Opinions The cool factor: New tech in banking has an edge

The cool factor: New tech in banking has an edge

Disruption is expected; financial crime should be, too.

Opinions Me and my job: James Hill senior security architect, Consolidated Data Services

Me and my job: James Hill senior security architect, Consolidated Data Services

James Hill senior security architect, Consolidated Data Services (CDS), discusses his role at his organization.

Threat of the Month Threat of the month: Linksys router zero-day

Threat of the month: Linksys router zero-day

This month's vulnerability is currently being exploited by a worm known as "TheMoon."

Debate

Debate: Should Edward Snowden be granted amnesty?

In this month's debate, experts discuss whether whistleblower Edward Snowden should be granted amnesty.

Opinions Ahead in the cloud

Ahead in the cloud

Growth businesses are always looking for flexible ways of working that reduce capital and running costs, while securely delivering the data users need, when and where they need it.

Opinions Data archiving benefits

Data archiving benefits

Many CIOs are still unsure what role governance should play in their data archiving strategy.

Opinions Changing the business culture

Changing the business culture

Recent breaches prompt a new emphasis on education and corporate culture, says Allegis Capital's Bob Ackerman.

Editorial Can good come from bad news?

Can good come from bad news?

Despite the bullishness around information security planning and budgeting seen in the results of our survey, we're still seeing breaches like those experienced by Target

Opinions Strengthen links in the supply chain

Strengthen links in the supply chain

Watching highly publicized supply-chain disasters unfold, we shake our heads in disbelief - but what supply chain risks are you taking today that would be difficult to defend tomorrow?

Opinions It's not the breach that kills you, it's the cover-up

It's not the breach that kills you, it's the cover-up

It's how you handle yourself during and after a breach that will determine just how detrimental the breach actually is for your organization.

Opinions Building security around Bitcoin

Building security around Bitcoin

Similar to building a multi-layer security strategy for a business, before deciding what security controls should be implemented to protect Bitcoin transactions, we first need to identify the targets.

Opinions The great IT and mobile user peace treaty

The great IT and mobile user peace treaty

The average consumer has 40 or more apps installed on their mobile device, many of which they use to do their jobs, whether IT has sanctioned its use or not. The problem is that creates a "shadow IT" system.

SC Canada

Health law needs reform, says provincial privacy watchdog

The Albertan Information and Privacy Commissioner has formally asked the government to amend the province's Health Information Act with mandatory breach reporting and notification measures.

SC Canada

Well.ca security not that well, letter reveals

Well.ca, an online store selling health and beauty products, exposed names, addresses and credit card details for some of its customers in December, it admitted last month.

SC Canada

Canada signs Wedge Networks to secure government data centers

The Canadian government has hired Wedge Networks, a provider of cloud-based security services, to secure its computing infrastructure.

Opinions Me and my job: John Gibson, senior IT security officer, tTech Ltd.

Me and my job: John Gibson, senior IT security officer, tTech Ltd.

John Gibson discusses the challenges and rewards of his security role at tTech Ltd. as the senior IT security officer.

Threat of the Month Threat of the month: Java vulnerabilities

Threat of the month: Java vulnerabilities

For March's threat of the month, Secunia's Kasper Lindgaard believes Java vulnerabilities should be at the top of everyone's radar.

Debate

Debate: The Internet of Things is an enterprise problem

In this month's debate, experts discuss the possible issues that the Internet of Things presents for the industry.

Opinions Beyond the hype of industry trends

Beyond the hype of industry trends

Cloud computing is becoming a reality that will need to be addressed by every security department.

Opinions Mobile: Behind the headlines

Mobile: Behind the headlines

Has mobile malware changed through time as dramatically as the headlines might imply?

Opinions Time for a charge card overhaul

Time for a charge card overhaul

We've all been breached, but there are steps we can take to evolve the system, says security strategist Dan Srebnick.

Opinions The fallacy of targeted attacks

The fallacy of targeted attacks

It's time to admit that the bad guys can always make a first move, says Damballa's Manos Antonakakis.

