Information security got better in 2005
Roger A. Grimes, InfoWorld US
It appears that 2005 wasnt worse securitywise than the previous years. Sure,
malware and hackers were as crazy as ever, but when I asked many of my computer
security friends if 2005 was better or worse than previous years, every one of
them said it was better. Probably the most significant event was the lack of a
global crisis you know, a Slammeror Blaster-style worm that infects the world
in eight minutes. There was no malware with a replication magnitude on the
order of Code Red, Slammer, Nimda, or the Iloveyou virus. This was also the
year when patching got easier. Not only did more and more sophisticated patch
management tools arrive from every sector, but there were fewer patches to
deploy. 2005 is Microsofts best year since the days of Windows 3.1, with fewer
Windows patches compared with the past four years. More Linux distros got
automated patching tools, and it seemed nearly every miscellaneous program had
an auto-updating mechanism.
Administrators got better at blocking hackers and malware not yet perfect, but
overall there was improvement. And it seems that end-users have finally got it:
I actually know end-users who dont click on every file attachment they receive.
What went bad in 2005? The stuff that is getting by our defenses is more
dangerous. Most of todays malware exists to steal confidential information,
send spam, or steal identities. Now, malware is getting harder to remove,
hiding better, and contains more tricks and exploits than ever. Just as
depressing is the fact that our security software continues to get
buffer-overflowed on a regular basis. Hey security vendors: Stop adding new
features and review your frigging code! Send your programmers to secure
programming classes, have independent reviews, offer incentives for bug free
code, and give cash awards for any employee who finds a bug.
Wikipedia, competition, and the future
Jon Udell, InfoWorld US By the time you read this column, Wikipedia will be
celebrating its fifth anniversary. Its been a wilder ride than anybody could
have imagined, and its gotten even more so lately. In a widely cited incident,
John Seigenthaler, Sr., a prominent journalist, publisher, and political
figure, reacted with justifiable horror when he learned that his bio entry in
Wikipedia falsely implicated him in the assassination of Robert Kennedy.
foresaw this in an essay published a year ago. He diagnosed the problem as
excessive anti-elitism, and he predicted that the project might need to fork
that is, launch a new version with a governance model that would value experts
more highly and rely on them to ensure consistent quality.
Sure enough, Sanger emerged last month as a director of Digital Universe, a new
service planned for early 2006. Credentialed experts will be paid to review
articles, and those they approve will be labeled as such.If Digital Universe
does take on Wikipedia in 2006, its sure to be a media circus. Its widely
acknowledged that Wikipedias radically low barrier to entry helped fuel its
explosive early growth. Only registered users can create new topics. But anyone
can still edit an existing article and many registered Wikipedians operate
pseudonymously. These freedoms are an essential part of the culture.
Judging the quality of article entries is an even trickier matter. Like open
source projects, Wikipedia is a meritocracy that rewards hard work and
Career paths for the year 2006
Meridith Levinson, CIO US
Several career trends emerged in 2005 that are poised to pick up steam during
the coming year. Heres a recap of those trends and some of the IT executives
appointed in the past year who are blazing new trails. 1.More top IT execs will
report to the CEO. This trend reverses an earlier trend toward CIOs reporting
to CFOs. Phil Wiser became Sony of Americas senior VP and CTO, reporting to
Chairman and CEO Howard Stringer. 2.CIOs will take on extra responsibilities.
There have always been a few CIOs with duties beyond IT. But its becoming more
common. Marv Adams, Fords senior VP and CIO, added the title of corporate
strategy officer to his business card. Meanwhile, Liz Claibornes CIO, John
Sullivan, became senior VP of sourcing, service and systems.
3.More CIOs will move into operations. Examples of this trend include Ed
Kamins, who went from CIO to chief operational excellence officer at Avnet.
4.CIOs will get to run business units. Running IT is recognized as good
preparation for running a business. Visa CIO John Partridge serves as president
and CEO of subsidiary Inovant. 5.CIOs will join boards of non-IT companies.
Corporate boards are steadily appointing CIOs for their IT expertise. James
Dallas, Georgia Pacifics VP of IT and CIO, joined KeyCorp.s board. Roy
Dunbar, president of global technology and operations for MasterCard
International, was appointed to Humanas board.
Information security got better in 2005 Roger A. Grimes, InfoWorld US It appears that 2005 wasn\t worse securitywise than th...
autor redakce | Archiv |
Information security got better in 2005