Opinions

UK Cyber-security after Brexit: May not be as bad as it first appears

It's difficult to predict how the global and British economies will react to Brexit in the long run, however UK Cyber-security every chance of staying in very good shape says Ilia Kolochenko.

Opinions Like pilots, CISOs need a cockpit to manage threats, vulnerabilities, risk

Like pilots, CISOs need a cockpit to manage threats, vulnerabilities, risk

Chief Information Security Officers (CISO) today no longer sit in the IT and security corner doing "techie" things.

Features Me and my job: Satyam Tyagi, CTO, Certes Networks

Me and my job: Satyam Tyagi, CTO, Certes Networks

Me and my job: Satyam Tyagi CTO, Certes Networks

Features Skills in demand: June 2016

Skills in demand: June 2016

Skills in demand: June 2016

Debate

Debate: Vendor VPNs: Good Idea?

Debate: Vendor VPNs: Good Idea?

Features Exploit kits upping the ante for security defense

Exploit kits upping the ante for security defense

For thieves, exploit kits are little efficiency machines, says Dell Security's Dmitriy Ayrapetov.

Features Securing IoT devices

Securing IoT devices

IoT devices can be a game changer, but unfortunately many are designed for convenience and functionality without security in mind.

Features Compliance at risk

Compliance at risk

A federal data breach notification law would provide much needed uniformity, says David R. Singh.

Editorial

Embracing the business of security

Taking a methodical approach to security, risk and governance planning must be part of the foundation of every organization these days, says Illena Armstrong, VP of editorial, SC Magazine.

Features New world of IoT, new risks

New world of IoT, new risks

The IoT isn't just about thermostats and internet-connected refrigerators, says Bruce Forman CISO, UMass Memorial Medical Center.

Advertise

Improving network operational efficiency

News Latest Flash Exploit being used to create drive-by ransomware attack

Latest Flash Exploit being used to create drive-by ransomware attack

A criminal enterprise well known for using malware-laced fake display ads is ramping up efforts by infecting dozens of popular websites using a recently patched Flash Player exploit to deliver the Angler EK in a drive-by style attack.

Advertise

Don't dump your perimeter security

Features Why Internet of Things matters

Why Internet of Things matters

Attack vectors multiply as more devices connect to enterprise environments, says IANS's Chris Poulin.

Features Skills in demand, May 2016

Skills in demand, May 2016

As more and more organizations encourage consumers and clients to visit their websites to conduct business or shop the application security engineer is highly sought after.

Features Me and my job: Joel D. Rader, solution architect, Radiant Logic

Me and my job: Joel D. Rader, solution architect, Radiant Logic

Me and my job: Joel D. Rader, solution architect, Radiant Logic

Features

Debate: Forensics staff will be replaced by robots.

Debate: Forensics staff will be replaced by robots.

Features Government surveillance from Caesar to Nixon

Government surveillance from Caesar to Nixon

Government surveillance is, however, not new, says Patrick O'Kane, barrister and compliance counsel.

Features Speak the board's language or get fired

Speak the board's language or get fired

A communication gap exists today between CISOs and the board of directors, says Feris Rifai, CEO, Bay Dynamics.

Features

Hot or not, this industry is still growing up

Even with all the hoopla, there are CISOs still having challenges, vendors that aren't meeting needs, and companies still giving security short shrift, says Illena Armstrong, VP editorial, SC Magazine.

Features Who owns information security risk in your organization?

Who owns information security risk in your organization?

Security is a business risk that needs to be understood and owned by your business leaders, says Jeff Brown, former technology risk officer, AIG.

Features Where are all the security pros?

Where are all the security pros?

IT security is finally becoming a priority - not only for IT professionals in every industry, but also for the C-suite, says Marcin Kleczynski, CEO, Malwarebytes.

Opinions Cyber Warfare - Who are you going to call?

Cyber Warfare - Who are you going to call?

If your organization is connected to the Internet, you are very likely engaged in cyber warfare whether you like it or not.

Opinions Me and my job: Karthik Rangarajan security engineer, Addepar

Me and my job: Karthik Rangarajan security engineer, Addepar

Me and my job: Karthik Rangarajan security engineer, Addepar

Debate

Debate» To automate or not? You must realize the limitations of your incident response technology.