Editorial Online safety for kids of all ages

Online safety for kids of all ages

In the aftermath of the Target breach, there is a huge need for all the people who are engaging with technology to understand more about cyber threats and ways they can account for these before and after something goes down.

Opinions Driving the mission forward

Driving the mission forward

The needs of the organizations we protect are complex and the response required due to the criticality of the services we provide tends to put our multi-faceted operations in a state of flux, says Roland Cloutier, CSO, ADP.

Opinions A perfect time for cyber crime

A perfect time for cyber crime

Two things needed to become widely available for cyber criminals to further expand the threat landscape - a network infrastructure that allows them to operate under the radar, and currency that would let them conduct commerce anonymously.

SC Canada

Canadian spies defend airport data collection

Canadian intelligence agency officials defended themselves at a Senate hearing early in February, after it was revealed that they had collected data on passengers travelling through Canadian airports via Wi-Fi access points.

SC Canada

Canadian Commissioner calls for privacy overhaul

The Canadian government should overhaul privacy legislation and reign in intelligence agencies to reflect a changing security landscape, its Privacy Commissioner told parliamentarians in late January.

Opinions A case for opportunistic encryption on the web

A case for opportunistic encryption on the web

The best aspect of opportunistic encryption is in the fact that it can be built into our infrastructure and deployed transparently for everyone.

Opinions Me and my job: Mat Gangwer, security architect, Rook Security

Me and my job: Mat Gangwer, security architect, Rook Security

We take a look inside the professional world of Mat Gangwer, security architect at Rook Security.

Threat of the Month Threat of the month: Government agencies

Threat of the month: Government agencies

The continued leak of classified government intelligence documents by Edward Snowden draws into question the balance of offensive and defensive capabilities of governments.

Debate

Debate: Big Data for security analytics is ready for prime time.

In this month's debate, experts discuss the importance of Big Data analytics in the industry today.

Opinions The need and the challenge

The need and the challenge

Let's agree on a definition of the term "security" and move forward from there, says AT&T's Chris Mark.

Editorial All apologies as they drain you again

All apologies as they drain you again

Following revelations of a massive breach during the holidays, Target announced it will be investing some $5 million in a cyber security coalition, researching cyber crimes and then educating us, the masses, about ways we can avoid becoming victims.

Opinions Getting ahead of new threats

Getting ahead of new threats

There are six security threats all businesses should be aware of for 2014, says ISF's Steve Durbin.

Opinions Surveillance data: All eyes on you

Surveillance data: All eyes on you

With the advent of nearly omnipotent video surveillance, the age-old saying "a picture is worth a thousand words," scares me more today than it ever has.

Opinions Security, Gangnam style

Security, Gangnam style

Asian nations are producing nurturing communities of security professionals that are more prepared to deal with a rapidly changing environment.

Opinions

Bitcoin payments pose security challenges for brick and mortar merchants

The benefits of cryptocurrency for consumers are well known, but there are also some downsides that must be addressed.

Opinions Fuzzy math: The need for a national cyber breach notification standard

Fuzzy math: The need for a national cyber breach notification standard

Although some progress has been made in the availability of data, we are far away from having the transparency required for risk management.

Opinions

Ethical challenges of the Internet of Things

We knowingly, and sometimes unknowingly, interact with the Internet of Things on a daily basis in both our professional and personal lives.

Opinions Mobile access: It's not just about calendar and email anymore

Mobile access: It's not just about calendar and email anymore

The mobile workforce - no longer satisfied with limited access - wants access to all the applications and data needed to perform all job tasks from a multitude of personal mobile devices, anywhere, anytime.

Opinions Prepare for mobile threats in 2014

Prepare for mobile threats in 2014

As mobile devices are further integrated into networks, organizations will have a critical need to implement end-to-end security solutions that offer comprehensive security to provide a multi-layered security solution.

