Survey taken at Infosecurity Europe 2012 reveals that almost half of IT security professionals are focusing on cost savings at the expense of security

Ramat Gan (Israel) and London (UK), 10th July 2012:According to research results just announced by Tufin Technologies, the market-leading provider of Security Policy Management solutions, companies are making cost savings at the expense of IT security. Analysis of Tufin’s Infosecurity Europe Survey, confirms that 48 per cent of businesses focus their efforts on reducing expenditure at the expense of security. In addition, 27 per cent ofIT security experts responded that the IT security budget is being spent on compliance issues that do not improve security. IT security specialists from 119 organisations took part in the survey.

AlienVault says Korean DDoS attack investigation results highlights complexities of latest DDoS attack methodologies

Commenting on reports that an investigation into a series of DDoS attacks against South Korea last October – downing the National Election Commission's Web site during Seoul's elections –have proven inconclusive, AlienVault says that the saga reveals the highly complex attack vectors now being used by cybercriminals when launching a denial-of-service Web site attack.

Responding to a five-year analysis of data from Google’s Safe Browsing service, Cryptzone says that it is clear that the threat landscape of today has evolved considerably from that of just five years ago.

According to Grant Taylor, UK Vice President of the European IT threat mitigation specialist, five years ago a then-fledgling Facebook was just three years old, whilst Twitter was only a year old, having been launched in July of 2006.

Commenting on reports that the hacker group UGNazi gained access to the billing database of WHMCS – a billing service company used by a number of firms – Lieberman Software says that privilege account management could have significantly reduced the risk that this type of incursion would occur.

The core element of this hack was social engineering, and the core element that needed addressing was the automation of identity verification. The hack points out that automated solutions are generally superior to human based solutions in that they cannot be social engineered (they can’t be told a story).  If anything should be behind an automated and secured control, it would be the privileged account management so that this level of access would be not be granted without extensive verification and such access would be granted for a limited period of time and with limited scope.