It's a good time to be a malicious hacker. That's because even though it's not a time of revolutionary new techniques in hacking for profit, business is booming for the established methods. Despite increased investment in information security defenses, the good guys continue to lag badly behind. According to one report by Sophos, which called the recent uptick in ­malware a "deluge," by April 2007, more than 250,000 websites were hosting malicious code and more than 8,000 were being added to that total every day.

Asset disposition. Reverse logistics. Whatever you call it, getting rid of your old computers is more complicated than you might think.

When Microsoft announced .Net, Bill Gates called it a "bet the company thing".

Allen Rude, security manager at Intel, invested more than four years in an ROI study to justify the cost of digital video surveillance.

Information security metrics don't have to rely on heavy-duty maths to be effective, but they also don't have to be dumbed down to red, yellow, green. Here are six smart measurements - and effective ways to present them.

Oracle's acquisition of PeopleSoft is not the dawn of a scary new era for CIOs; it's the twilight of the old ERP age. It may also be an opportunity to create an ERP future that adds value, not cost, to your business

Computing on the Net is heading for a fall because security is a joke. So we summoned the best minds to see if we could put Humpty back together again.

Digital video surveillance today is more than a security technology; it's a business enabler.

Are you on board with enterprise risk management? You had better be. It's the future of how businesses will be run.

Wherein an imaginary dialogue between a CIO and a CFO identifies, analyzes and suggests strategies to resolve the long-standing divide between money and technology.

Your guide to the past, present and future of the legal challenge that may change the face of the open source revolution

In 2010, information security will be much better than it is today. But between then and now, everything will get inconceivably worse.

The more you patch, the more you need to patch, and the more kludgy and terrifyingly unpredictable your systems and applications become. Is there any way to escape this horror?

IT is late to embrace risk analysis, but without it, project portfolio management is nothing more than a fad.

Vendors, for the most part, value time-to-market over security. As long as they can get away with shipping buggy code, they will. And CIOs, as a group, have been passive, assuming there was little they could do to effect change