Compliance and Privacy
Compliance and Privacy News )
Essential Reading for Today's Business 13th December 2005

in this issue
  • iDefense Webcast Invite - Exploitation Frameworks
  • Sober Worm Linked to Nazis
  • Sarbanes-Oxley - Business Benefits Outside the USA

    Dear Visitor,

    With hackers set to exploit any loophole,the iDefense webcast on Exploitation Frameworks is very timely and essential reference material. Full details are below for the webcast on the 15th December.

    And if that's not enough, the Sober worm is pretty wide reaching in its impact. It nearly brought Hotmail to its knees and smaller ISPs are reeling under the sheer weight of imbecilic attacks. Read the article below to see how it is linked to the Nazis! The article is serious enough, but blow off steam in the "Have Your Say" link at the foot!

    And finally, if you ever wondered whether Sarbanes-Oxley was "just for our American cousins", think again. CIOs can use SOX to help their organisations gain competitive advantage, and not just by working with the CFO to lower audit costs. Its benefits go far wider. Tell us what you think.

    Peter Andrews

    iDefense Webcast Invite - Exploitation Frameworks

    The regular iDefense webcasts are a hugely valuable half hour. Many of the topics are ones where you never even know you're vulnerable. Not until you participate in the webcast, that is.

    The iDefense exploitation framework comparison is a comprehensive review of the features included in the CORE IMPACT, Immunity's Canvas and Metasploit exploitation frameworks. Typically, corporations use these frameworks to perform penetration testing on their internal systems. However, hackers also frequently take advantage of the automated test-and-penetrate mechanisms that these frameworks offer. In its report, iDefense compares these frameworks to determine which is the most useful in a corporate setting and which might prove the most significant threat to vulnerable networks.

    Join us on 15 December at 2pm EST (7pm GMT). We will also bring you this webcast as a replay a couple of days after the cast.

    Sober Worm Linked to Nazis

    Unbelievable as it sounds, the Sober worm appears linked to the 87th anniversary of the German Nazi party. While most of us would rather consign National Socialism to the "rather nasty part of history" bin a group of Nazi activists have been deluging the world with what appears to be imminent Nazi propaganda

    The virus author is bright. He's concealed URLs inside the code that iDefense has cracked wide open, but we and they are just as sure he has a backup plan. Click on the link below to find out more.

    Sarbanes-Oxley - Business Benefits Outside the USA

    Just as the mists were starting to clear for C-Level executives, a torrent of SOX is heading Europe's way. It can certainly be argued that Euro-CIOs should already be aware of Sarbanes-Oxley, but so many of them said "US Only. Not Relevant!" and moved on. The more astute looked at the regulatory regime and said "Ah, if we comply here, then it genuinely makes our lives easier for the future," because they recognised competitive advantage and cost saving when they saw it. SOX for Europeans is not the same mandatory set of regulations that MiFID is for the finance sector. SOX is not mandatory for Europe anyway, but complying with SOX here, now, means better business practices ahead of the regulator.

    Many businesses are now recognising that SOX compliance is essential if they are bidding for major contracts in the US or if they are hoping to merge with or be bought by a US company. But more than that, many are discovering that, to their surprise, compliance rather than being a burden can in fact lower costs.

    But those who advertise 'Sarbanes-Oxley Compliant' software and those who buy it will have a shock, according to Dennis Keeling, Chairman of the British Software Developers Association. "There is no such thing as 'Sarbanes-Oxley Compliant' software," says Keeling. He makes a valid point. Read the full article to fined out why.

    Quick Links...


    Readers should note that references to VeriSign's sponsorship are historical. That sponsorship ended on 28 February 2007, and is simply included here for context and historical purposes. VeriSign is not formally associated with this site in any manner, and has asked us to emphasise this point.