Industry News

A research team at the Security and Cryptography Laboratory in Lausanne, Switzerland, has reportedly been successful in recognizing the keystrokes by analyzing the electromagnetic emissions.

"We found 4 different ways (including the Kuhn attack) to fully or partially recover keystrokes from wired keyboards at a distance up to 20 meters, even through walls. We tested 11 different wired keyboard models bought between 2001 and 2008 (PS/2, USB and laptop). They are all vulnerable to at least one of our 4 attacks."

ENISA, The European Network and Information Security Agency has released a useful report on how to convince the senior management to support and invest in security initiatives.

Verizon recently released a landmark research paper titled "2008 Data Breach Investigations Report" based on a study done by their Business RISK Team. The paper is freely available and is the first of its kind. In short, it provides significant insights into data breaches based on more than 500 forensic engagements handled by the Verizon Business Investigative Response team.

CIO.com has an interesting article about selling security solutions from Bruce Schneier, a prominent security expert. He describes the difference between Utility Theory and Prospect Theory as applied to human beings.

The law enforcing agency, Central Bank of Sri Lanka has released a draft document on "Corporate Governance for Registered Financial Companies".

International Organization for Standardization (ISO) adopted a revised version of AS 8015 as the world standard for IT Governance. The new standard is ISO/IEC 38500.