April 01, 2013
The ever-increasing use of personal devices has tested enterprise defenses, so plans must be created to meet the challenge, reports James Hale.
April 01, 2013
There are steps security pros can take to achieve greater peace of mind with cloud implementations, reports Alan Earls.
April 01, 2013
Health providers have pressing reasons to now embrace security, says INTEGRIS Health's John Delano. Karen Epper Hoffman reports.
April 01, 2013
Are there ways to catch sophisticated malware that hides in trusted processes and services? Deb Radcliff finds out.
March 01, 2013
Our program profiling the winners and finalists of the 2013 SC Awards U.S., held Feb. 26 in San Francisco.
March 01, 2013
John South joined Heartland Payment Systems when it still was reeling from a devastating breach...and it's the best career decision he's ever made. Dan Kaplan reports.
March 01, 2013
With almost daily advanced attacks, organizations of all sizes must be at the ready, according to respondents to this year's "Guarding Against a Data Breach" survey. Illena Armstrong reports.
March 01, 2013
Industrial control systems remain troublingly vulnerable to both internal error and outside intruders, reports Danielle Walker.
February 01, 2013
The NBA's New Orleans Hornets needed to provide its off-the-court, but highly mobile staff with a secure method for communicating. It found an enterprise remote access solution that could help.
February 01, 2013
The United States has established itself as a major force in a new era of combat, but what repercussions do state-sponsored actions in cyber space have on all of us?
February 01, 2013
PayPal's Andy Steingruebl knows security is not an insular task. By looking outside of its own walls, the company has taken the fight to the enemy, and helped everyone else in the process.
February 01, 2013
Results from our sixth-annual data breach survey are out next month, but here's a sampling of what's to come from our study of budgets, hiring practices, security solutions and more.
February 01, 2013
Despite the ubiquity of the Trusted Platform Module, holdups exist and adoption remains slow. Among them are issues with interoperability, considering Apple, Google and Microsoft all use different standards.
January 02, 2013
For those organizations at risk to a nation-state attack, preparation should come with the expectation of compromise, as well as knowledge that the damage can be mitigated.
January 02, 2013
Cloud computing still is trying to overcome the trust and reliability issues that has made it a questionable proposition for many organizations.
January 02, 2013
Compliance brings with it the stigma of cost, complexity and confusion, but viewing it from a risk point-of-view may help make it more tolerable.
January 02, 2013
Rodney Dangerfield couldn't get any respect, and neither can CISOs, who still struggle for recognition within the C-suite. But ignore them at your own risk, says Deven Bhatt, CISO for WEX.
January 02, 2013
A highly regulated debt collector from the U.K. needed to achieve compliance, but it wanted to scrap all of the point solutions on which it traditionally relied.
December 03, 2012
A group of prominent security professionals forecast the most significant industry shifts in 2013. Greg Masters compiles the responses.
Here's a year-end look back at some of the biggest mergers and acquisitions activity in the security space.
December 03, 2012
Gabriella Coleman, professor at McGill University in Montreal and avid observer of the Anonymous online collective, has become one of the pre-eminent thought leaders on the hacktivist culture.
December 03, 2012
The threats to enterprise networks continued to grow this year, but the tech grab bag is also getting more potent, reports Alan Earls.
November 01, 2012
No a business' size, employees are yearning to connect their personal devices to the corporate network. But fear not: Solutions and best practices are starting to emerge to manage the risk attached with this craze.
November 01, 2012
Most organizations cite trust issues as their primary reason for deciding against outsourcing their computing resources and data assets. So just what are cloud providers doing to ensure protection?
November 01, 2012
External adversaries, such as nation-state attackers or criminals after credit card data, may get all the attention, but insiders pose a signfiicant threat. Can the non-malicious ones be taught to act securely?
November 01, 2012
The intrusion prevention system is a mainstay of any organization's perimeter-focused security infrastructure, but its days may be numbered as a standalone technology. Yet, its purpose lives on.