Opinions The lessons of Bletchley Park

The lessons of Bletchley Park

The cyber threat landscape has always been in flux and will continue to evolve. However, it seems the pace of change has increased significantly in the past few years alone.

Opinions Why wasn't healthcare.gov security properly tested?

Why wasn't healthcare.gov security properly tested?

Anyone designing a new system such as this should take security into account from the beginning. The amount of personal information that could be harvested by any breach is truly alarming.

Opinions Ways to avoid a multi-million dollar security disaster

Ways to avoid a multi-million dollar security disaster

From Adobe to Facebook, security breaches continue to be top-of-mind for both companies and users, and organizations around the globe are all wondering if they are next in line to deal with a breach of their own.

SC Canada

BlackBerry founder steps back from takeover

A regulatory filing indicated that BlackBerry founder Mike Lazaridis sold more than $26 million of stock in his former company.

SC Canada

Spy agency admits "incidental" interception of Canadians' information

The Communications Security Establishment Canada (CSE) has admitted that it "may incidentally intercept Canadian communications or information."

SC Canada

Authors unite against electronic surveillance

Some of Canada's best-known authors - including Margaret Atwood, Yann Martel and John Ralston Saul - added their names to an online petition condemning mass surveillance by governments and corporations.

SC Canada

Federal Court judge denounces spy agency's methods

Federal Court of Canada Judge Richard Mosley has slammed the Canadian Security Intelligence Service (CSIS).

Opinions Hacker economics: Opportunity costs and attacker attention spans

Hacker economics: Opportunity costs and attacker attention spans

When we think about criminal hackers, we picture a techie who lives and breathes code. But more recently, another picture comes to mind. When you get right down to it, hackers are people, too.

Editorial Yes, Virginia, there is privacy (I hope)

Yes, Virginia, there is privacy (I hope)

Privacy, as some of us once knew it, is a thing of the past, says Illena Armstrong, VP, editorial, SC Magazine.

Opinions Me and my job: John Dickson, principal, Denim Group

Me and my job: John Dickson, principal, Denim Group

This month's "me and my job" focuses on John Dickson, principal at Denim Group.

Debate

Debate: More guidance on security career opportunities

In this month's debate, experts discuss whether more guidance on security career opportunities for youths will alleviate the skills gap.

Opinions Rx for medical devices

Rx for medical devices

Network-connected-and-configured devices can be infected by malware that provides access to patient data, monitoring systems and implanted patient devices.

Opinions Protect digital identity

Protect digital identity

As more and more organizations fall victim to data leakage, it seems that as long as no financial data is compromised, consumers seemingly don't care.

Opinions Data protection in the dark

Data protection in the dark

The malicious insider or outsider does not stop on the first attempt, says Verdasys' Peter Tyrrell.

Opinions Privacy needs more than technology

Privacy needs more than technology

I enjoy conducting security awareness training as it allows me to emphasize the importance of security to the organization, says David Sheidlower, CISO, Health Quest Systems.

Opinions Protecting the data about data

Protecting the data about data

It has been said that encryption simply trades one secret (the data) for another (the key). In the same way, encrypting data naturally shifts attention to that which is not protected: the metadata.

2013 Reboot Viewpoints Five highly unofficial IT security predictions for 2014

Five highly unofficial IT security predictions for 2014

While year-end security predictions generally fail at accurately predicting much that wasn't an already a foregone conclusion, they're really more about we know right now, and there is value in that.

Opinions Big Data and security analytics collide

Big Data and security analytics collide

Big Data will become "The next big thing" - a critical re-evaluation and re-tooling of our analytical abilities. This is not about being able to query more data, but being able to query all data.

2013 Reboot Viewpoints A growing threat: Privileged user abuse

A growing threat: Privileged user abuse

Chief information officers across the country are keenly aware of the threat not only to their intellectual property, but ultimately to their bottom line.

Opinions Vint surfed the wrong wave

Vint surfed the wrong wave

Vint Cerf's recent comment about privacy being an anomaly and a challenge that is too difficult to implement is unacceptable.

