May 01, 2013
Aaron Swartz's death inspired Rep. Zoe Lofgren to want to reform the federal anti-hacking law, but some security pros worry this would sterilize a potent enforcement weapon, reports Dan Kaplan.
May 01, 2013
With data-mining firms harvesting personal information from online activity, privacy advocates, if not yet consumers, are alarmed, reports James Hale.
April 01, 2013
The ever-increasing use of personal devices has tested enterprise defenses, so plans must be created to meet the challenge, reports James Hale.
April 01, 2013
There are steps security pros can take to achieve greater peace of mind with cloud implementations, reports Alan Earls.
April 01, 2013
Health providers have pressing reasons to now embrace security, says INTEGRIS Health's John Delano. Karen Epper Hoffman reports.
April 01, 2013
Are there ways to catch sophisticated malware that hides in trusted processes and services? Deb Radcliff finds out.
March 01, 2013
Our program profiling the winners and finalists of the 2013 SC Awards U.S., held Feb. 26 in San Francisco.
March 01, 2013
John South joined Heartland Payment Systems when it still was reeling from a devastating breach...and it's the best career decision he's ever made. Dan Kaplan reports.
March 01, 2013
With almost daily advanced attacks, organizations of all sizes must be at the ready, according to respondents to this year's "Guarding Against a Data Breach" survey. Illena Armstrong reports.
March 01, 2013
Industrial control systems remain troublingly vulnerable to both internal error and outside intruders, reports Danielle Walker.
February 01, 2013
The NBA's New Orleans Hornets needed to provide its off-the-court, but highly mobile staff with a secure method for communicating. It found an enterprise remote access solution that could help.
February 01, 2013
The United States has established itself as a major force in a new era of combat, but what repercussions do state-sponsored actions in cyber space have on all of us?
February 01, 2013
PayPal's Andy Steingruebl knows security is not an insular task. By looking outside of its own walls, the company has taken the fight to the enemy, and helped everyone else in the process.
February 01, 2013
Results from our sixth-annual data breach survey are out next month, but here's a sampling of what's to come from our study of budgets, hiring practices, security solutions and more.
February 01, 2013
Despite the ubiquity of the Trusted Platform Module, holdups exist and adoption remains slow. Among them are issues with interoperability, considering Apple, Google and Microsoft all use different standards.
January 02, 2013
For those organizations at risk to a nation-state attack, preparation should come with the expectation of compromise, as well as knowledge that the damage can be mitigated.
January 02, 2013
Cloud computing still is trying to overcome the trust and reliability issues that has made it a questionable proposition for many organizations.
January 02, 2013
Compliance brings with it the stigma of cost, complexity and confusion, but viewing it from a risk point-of-view may help make it more tolerable.
January 02, 2013
Rodney Dangerfield couldn't get any respect, and neither can CISOs, who still struggle for recognition within the C-suite. But ignore them at your own risk, says Deven Bhatt, CISO for WEX.
January 02, 2013
A highly regulated debt collector from the U.K. needed to achieve compliance, but it wanted to scrap all of the point solutions on which it traditionally relied.
December 03, 2012
A group of prominent security professionals forecast the most significant industry shifts in 2013. Greg Masters compiles the responses.
December 03, 2012
Valerie Aurora and Mary Gardiner have united to form a decade-long collaboration on a variety of "women in open source" advocacy projects, including developing anti-harassment policies at conferences.
December 03, 2012
Michael Coates, director of security assurance at Mozilla and chairman of OWASP, is a steadfast supporter of open-source methods to safeguard users against security and privacy threats.
December 03, 2012
Gabriella Coleman, professor at McGill University in Montreal and avid observer of the Anonymous online collective, has become one of the pre-eminent thought leaders on the hacktivist culture.
December 03, 2012
Ron Ross is helping to lead the development of new standards and controls that security professionals can use to safeguard their organizations against today's internet threat paradigms.
December 03, 2012
Chris Soghoian, who was recently hired as the ACLU's first-ever principal technologist, has never been afraid to ruffle the feathers of the corporate establishment when it comes to privacy and security issues.
