Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
RIP, 'IT Security'
Threaded  |  Newest First  |  Oldest First
eatondave
0%
100%
eatondave,
User Rank: Strategist
11/19/2018 | 9:30:05 AM
and whilst we're at it let's kill "cyber security" as well
Am I the only one who has never really gotten the whole 'cyber security' thing? To my knowledge no-one has ever been able to come up with a definition that is universally accepted and every definition I've seen either misses out whole chunks of information security or tries to shoehorn them in, and ends up looking ridiculous. 

Whenever someone tries to explain to me that 'cyber security' covers everything I just ask them which 'cyber bucket' they place the risk of the CEO leaving his briefcase containing hardcopies of the latest M&A deal he's working on in the Uber cab.

Sure there are info sec risks in cyber land, just as there are info sec risks in the physical world, and info sec risks in the neural world as well. By sprinkling the term 'cyber' around like confetti at a wedding, we risk making that part of the risk spectrum which actualy causes the greatest number of incidents, namely the bioware; layer 8; users; people or as someone said to me recently - the 1D10T segment, think that it does not apply to them or that technology will fix everything.

 
hucklesinthedark
100%
0%
hucklesinthedark,
User Rank: Author
11/19/2018 | 6:11:20 PM
Cybersecurity
I've always treated cybersecurity as a part of IT security, and you know how I feel about IT security now. I combine them because of the word cyber. Which means the internet, or all things digital. Hence, it's very limiting and most definitely wouldn't guard against the lost briefcase.

I assume cybersecurity is so frequently used because it has a cool rating of +8. There aren't many other words that can make you sound like a ninja quite like cyber can.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises Are Assessing Cybersecurity Risk in Today's Environment
The adoption of cloud services spurred by the COVID-19 pandemic has resulted in pressure on cyber-risk professionals to focus on vulnerabilities and new exposures that stem from pandemic-driven changes. Many cybersecurity pros expect fundamental, long-term changes to their organization's computing and data security due to the shift to more remote work and accelerated cloud adoption. Download this report from Dark Reading to learn more about their challenges and concerns.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-43394
PUBLISHED: 2022-01-24
Unisys OS 2200 Messaging Integration Services (NTSI) 7R3B IC3 and IC4, 7R3C, and 7R3D has an Incorrect Implementation of an Authentication Algorithm. An LDAP password is not properly validated.
CVE-2022-0177
PUBLISHED: 2022-01-24
Cross-site Scripting (XSS) - DOM in GitHub repository mrdoob/three.js prior to 0.137.0.
CVE-2021-36343
PUBLISHED: 2022-01-24
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2021-36349
PUBLISHED: 2022-01-24
Dell EMC Data Protection Central versions 19.5 and prior contain a Server Side Request Forgery vulnerability in the DPC DNS client processing. A remote malicious user could potentially exploit this vulnerability, allowing port scanning of external hosts.
CVE-2021-43588
PUBLISHED: 2022-01-24
Dell EMC Data Protection Central version 19.5 contains an Improper Input Validation Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.