The online leak of the Microsoft free tool which helps law enforcement agencies to retrieve forensic evidence in the first ‘rush’ of a crime scene is perhaps not as serious as first thought.

This site ran a story a while back which announced that Interpol’s Global Security Initiative (GSI), which focusses on international security challenges, has been given free use of Microsoft’s Computer Online Forensics Evidence Extractor (hence COFEE) to help the fight against cyber crime.

COFEE help scene of the crime officers gather computer evidence in-situ and quickly. This type of evidence is regarded as volatile and not as efficiently collected as traditional forensic evidence. Microsoft hoped that by giving Interpol, and others, COFEE, it would go a long way to help combating the spread of cyber crime.

But reports from various sites online say that Microsoft does not regard the leak as a major leak. It is said to be investigating the circumstances behind it, but pointed out that COFEE is fundamentally an application which contains a collection of digital forensic tools which are common throughout the world. In other words, it is not ‘secret’ code which will unlock forensic tricks and techniques for the criminal community.

What’s more, those in the know said that the leaked version of COFEE was incomplete, with maybe less than 50% of the programme out there. Which leads watchers of the saga to the conclusion that COFEE is about procedure and technique in the heat of the incident, rather than a magical code which allows the police to get the upper hand.

Indeed, some experts have stated their disappointment that COFEE was not better than they had expected. Some went as far as to suggest that other similar programmes on the market would do a better job.

Some cynics have also stated that maybe Microsoft is deliberately downplaying the incident to avoid any embarrassment over its leaking which is not a great advertisement for the company, or the product. Also, others have challenged Microsoft’s relaxed attitude, given that maybe some criminals could learn from the leak and adapt their browsing and internet use accordingly.

Guest Article by Neil Camp 

The worldwide computer security software market is set to grow some 8% in 2009 to a total value of $14.5 billion, compared to growth in 2008 of 19%.

Figures come from research group Gartner who have forecast 2010 growth of 13%, taking the market’s worth to $16.3 billion.

Europe’s share of the 2009 total market value is €3.2 billion in 2009, which represents a 7% growth from 2008.

Ruggero Contu, an analyst at Gartner, said:
“Although the worldwide security software market is affected by the economic downturn, the growth will continue to be strong in 2009 as security remains a critical area where drastic cuts cannot be afforded. In the medium term, the greatest growth opportunities will come from software as a service (SaaS), appliance based offering and small and medium businesses (SMBs), which are in security catch-up mode compared with large companies and therefore spend a higher percentage of their budgets on security.”

Mr Contu went on to say that:
“The security software market in 2008 was characterised by a high level of consolidation with the examples of McAfee purchasing Secure Computing, Symantec and Sophos acquiring MessageLabs and Ultimaco, respectively. This is a sector where further consolidation is expected in the near future.

“End-users are gradually moving to better-integrated multi-products, particularly in areas such as endpoint security and identity and access management. Vendors offering good integration in an already established and trusted technology partnership will be best-placed for success, as buyers prefer to deal with two or more vendors that already trust each other’s software and practices.”

The figures also revealed that in 2009, consumer security will remain the largest segment (in terms of total software revenue) in the security software market, representing 25 per cent of the total market.

Gartner goes on to estimates that it will account for $3.6 billion, growing nearly 5% in 2009. The enterprise security software market, formed by a number of segments including endpoint protection platform, email security boundary and user provisioning, is predicted to account for $10.9 billion, reaching 9% growth in 2009.

Gartner claims to be the leading information technology research and advisory company.

Guest Article by Neil Camp

The cybersecurity giant McAfee has released details of its network security strategy to give enterprises a secure and cost effective security solution.

McAfee’s new network security strategy has been developed to address the needs and desires of business and enterprises. Many of these concerns are focused around the slowdown in today’s economy, which appears to be driving cybercriminals to be more and more of a threat to businesses’ cybersecurity.

In conjunction with Purdue University, McAfee has discovered that businesses worldwide are losing an estimated one trillion dollars a year through cybercrime. Malware is on the rise, with McAfee reporting that in the year 2008 they saw more new malware than in past years combined.

McAfee has therefore responded to the growing concerns and worries of its consumers, by ensuring that their security solutions are cost effective and come from a single vendor.

Dan Ryan, executive vice president of Network Security Business Unit at McAfee, said: “From conversations with our customers, it is clear that enterprises spend an enormous amount of time, money and administrative overhead managing multiple security products. McAfee’s comprehensive line of network security products eliminates the need for multi-vendor solutions and ensures the absolute lowest total cost of ownership available today.”

