Cybersecurity

Rudolph Araujo, a contributor to the securitymetric.org mailing list, forwarded on a link to a Red Herring article about a new Cybertrust study on the impact of the Zotob worm by Russ Cooper.

Cybertrust has an interesting model… when major security incidents happen, they make a habit of canvassing a wide group of companies that have agreed to participate. Looks like they are up to about 700 or so participants, not all of which are their customers. I actually really like and appreciate that Cybertrust takes the time to do this, although in this particular example I think they raised more questions than they answered.

Like many other people, I’ve downloaded and read the semi-annual Symantec Threat Report. I’ve always been a fan of this publication, which provides a level of texture, richness and depth about malware and threat trends that isn’t easy to get anywhere else. Symantec understands they’ve got an exploitable asset—their DeepSight sensor network—and they’re flogging it for all it’s worth. Good on ’em.

There’s been plenty of ink spilled in the press (e.g., Computerworld, El Reg ) about what the latest report means. Controversies and headlines abound: is Firefox really less secure than IE? Are Mac users living in a “false paradise” as the report claims? Are botnets running the universe?

All of these are important questions, and the report gives information on all of them. I recommend you read the report for yourself, and reach your own conclusions. That said, I find the report more interesting for what it doesn’t say. Reading between the lines is the best way to read the Symantec Threat Report.