昨天晚上的手机短信就没有断,不少朋友都在议论这个收购。 同意Jeff的看法,Intel这个“跨界”距离忒大了些。此前,也一直风传TrendMicro/McAfee等独立安全公司在寻找购并机会,包括Hp收购McAfee,看到这个消息还是让人吃惊。
后面怎么也得有段时间McAfee独立运作了,也看不出有什么中间交叉业务,McAfee, an Intel company. 有新闻认为Intel出手是看好手机和硬件安全云云,有些牵强。
这个收购时Intel42年历史上的最大手笔,WSJ评论也表达了Intel有些“冲动”的担心,点击看华尔街日报的相关新闻和评论….. Read more…
转帖注:贵为HP CEO的赫德因为2万美元还有一个性骚扰就被解雇了,炒了鱿鱼,对比唐骏“学历门”事件中新华都、以及社会舆论在“诚信”问题上的暧昧态度,让人忍不住会质疑社会和政府正在默许鼓励纵容一种什么样的价值观,对孩子未来的世界观会产生什么样的影响,这些的恶果最终都会反弹回来,砸到社会和我们自己身上。
当历史照进现实
约4年前,时任惠普CEO和董事会主席的马克·赫德(Mark Hurd)在美国国务院作证时向美国众议院能源与商业委员会表示:“如果公司创始人比尔·休莱特(Bill Hewlett)和戴夫·帕卡德(Dave Packard)今天还活着的话,那他们会感到震惊,他们会觉得羞愧难当。”那个时候,惠普正因暗中监视记者和董事会成员一事饱受批评。这个不光彩的事件也导致当时的惠普董事会主席帕特丽夏·邓恩(Patricia Dunn)下台。当时邓恩甚至面临重罪指控,但所幸逃过一劫。 Read more…
两则云安全联盟的新闻:
- 8月11日,云安全联盟中国区分会CSA-GCC成为正式分会。
- 7月28日,云安全联盟在Blackhat大会上宣布推出“云安全知识认证 – CCSK。该认证将以《云安全指南》v2.1作为认证教材,9月1日推出。企业成员将会免费获得两个认证考试指标。
上周美国管理预算办公室OMB、总统网络安全特别协调员Howard、国土安全部联合发布文件,调整明确了在网络空间安全方面的任务分工:
Under various national security and homeland security Presidential directives, and pursuant to its statutory authorities, DHS oversees critical infrastructure protection, operates the United States Computer Emergency Readiness Team (US-CERT), oversees implementation of the Trusted
Internet Connection initiative, and takes other actions to help secure both the Federal civilian government systems and the private sector. At the same time, OMB has a number of
cybersecurity responsibilities, principally in connection with FISMA. The Cybersecurity Coordinator leads the interagency process for cybersecurity strategy and policy development. Read more…
印度有一个数据安全理事会DSCI(Data Security Council of India),CEO是Kamlesh Bajaj先生。他在达拉斯世界网络安全大会上作为特邀嘉宾多次主持会议。会后,Kamlesh把主要观点和动议编辑成一份白皮书,有EWI公开发行.
这份报告站位比较高,很系统地从网络空间安全有关的威胁、立法、政府、商业等各种角度做了总结回顾,改变了不少我们以前对于印度在网络安全方面的看法,推荐阅读。
下面是文档中使用的Kamlesh的官方简介:
Kamlesh Bajaj is the Chief Executive Officer of the Data Security Council of India and Head of NASSCOM Security Initiatives. He has over 30 years of experience in various capacities in the IT industry. Over the last two years, he has led the development of best practices for data protection, promoted their use by IT and business-process outsourcing companies in compliance with regulations of client countries. He was the Founder Director of the Computer Emergency Response Team in the Indian Ministry of Communications and IT. He has also served as Deputy Director General of the National Informatics Centre. He led several large projects in finance and banking, most notably the Customs EDI Project that introduced near-paperless operations in custom houses in India. Dr. Bajaj began his career as a Software Engineer at CAE Electronics in Canada. He is also a Fellow at the Institution of Electronics and Telecommunication Engineers, India, and at the National Academy of Sciences, India.