The McAfee strategy integrates all areas of McAfee’s portfolio of products, including: network firewalls, web and e-mail security, data loss prevention, and McAfee ePolicy Orchestrator provides a centralised security management console. The security is maintained by McAfee’s global threat intelligence, which is powered by McAfee Avert Labs.

Chris Christiansen, vice president, Security Practice, IDC: “Organizations must take a more unified approach to security. The days of managing network defence, Web and messaging security and data security as separate activities simply won’t succeed in today’s economic and threat environment. Effective Network Security must have global intelligence and must be integrated into the broader organizational security management infrastructure. Vendors that deliver these levels of integration in a complete suite will be successful as this will lower overall cost of ownership for organizations. For the next three to five years, reducing cost of ownership will drive security investments.”

McAfee is delivering their strategy within their Network Security Business Unit.

Guest Article by Neil Camp

McAfee, a world leader in computer security, has announced the release of McAfee ePolicy Orchestrator 4.5 software to advance its protection to businesses and governments.

The drive to keep protection to maintain cybersecurity in some of the most vital areas of national and business security, comes as McAfee Avert Labs releases data showing attacks on businesses increases 500% over the last year.

On top of this, McAfee’s research also indicates that some large company or enterprise networks can use as many as 200 different security providers to try to keep their computers secure. This naturally dilutes the power of any of these providers to keep a company network secure, as well as costing the business significant amounts of money.

The McAfee ePolicy Orchestrator 4.5 software is therefore an answer to some of the main problems of business and its cybersecurity today.

McAfee ePolicy Orchestrator satisfied four main elements that McAfee believed all organisations should take into account when securing their network, including an integrated defence and real-time threat intelligence with in-the-cloud protection.

McAfee ePolicy Orchestrator has a number of additional highlights to ensure it can maintain the security of even the largest networks, for example:

• Improved enterprise scalability: new architecture is multi-layered, featuring: load balancing, failover support, with awareness of multiple servers to improve policy management and reporting.
• Enhanced Web-based, customizable interface: streamlined navigation and reporting enhancements provide a visibility of the organization’s security. A more powerful and intuitive interface means end-to-end visibility across the whole security environment
• Improved workflow and automation framework: this helps to minimize vulnerabilities and save administrator time. Automated protection is based on user profiles instead of just the system or device. As well as this a new help desk ticketing integration with HP OpenView and BMC Remedy helps to automate any workflow tasks.

Matt Fairbanks, senior vice president of product and solution marketing at McAfee, said: “IT organizations want to consolidate and standardize on a strategic security partner to deliver the highest protection levels while driving down cost. With McAfee’s unmatched network and systems security portfolio, powerful compliance technologies, real-time Global Threat Intelligence, and a security management platform based on ePolicy Orchestrator, McAfee is transforming the way businesses approach security.”

Guest Article by Neil Camp

McAfee, one of the world’s leading providers of computer security, has welcomed the news that the Obama administration recognises protection against cyber threats is integral to overall national security.

McAfee applaud the United States government’s release of a 60 Day Cybersecurity Review, indicating a new dedicated approach to cyber security. The Review will look specifically into how to protect critical assets that are vital to national security from the new, sophisticated threats which are an ever-increasing problem.

Dave DeWalt, McAfee president and chief executive officer, attended the release event at the White House and said: “Cyber security must be a national priority, and today the Obama administration made that clear. Government and private sector, including McAfee, actively collaborated on this initiative. We look forward to continued participation in an even stronger partnership with the government to ensure that our institutions and citizens are able to fully participate in a secure and networked world.”

Cybersecurity is vitally needed by both public and private infrastructure to ensure national security, and the strategy will be designed to endeavour to increase national security through the use of protection against cyber threats.

The Review demonstrates understanding at the highest government level that, in this world of advanced cyber threats, the security of the internet is vital to overall security of the U.S. DeWalt also said: “The release of the 60 Day Cybersecurity Review marks the beginning of a new era of US leadership in the critical field of Cybersecurity.”

McAfee have claimed their eagerness to continue to work with the White House as the initiative continues. They will work alongside other elements of the current government, and in areas of the private sector to ensure that Cybersecurity is comprehensive and keeps the most important areas of U.S. infrastructure and assets secure.

Guest Article by Neil Camp