Are your security professionals qualified?
- 16 August, 2012 14:08
- Comments
Several lessons have been derived from the recent iCloud security incident, but the most important for me is how it demonstrates the ignorance of many security professionals, an ignorance that calls their management into question.
When the iCloud hack started hitting the news, it generated a lot of discussions among security personnel. Many of them grasped the underlying concepts reasonably well. Unfortunately, though, some of the conversations demonstrated a clear lack of understanding of fundamental security concepts.
As is widely known by now, a hacker was able to compromise the Amazon.com and iCloud accounts of a Wired reporter. The accounts were compromised as a result of operational security flaws in the password reset processes of the respective organizations. The attack itself was rather involved, but at bottom it was a fairly straightforward social engineering type of attack.
To continue reading, register here to become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.
- Bookmark this page
- Share this article
- Got more on this story? Email ARN
- Follow ARN on twitter
- Modernizing Security for the Small and Mid-Sized Business – Recommendations for 2013 (Sponsored by McAfee)
- New Gateway Anti-Malware Technology Sets the Bar for Web Threat Protection (Sponsored by McAfee)
- Virtualization and Consolidation Solutions
- Cloud and Co-Location Solutions
- McAfee Whitepaper: Building the Business Case for Privacy
-
Titan falls: Today's top supercomputer is owned by China, powered by Intel
-
Armidale hosts fastest wireless NBN in Australia: Fusion Broadband
-
Armidale hosts fastest wireless NBN in Australia: Fusion Broadband
-
Armidale hosts fastest wireless NBN in Australia: Fusion Broadband
-
Armidale hosts fastest wireless NBN in Australia: Fusion Broadband
Get exclusive access to ARN's news, research and invitation only events. 