Gartner每年一度的安全与风险管理峰会在6月21日-23日在华盛顿DC特区附近秀丽的Gaylord酒店举行。大会再次云集了Gartner的数十位安全分析专家、数十位的CSO/CISO演讲者以及业界的各路精英。第一个Keynote的演讲者是前总律师Attoney General John Ashcroft,他就是那个在电影Breach中出现的审讯大间谍汉森的那个总律师。
总体上感觉,与RSA安全大会相比,Gartner大会偏重于“未来”,按照Gartner自己的会议定位,是意图在“战略”和“执行”,在“技术”和“业务”,之间取得平衡。会后我认为Gartner实现了自己的目标,下面把我的一些观感和大家分享。
1 会议的涉猎范围非常广泛,从“科学、安全和怀疑主义”、隐私和可用性的平衡、弹性(Resilience)企业、绿色地球、安全情报、到云计算职业人生规划等。
2 云计算和云安全,在Gartner的分析师和这次峰会的演讲者中,已经转向了实现和How的部分 Read more…
这两天新闻很多, Google和微软打升级赛龙舟. Google那边是SideWiki/Wave/Place, Microsoft这边是免费反病毒套装Security Essentials (MSE). MSE的定位是用来替代Windows Live OneCare和一部分的Windows Defender. 鉴于以前微软免费套装的失望表现, 大家都怀着观望的心态等着 MSE.
从发布后这两天的媒体报道来看, 好评不少. ZDNet的Adrian的体验是很开心, Register的报道认为 MSE 不错的表现将可能重组客户端反病毒/反恶意软件市场, 尤其是免费反病毒软件市场. 这里应该包含了Symantec, Trend Micro, McAfee, Kaspersky等前几大, 应该还有360.cn, 网警等等都会受到影响. 当然, 昨天Symantec已经表示出不快了. Read more…
2.7.1, the first 2.7 maintenance release, is now available. 2.7.1 fixes 68 tickets. For users of version 2.7, it’s just one click to upgrade to 2.7.1. Wow! please begin to enjoy the convenience brought by 2.7!
Security itself isn’t cheap. Adi Shamir says that security and cost are inversely proportional: to halve your vulnerability,
you have to double your expenditure.
1. Improving business processes
2. Attracting and retaining new customers
3. Creating new products and services (innovate)
4. Expanding into new markets or geographies
5. Reducing enterprise cost
6. Improving enterprise workforce effectiveness
7. Expanding current customer relationship
8. Increasing the use of information/analytics
9. Targeting customers and markets more effectively
10. Acquiring new companies and capabilities (M&A)
(Source : Gartner EXP Survey 2008)
1. Delivering projects that enable business growth
2. Linking business and IT strategies and plans
3. Attracting, developing and retaining IT personnel
4. Improving the quality of IT services
5. Implementing IT process improvements
6. Improving IT governance
7. Building business skills in the IT organisation
8. Using information/intelligence in operations, products or services
9. Reducing the cost of IT
10. Managing IT risk and exposure
(Source : Gartner EXP Survey 2008)
1. Business Intelligence (No. 1 for 2006 and 2007)
2. Enterprise applications (ERP, SCM, CRM)
3. Servers and storage technologies
4. Legacy modernisation, upgrade or replacement
5. Technical infrastructure
6. Security technologies
7. Networking, voice and data
8. Collaboration technologies
9. Document management
10. Service Oriented (SOA)
CIOs continue to invest core technologies that can drive distinctive solutions
(Source : Gartner EXP Survey 2008)
“You don’t know who is swimming naked until the tide goes out.” In our world, we don’t know whose systems are running naked, with no controls, until they are attacked.
I changed the theme to “Clean Press“. It’s very simple, concise, crisp. As Dave said it focuses on content. I slightly modified it by changing the sidebar to right. If you like this one, Click to download Clean Press (right sidebar).
近日,央视接连两天对百度竞价排名的弊端进行了报道,各大媒体也没有放过这个机会,百度的媒体形象一度跌入低谷。联系到Google深入人心的“不作恶”形象,两形之下,给人高低立判之感。当公司发展到一定阶段,“民心所向”和“政治”就成为一个非常重要的环节。
虽然百度在国内市场占有率遥遥领先,但是由于其“竞价”方式的排名,搜索结果往往让人难以接受,从而放弃。尤其是专业人士,很依赖搜索结果的公正和客观,如果发现搜索出来的是一个报价的排名,还不如直接看广告了。
我在Google和百度上面分别搜索“信息安全”和”Security”,搜索结果大家一看就可以感觉到百度“竞价”排名对你的嘲弄: Read more…
Recent Comments