Debate» To automate or not? You must realize the limitations of your incident response technology.

Opinions Apple vs. FBI: Too much to ask

Apple vs. FBI: Too much to ask

If Apple complies, the FBI would have the ability to compromise personal security when it wishes, says Ryan O'Leary, VP of Threat Research Center, WhiteHat Security. .

Opinions Apple vs. FBI: Comply!

Apple vs. FBI: Comply!

In cases where terrorist attacks are carried out state-side, it is vital that intelligence be obtained, says J.J. Thompson, CEO, Rook Security.

Opinions The new age of protection

The new age of protection

Effective detection is comprised of several parts, says Cyphort's Nick Bilogorsiy.

Opinions

We're off our game

Talk of attack prevention is antiquated, says Illena Armstrong, VP editorial, SC Magazine.

Sponsors

Five practices to shift the burden

Opinions Cross-border transfers: A vexing problem

Cross-border transfers: A vexing problem

It's anyone's guess what the outcome of the upcoming Brexit vote will be, but it could create significant turmoil, says IBM's Jon Wilkinson.

Features Me and my job: Mushegh Hakhinian chief security architect, Intralinks

Me and my job: Mushegh Hakhinian chief security architect, Intralinks

Me and my job: Mushegh Hakhinian chief security architect, Intralinks

Features

Threat of the Month: Executive staff/middle management

Threat of the Month: Executive staff/middle management

Features

Debate: Closing the security gap is a people problem.

Debate: Closing the security gap is a people problem.

Features Quantifying risk

Quantifying risk

Having a security awareness program in place can have an innumerable ROI.

Features Beyond the patch

Beyond the patch

Why retrospective data analysis is critical after a security breach.

Features Social media threats

Social media threats

With the use of social media, HR and IT must work together to ensure that both employees and company data stay secure.

Features

Health care horror stories...and cures

The health care industry must step up when it comes to addressing its steady stream of IT security risks, says Illena Armstrong, VP, editorial, SC Magazine.

Features Keeping the lights on!

Keeping the lights on!

Recently, there has been an increased intensity in scrutiny of the world's electric grids, says Edna Conway, CSO, global value chain, Cisco Systems.

Opinions Me and my job: Gina Chapman

Me and my job: Gina Chapman

Gina Chapman, senior director of security operations, Center for Internet Security

2 Minutes On

Mutiny on the bug bounty

Researcher Wesley Wineberg said he's been censured due to his participation in the Facebook bug bounty program.

Opinions

Threat of the month: February 2016

Threat of the month: Man-in-the-middle attack

Opinions

Debate: Cybersecurity information sharing allows network defenders to stay ahead of adversaries.

Debate: Cybersecurity information sharing allows network defenders to stay ahead of adversaries.

Opinions Right-sized surety training

Right-sized surety training

Security awareness training aims not only to impart information, but also to change behavior.

Opinions Securing open source

Securing open source

Open source code might be presumed mature, but could rely on technology developed a decade earlier.

Opinions Mitigating ransomware

Mitigating ransomware

Ransomware is a complex threat, but its impact can be lessened, says Thomas Gresham.

Editorial

Resolving to keep assurance commitments in 2016

New year commitments by the lone individual also could be adopted by the larger organization.

Opinions Establishing a pragmatic security program

Establishing a pragmatic security program

Many companies are establishing formal security programs for the first time or are seeking to optimize existing programs to improve the level of maturity.

Opinions Cloud myths debunked

Cloud myths debunked

Many organizations still hesitate to move to the cloud. Why?

Opinions

Let's just call it "The era of IT security"

This year has been marked by the almost daily occurrence of some information security-related incident or another.

Opinions What IT security can learn from the credit fraud paradigm

What IT security can learn from the credit fraud paradigm

We've all received a call at one point or another from the fraud protection departments of our credit card providers, telling us they've detected some suspicious activity on our accounts and would like to verify a few recent charges.