Opinions Look beyond the features when it comes to security

Look beyond the features when it comes to security

While information is crucial to improving an organization's posture in the marketplace, it also creates a centralized target for cyber criminals which may result in destructive data breaches.

2013 Reboot Viewpoints DevOps: Today, tomorrow and secure

DevOps: Today, tomorrow and secure

Will 2013 be remembered as the year that DevOps accelerated into the IT mainstream or became just another trend that died in the "hype cycle"?

SC Canada

Suicide attempt leak sparks controversy

Ann Cavoukian, the province of Ontario's Information and Privacy Commissioner, has pledged to determine how the personal information of a disabled Toronto woman reached the hands of U.S. Customs and Border Protection (CBP).

SC Canada

Government sets date for new anti-spam legislation

Canada's new anti-spam law, which was passed by Parliament in December 2010, will come into force on July 1.

SC Canada

Advanced technology guards the evidence

A new, cutting-edge forensic evidence center in Toronto is protected by technology as advanced as scientists apply to their work inside its labs.

SC Canada

Supreme Court rules on computer data privacy

Data on a hard drive is not equal to the same material stored in a filing cabinet, according to the Supreme Court of Canada.

2013 Reboot Viewpoints 2014: The year that security becomes strategic to the business

2014: The year that security becomes strategic to the business

There are signs that indicate that in the year ahead, we will see more companies develop a proactive, strategic security program and supplant the traditional notion of "achieving compliance" as an equivalent to security.

2013 Reboot Viewpoints Sensitive data management in the coming year

Sensitive data management in the coming year

Based on the increasing volume of data businesses now manage, and the growing capabilities of cyber criminals, certain scenarios will become commonplace in 2014.

2013 Reboot Viewpoints A few security considerations for 2014

A few security considerations for 2014

Again, it's the time for the annual "doom and gloom" security outlook for the coming year. Understandable, when after a busy season of attacks it seems likely that next year will only bring worse.

2013 Reboot Viewpoints Harnessing data, cloud applications, and mobility in 2014

Harnessing data, cloud applications, and mobility in 2014

I'm not a big predictions guy. I don't own a crystal ball, though I have been known to ask questions of my daughter's "Magic 8-Ball" on occasion. When it comes to enterprise IT, however, I do have some strong opinions about what 2014 will bring.

Opinions All I need this season is cyber security

All I need this season is cyber security

With this year's holiday season here, online retailers should be focused on preparing their networks for increased traffic as well as protection from cyber threats.

2013 Reboot Viewpoints The evolution of security and challenges that come with it in 2014

The evolution of security and challenges that come with it in 2014

As if 2013 was not exciting enough in the world of cyber security, 2014 will continue to keep us on our toes.

2013 Reboot Viewpoints Your iPhone as an attack vector and other coming attractions

Your iPhone as an attack vector and other coming attractions

We will not only see a new level of where the bad guys will target but how and what they are attacking, namely hardware. Here are the areas which deserve attention in 2014.

2013 Reboot Viewpoints Biometrics alternatives coming next year

Biometrics alternatives coming next year

The use of two-factor authentication, along with advancements in 3-D camera and facial recognition technology, will soon come together as one.

Opinions Computer forensic examiners are in demand

Computer forensic examiners are in demand

The need for computer forensic examiners (aka "CFE") is on the rise.

Opinions Me and my job: Alexandru Catalin Cosoi, chief security researcher, BitDefender

Me and my job: Alexandru Catalin Cosoi, chief security researcher, BitDefender

BitDefender's Alexandru Catalin Cosoi discusses role and what he'd like to see occur in the security space.

Threat of the Month Threat of the month: Domain hijacking

Threat of the month: Domain hijacking

December's threat of the month is domain hijacking, a popular attack technique that takes over major domains.

Debate Debate: Biometrics on Apple's iPhone 5s evolves security of personal devices

Debate: Biometrics on Apple's iPhone 5s evolves security of personal devices

In this month's debate, experts discuss whether the biometrics on Apple's iPhone 5s will evolve the security of personal devices.