November 01, 2012
For the last several years, security experts have been stressing the vulnerability of industrial control systems. Now, with attacks like Stuxnet proof of the risk, the big question is: How will industry respond?
October 01, 2012
Web browsers have become today's de facto operating system -- the single place where end-users spend most of their time. As such, they're ground zero for attacks. Technology, though, is coming to the rescue.
October 01, 2012
Sanjeev Sah has been CISO of UNC-Charlotte for just over a year, and he's already well versed on the unique circumstances that make securing colleges unlike any other vertical.
October 01, 2012
With users flocking toward mobile platforms, fraudsters will join as well. But businesses have a bigger problem: What to do about employees wanting to use their devices to connect to the corporate network.
September 04, 2012
With breaches grabbing headlines and cash funneling toward infosec budgets, the role of the security executive is shifting from tech and compliance wonk to savvy businessperson.
September 04, 2012
When the history of the cyber arms race is written, the first chapter surely will be devoted to Stuxnet. But now that these sophisticated strikes have started, there are plenty of questions to answer.
September 04, 2012
Applications provide the path to an organization's coveted assets. And even if they're not public-facing, they still can be a ripe target. We talk to Marcus Prendergast, CSO of ITG, for this month's cover story.
September 04, 2012
The ability to marry physical and logical security controls is maturing, which means companies can find efficiency wins, while in the process lowering their risk profile.
August 01, 2012
Many view information sharing as an elusive quest, hampered by various roadblocks. But Georgia Tech researchers want to tear down these hurdles with a new threat intelligence system known as Titan.
August 01, 2012
Security metrics remain elusive for many organizations, but key performance indicators, or KPIs, are achievable measurements that can help guide business planning and strategy.
August 01, 2012
Businesses may no longer be able to turn away employees who want to bring their smartphones and tablets to work, and connect to the corporate network. But is that actually a good thing?
July 30, 2012
While the town of Brick on the New Jersey shore maintains a 1950s aura, with the growth of digital media, its public school system had to alleviate engorged traffic on its network, while safeguarding data.
Many organizations are focusing their security efforts on deterring the external attack -- often at the expense of catching the insider threat. This could be a costly oversight, especially with the rise of BYOD.
July 02, 2012
The loss of personally identifiable information (PII) by an organization can lead to customer loss, reputational harm, and fines, but before this data can be properly guarded, it must be located.
July 02, 2012
In 1854, an English physician was one of the first to use an epidemiological method to ID disease risk. Ben Sapiro of the Dominion of General Insurance Co. wants his peers to do the same with security.
July 02, 2012
The hospitality industry remains one of the most targeted by cyber criminals. That's why Thayer Lodging Group, which owns or operates 18 hotels, knew it was time to get serious about endpoint security.
July 02, 2012
Firewalls have been an enterprise security mainstay for years. But with a majority of attacks now being launched against the web application layer of the stack, the technology must evolve.
June 01, 2012
The only way to gain the upper hand on today's advanced adversaries is by being proactive -- even aggressive, a tactic that can take many forms, says Joel Yonts, CISO of an automotive supply company.
June 01, 2012
Sites such as Facebook and Twitter contain seemingly infinite amounts of personal data, so it's no wonder criminals have turned their focus there. But social media providers and end-users can protect themselves.
May 01, 2012
Certifications have long validated security skills, says W. Hord Tipton of (ISC)2. But as the profession evolves and more educational opportunities pop up, how valuable do they remain?
May 01, 2012
The decision to move to the cloud has always been wrought with anxiety over entrusting one's data to a third-party. Learning which questions to ask of a provider can help mitigate that concern.
May 01, 2012
For a while, only traditional PCs were connected to the public internet. But with most devices now gaining networked capabilities, it's only a matter of time before your television can contract a virus.
May 01, 2012
Health care traditionally, compared with other industries, has lagged in terms of cyber defense, but with attackers now specifically targeting these organizations for patient data, inaction is no longer an option.
April 02, 2012
With data proliferating at astonishing rates, organizations are tearing into it, hoping to derive new business value, which, according to Zions CSO Preston Wood, includes better security decision making.