Opinions The Security Vulnerability You Can Prevent

The Security Vulnerability You Can Prevent

The Internet of Things is one of the world's fastest growing technologies. Unfortunately, it is also poised to become the fastest growing source of security vulnerabilities in the enterprise - but it doesn't have to be that way.

Opinions All Talk-Talk and No Action

All Talk-Talk and No Action

The latest cyber attack, a breach compromising the data of up to four million of Talk-Talk's loyal customers, is yet another in a growing line of pernicious cyber attacks against corporate infrastructure.

Opinions How vulnerable is the fingerprint scanner on your phone?

How vulnerable is the fingerprint scanner on your phone?

There are legal issues and technical vulnerabilties aound the use of fingerprint scanners on mobiles, hence, Anthony Neary says, it is vital to have a mix of solutions which enable maximum possible security.

Opinions Thwart email phishing

Thwart email phishing

While there is a regular discussion of how to prevent successful phishing attempts, one of the most successful approaches is ongoing employee training, says Colin McKinty, VP Cyber Security Strategy at BAE Systems Applied Intelligence.

News Skills in demand, November 2015

Skills in demand, November 2015

The demand for security DevOps engineers is growing.

Opinions Consultants: Pitfalls to avoid

Consultants: Pitfalls to avoid

many enterprises are turning to security consultants to perform assessments of their systems, says Michael R. Overly attorney, Foley & Lardner.

Opinions Demystifying an assurance fallacy

Demystifying an assurance fallacy

The one-throat-to-choke theory is a fallacy, says David Shearer, CEO, (ISC)².

Editorial

Pushing past shock and yawn

As mainstream users become more expectant of massive compromises of personal information, cybercriminals show no sign of giving up on using current tactics and finding new ones to steal data whatever their endgames may be.

Opinions Addicted to mobile technology?

Addicted to mobile technology?

Lena Smart, VP / CIO of the New York Power Authority, offers a few tips for freeing yourself from mobile addiction.

Opinions Lessons from the Experian hack

Lessons from the Experian hack

Experian breach is more than just another hack as cross referencing of data sets opens up even more scope for ciminal activity says Max Vetter

Opinions Is North Korea climbing to the top of the cyber-attack tree?

Is North Korea climbing to the top of the cyber-attack tree?

Pete Shoard asks how powerful are less developed countries such as North Korea when it comes to cyber-threats, and can it be regarded as a major player in cyber-warfare anyway for the impact it has achieved?

Opinions Security Threats are on the Rise: Is Your SAP Data Really Protected?

Security Threats are on the Rise: Is Your SAP Data Really Protected?

Instead of hoping for your end-users to make the right decision or your DLP solution to make the right guess, data protection solutions need to be context-aware.

Opinions Are SYNful Knock-style router attacks set to become the new normal?

Are SYNful Knock-style router attacks set to become the new normal?

In the wake of the SYNful Knock attack on its routers, Cisco should re-engineer its devices to prevent future attacks, says Raimund Genes.

Skills in Demand Skills in demand: Security engineer, identity management

Skills in demand: Security engineer, identity management

Skills in demand: Security engineer, identity management

Debate

Debate: What is the edge of IoT security responsibility? Will device-level security testing be enough?

Debate: What is the edge of IoT security responsibility? Will device-level security testing be enough?

Opinions U.S. must improve data laws

U.S. must improve data laws

Can U.S. data protection laws protect privacy and preserve tech innovation and intellectual property?

Opinions Canada stands against spam

Canada stands against spam

The impact of Canada's anti-spam legislation for companies big and small.

Editorial In the zone: Physical to network

In the zone: Physical to network

Containment solutions can help stop the spread of malware, says Bufferzone CEO Israel Levy.

Editorial

A disconnected walk in the woods

Our working hours may grow longer, more demanding and more exposed as the Internet of Things (IoT) continues its fast evolution.

Opinions Rethinking your IT leadership strategy

Rethinking your IT leadership strategy

Many organizations are also investing heavily to hire top-notch CISOs to fill the presumed leadership gap in security.

Opinions Cloud container assurance

Cloud container assurance

Organizations need a solution that is built for the container pattern, says John Morello.