Opinions Combatting insider threats

Combatting insider threats

We must stop the insanity by focusing on the data and controlling privileged user access.

Opinions As the network shifts

As the network shifts

The right form of network security can - and will - support continuous monitoring and network security management initiatives.

Opinions Eliminate mobile app threats

Eliminate mobile app threats

Don't hang your hat on enterprise app store security, says Jack Walsh at ICSA Labs.

Editorial In search of some cheer

In search of some cheer

Like no other year before it, 2013 illustrated for the entire globe just how essential cyber security is to business endurance, economic durability and personal rights to privacy.

Opinions The changing face of data protection

The changing face of data protection

Information security personnel are challenged with protecting company reputation and enterprise and customer data from a constant and expanding barrage of cyber criminals.

Opinions Threat intelligence starts with the human element

Threat intelligence starts with the human element

A strong cyber threat intelligence program should include proactive analysis of network traffic, testing of theories based on our understanding of human behavior.

Opinions We are data and data is property

We are data and data is property

As long as we treat personal information as property, we are faced with an unavoidable dilemma. If we are data and data is property, then we may become property.

SC Canada

Canada's banking regulator schools firms on cyber security

Canada's banking regulator has issued a set of cyber security guidelines for financial institutions, warning that banks must be on the lookout for online fraudsters.

SC Canada

Canadian Liberals introduce spy watchdog bill

Canadian lawmakers are seeking to legislate more oversight of Canada's secretive spy agencies, arguing that citizens don't know enough about what they're doing.

SC Canada

Canadian federal privacy scorecard worst yet, says Commissioner

Canadian government agencies hit an all-time high for privacy complaints and data breaches this year, according to the annual report from the federal Privacy Commissioner.

Opinions Don't forget forgotten passwords

Don't forget forgotten passwords

One issue with password systems has always been the 'reset' problem: what to do when a user forgets their password.

Opinions What the Tesla fire can teach security pros about DDoS

What the Tesla fire can teach security pros about DDoS

The Tesla fire does not have anything to do with DDoS attacks, but there is one valuable lesson to be learned: Organizations could be better prepared to perform like a Tesla on fire when they face a DDoS attack.

Opinions Me and my job: Jesse Bowling senior information security engineer, American University

Me and my job: Jesse Bowling senior information security engineer, American University

The time and energy to optimize a service or process is often seen as an unaffordable luxury, says Jesse Bowling senior information security engineer, American University.

Threat of the Month Threat of the month: IE zero-day vulnerability

Threat of the month: IE zero-day vulnerability

This month's threat of the month is the major zero-day vulnerability that affects Internet Explorer versions 6 through 11.

Debate

Debate: The NSA's mission to crack encryption upholds national security

In this month's debate, we received a number of responses to our debate topic this month, which covers the NSA's attempts to crack encryption methods.

Opinions CSOs should report to the CEO

CSOs should report to the CEO

CSOs need to be able to function at the highest levels of an organization while not being tethered to a specific department or operational function.

Opinions SMBs: Easy targets

SMBs: Easy targets

The first step toward better protecting an organization is to learn how cyber attacks work.

Opinions The coming Internet of Things

The coming Internet of Things

We don't need to make the same mistakes of the first generation of PCs and servers, says the SANS Institute's John Pescatore.

Editorial Moving on up

Moving on up

Most agree, CISOs are at a crossroads now, says Illena Armstrong, VP, editorial, SC Magazine.

Opinions Beyond the hype on Big Data

Beyond the hype on Big Data

Using Big Data for security is the "new hotness," says Holly Ridgeway, SVP and CISO enterprise systems at PNC.

Opinions Cloud addiction: At what point does the elastic snap?

Cloud addiction: At what point does the elastic snap?

Why does the lure of the cloud tempt businesses to put ever more sensitive data at risk? Richard Moulds, VP of strategy at Thales e-Security examines the situation.

Sign up to our newsletters

POLL