which on Monday began directing mistyped dot-com and dot-net e-mail and Web addresses to a search site operated by the company and Overture.com, a Pasadena, Calif.-based advertising company that brands itself as a search engine. – SecurityFocus, September 19, 2003
• Appeal in Bug Disclosure Case; Bret McDanel already served his 16 months in federal prison for violating the Federal Computer Fraud and Abuse Act. Now he wants to clear his record. – SecurityFocus, August 7, 2003
• The Hackers Who Broke Windows; The Last Stage of Delirium, the hacking group that laid open nearly every version of the Windows operating system last week, could use a little sleep. Since going public with the RPC buffer overflow bug that some are describing as the worst Windows security hole in history, the group has been caught in a media frenzy. SecurityFocus, July 24, 2003
• Sidebar: Managing by Delegating; "Delegated administration" lets end users start the process of registration themselves and then delegates management of these user identities to department managers or systems administrators. – Computerworld, July 14, 2003
• Know Thy Users; Identity management can mean just about anything relating to user access: single sign-on, provisioning, directory services, user administration or Web-based access management, to name a few. Here are strategies for making the right choices. – Computerworld, July 14, 2003
• Debate: Should You Hire a Hacker?; Should corporations hire known hackers with criminal records to test and secure their networks? The question, posed to four panelists at the RSA Security Conference held at the Moscone Center today, pitted hacker Kevin Mitnick against Christopher Painter, who prosecuted Mitnick in 1995. – SecurityFocus, April 15, 2003