Opinions How to counter the M&A cybersecurity threat: hint, don't use Twitter, email

How to counter the M&A cybersecurity threat: hint, don't use Twitter, email

A leak, a hack, or a simple mistake can blow up any M&A deal carefully crafted over months or even years, says Stephen Dearing.

Opinions Me and my job: David F. Katz

Me and my job: David F. Katz

David F. Katz, partner, Nelson Mullins

Opinions

Debate: Device manufacturers take a comprehensive approach to securing consumer products.

Debate: Device manufacturers take a comprehensive approach to securing consumer products.

Opinions The accountability gap

The accountability gap

As mobile and cloud dominate the future of the enterprise, security and accountability are falling through the cracks.

Opinions "Dead apps"

"Dead apps"

The mobile malware threat is mostly based on hype, not facts.

Opinions A complex approach = cost savings

A complex approach = cost savings

Companies can benefit by using a complex security approach, says A1QA's Aleksey Abramovich.

Editorial Defining a virtual act of war

Defining a virtual act of war

The questions regarding a more consistent reliance on offensive capabilities are concerning.

Opinions Standing before the board

Standing before the board

Public and media focus on data breaches and regulatory fees have dramatically deepened the focus on information security for executive boards.

Debate

Viewpoints: Why is there a lack of women in IT security?

Why is there a lack of women in IT security?

Editorial

Women in IT Security: Progress despite inequities

While we continue to make headway toward embracing a diverse workforce in the IT security field, we're still far from fully realizing this end.

Opinions 10 Reasons You Need to Test, Not Guess

10 Reasons You Need to Test, Not Guess

How you are securing your sensitive information should not be a guessing game

News

Top of the app charts - Shuabang: automated malware made in China

Shuabang companies in China sell installs and user ratings to app developers to help boost their profile, which is leading to new forms of malware, says Chema Alonso.

Features Women in IT Security: Ability and opportunity

Women in IT Security: Ability and opportunity

Invest in the talented women on your team, says Joyce Brocaglia.

Skills in Demand Skills in demand: Incident response manager

Skills in demand: Incident response manager

The need for experienced incident response professionals is outstripping the available supply of talent.

Opinions Me and my job: Mikel Draghici

Me and my job: Mikel Draghici

Mikel Draghici, principal mobile security specialist, Usher

2 Minutes On

Critic: NSA on a "very ugly path"

After 30-plus years as an official in the National Security Agency (NSA), William Binney has been speaking out about what he sees as the "very ugly path" his former employer, along with the FBI and CIA, are currently following.

Features

Threat of the Month: Cryptolocker

Threat of the Month: Cryptolocker

Features

Debate: The Pentagon's strategy to use cyberwarfare in conflicts with enemies is necessary.

Debate: The Pentagon's strategy to use cyberwarfare in conflicts with enemies is necessary.

Features Congress promotes sharing

Congress promotes sharing

Congress took significant action in April to address cybersecurity information-sharing efforts.

Features Hiring in information security

Hiring in information security

You can't hire quality information security talent the same way you hire customer service reps.

Editorial Information sharing at work

Information sharing at work

There's been quite a bit of lip service paid to the ages-old concept of information sharing, says Illena Armstrong, VP, editorial, SC Magazine..

Opinions Detecting and reducing counterfeit chips

Detecting and reducing counterfeit chips

Cisco Systems CSO Edna Conway calls for action to stop the risks of counterfeit or tainted information.

Opinions

Debate: Congress should mandate that the payment card industry adopt safer technology.

Debate: Congress should mandate that the payment card industry adopt safer technology.

Opinions To thine own self be true

To thine own self be true

Much needs to be done to convince boardrooms of the importance of information security.

Opinions IT only guards the front gate

IT only guards the front gate

It's time for a dramatic reimagining of how companies approach security.

Opinions Data exfiltration defense

Data exfiltration defense

A single solution won't stop data theft, says ADP's Roland Cloutier.

Editorial Trifecta 2.0: Trust, privacy and security

Trifecta 2.0: Trust, privacy and security

Trust directly correlates to our expectations of privacy, says Illena Armstrong, VP, editorial.

RECENT COMMENTS

Sign up to our newsletters

FOLLOW US