December 03, 2012
The threats to enterprise networks continued to grow this year, but the tech grab bag is also getting more potent, reports Alan Earls.
Here's a year-end look back at some of the biggest mergers and acquisitions activity in the security space.
November 01, 2012
No a business' size, employees are yearning to connect their personal devices to the corporate network. But fear not: Solutions and best practices are starting to emerge to manage the risk attached with this craze.
November 01, 2012
Most organizations cite trust issues as their primary reason for deciding against outsourcing their computing resources and data assets. So just what are cloud providers doing to ensure protection?
November 01, 2012
External adversaries, such as nation-state attackers or criminals after credit card data, may get all the attention, but insiders pose a signfiicant threat. Can the non-malicious ones be taught to act securely?
November 01, 2012
The intrusion prevention system is a mainstay of any organization's perimeter-focused security infrastructure, but its days may be numbered as a standalone technology. Yet, its purpose lives on.
November 01, 2012
For the last several years, security experts have been stressing the vulnerability of industrial control systems. Now, with attacks like Stuxnet proof of the risk, the big question is: How will industry respond?
October 01, 2012
Web browsers have become today's de facto operating system -- the single place where end-users spend most of their time. As such, they're ground zero for attacks. Technology, though, is coming to the rescue.
October 01, 2012
Sanjeev Sah has been CISO of UNC-Charlotte for just over a year, and he's already well versed on the unique circumstances that make securing colleges unlike any other vertical.
October 01, 2012
With users flocking toward mobile platforms, fraudsters will join as well. But businesses have a bigger problem: What to do about employees wanting to use their devices to connect to the corporate network.
September 04, 2012
With breaches grabbing headlines and cash funneling toward infosec budgets, the role of the security executive is shifting from tech and compliance wonk to savvy businessperson.
September 04, 2012
When the history of the cyber arms race is written, the first chapter surely will be devoted to Stuxnet. But now that these sophisticated strikes have started, there are plenty of questions to answer.
September 04, 2012
Applications provide the path to an organization's coveted assets. And even if they're not public-facing, they still can be a ripe target. We talk to Marcus Prendergast, CSO of ITG, for this month's cover story.
September 04, 2012
The ability to marry physical and logical security controls is maturing, which means companies can find efficiency wins, while in the process lowering their risk profile.
August 01, 2012
Many view information sharing as an elusive quest, hampered by various roadblocks. But Georgia Tech researchers want to tear down these hurdles with a new threat intelligence system known as Titan.
August 01, 2012
Security metrics remain elusive for many organizations, but key performance indicators, or KPIs, are achievable measurements that can help guide business planning and strategy.
August 01, 2012
Businesses may no longer be able to turn away employees who want to bring their smartphones and tablets to work, and connect to the corporate network. But is that actually a good thing?
July 30, 2012
While the town of Brick on the New Jersey shore maintains a 1950s aura, with the growth of digital media, its public school system had to alleviate engorged traffic on its network, while safeguarding data.
Many organizations are focusing their security efforts on deterring the external attack -- often at the expense of catching the insider threat. This could be a costly oversight, especially with the rise of BYOD.
July 02, 2012
The loss of personally identifiable information (PII) by an organization can lead to customer loss, reputational harm, and fines, but before this data can be properly guarded, it must be located.
July 02, 2012
In 1854, an English physician was one of the first to use an epidemiological method to ID disease risk. Ben Sapiro of the Dominion of General Insurance Co. wants his peers to do the same with security.
July 02, 2012
The hospitality industry remains one of the most targeted by cyber criminals. That's why Thayer Lodging Group, which owns or operates 18 hotels, knew it was time to get serious about endpoint security.
July 02, 2012
Firewalls have been an enterprise security mainstay for years. But with a majority of attacks now being launched against the web application layer of the stack, the technology must evolve.
June 01, 2012
The only way to gain the upper hand on today's advanced adversaries is by being proactive -- even aggressive, a tactic that can take many forms, says Joel Yonts, CISO of an automotive supply company.
