Short post .. After more than 5 years of virus free-happy windows-system I got infected by Malware Destructor 2011 Virus … In 5 minutes I had no computer anymore.

I could not believe this is happening to me but it did.. so I'm in the process of re-installing everything. Mad as hell…

beware of this nasty virus : Malware Destructor 2011 Virus . Very good writeup here :

http://www.articlesbase.com/security-articles/is-malware-destructor-2011-installed-via-automatic-updates-system-security-pack-upgrade-legit-get-rid-malware-destructor-2011-virus-3260021.html

that's life..

The Annualized Loss Expectancy (ALE) is the product of the annual rate of occurrence (ARO) and the single loss expectancy. It is mathematically expressed as:

Annualized Loss Expectancy (ALE) = Annual Rate of Occurrence (ARO) X Single Loss Expectancy (SLE) (wikipedia)

Yes, we all know that famous formula which is used in every Risk Management project. But how accurate is the estimation of the Single Loss Expectancy (SLE)?

If we speak about downtime, the impact on business processes varies for each company and for each process. One thing is for sure though: if you provide IT services, better deliver an uptime around 99.x% or have a very flexible and loose SLA with your customers.

You know that uptime is many times a decisive factor in customer retention and in acquiring new business. But what is your actual loss caused by downtime ? I bet you asked this question many times and maybe you even started to draw some complicated math equations.

That's one way to do it, if you have time and energy to spend. Another way to do a proper Downtime Cost Simulation is to use the brainpower of computers like I did.

I just discovered the Downtime Cost Calculator developed by Storagepipe.com and I must say it does exactly what it's name says.

You can test it in the widget below (go on, press the PANIC button)

By using a complex math formula it allows you to see instantly how your dollars are flying out the window in case of a downtime.

The lost sales revenue is coupled with the lost productivity so you can instantly get a glimpse of the total accumulated cost as well as predicted hourly loss.

It's like a stopwatch for the bleeding money so it should raise an alarm about the potential impact of a downtime. Fixing the IT systems and processes is a different story and there are no automated tools to do that in the real world. It takes time and effort or you can outsource this task to Storagepipe, the creators of the Downtime Cost Calculator.

Storagepipe is a company focused on corporate data protection solutions including online backup and recovery, electronic archiving and business continuity. They can assist you trough the whole Risk Assessment process in order to identify and classify data which really matters for your company.

Offiste backup and recovery services will provide you the peace of mind about corporate data because, as we know the risk can be mitigated, accepted or transferred . Transferring seems a good option in this case.

With this post, I make another step into blogging by publishing a guest post written by the kind folks at GFI Software, a great security vendor and friends. Here it goes :

Securing Your Network from Web Threats

There is a price to pay for everything – while the Internet has proven to be an indispensable communication, research and promotional tool for most organizations, with it come a series of web threats and security risks.

What are the risks involved?

Studies have shown that a good amount of employee daily Internet activity is spent on non work-related sites. Morse PLC, for example, reported that 57% of office workers use social networking sites for an average of 40 minutes a day. Moreover Nielsen research revealed that the greatest number of Internet videos watched was on weekdays between 12.00pm and 2.00pm, meaning when most people were at work.

This not only reflects one of the primary side effects of employee Internet use, cyberslacking, which results in lost productivity, but it also indicates that the corporate network is exposed to a series of web threats throughout the day. Harmless-looking websites could be hosting malware and, as a result, if an employee carelessly accesses such sites or downloads files from them, the network is then exposed to a series of security risks. Google Advisory, for example, has shown that frequently visited social networking sites, such as Facebook and Twitter, are regular victims of malware (read more).

Once a company network is infected with malware or spyware, depending on the damage caused, the business experiences a series of negative repercussions which can interrupt, or even halt, its daily operations. Furthermore, in certain cases data could also be compromised or stolen, meaning the company could also end up facing serious legal charges.

What should be done?

Enforcing web security is therefore essential for organizations to protect their systems from web threats. The first step an organization should take is to set an Internet usage policy with clear guidelines as to what type of web use is considered acceptable, while also informing employees that their Internet usage is being controlled.  Controlling employee Internet usage is possible using web monitoring software; the knowledge that their web activities are being monitored encourages employees to curb their non work-related browsing; this in turn – decreases the possibility of accessing dangerous sites.

The next, and most important, step is to make use of a solid web filtering solution which offers protection to the corporate network by checking downloads for malicious payloads and quarantining or deleting infected files. The chosen web filtering solution should also offer the ability to examine websites and scan for hidden files or scripts that are covertly downloaded when the user opens a link to that particular page.

The Way Forward

Businesses need to understand the concept that prevention is better than cure – the savings made in worker productivity, IT labor, and bandwidth – not to mention the cost of defending the organization in court – not only compensate for the investment in a web monitoring and filtering solution but also provides ongoing value.

This guest post was provided by Christina Goggi on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. More information: GFI internet monitoring software.

All product and company names herein may be trademarks of their respective owners.

• Qualys BrowserCheck – nice client side security check tool http://bit.ly/ccAqMN #
• McAfee Risk Management; What threat data if they deploy only vulnerability managers and one correlation engine ? http://bit.ly/bWWGxD #
• New @NetWitness Visualize : Welcome To The Future! http://bit.ly/8XvbnX #
• FireEye and Solera Networks Partner to Provide In-depth Security Analytics for Proactive Cyber Attack Mitigation http://bit.ly/bAljDO #

Powered by Twitter Tools