Here's a closer look at CipherCloud's Chief Trust Officer Bob West.
Experts debate whether the financial industry has a leg up in terms of their cybersecurity strategy when compared to other industries.
Even the most sophisticated, well-intentioned perimeter-focused cybersecurity strategy cannot possibly be 100 percent effective, says Oliver Tavakoli, CTO, Vectra.
Identity management has evolved rapidly over the past decade, says Jim Robell, president and COO, Eid Passport.
An ill-informed worker is a weak link that leaves a giant gap in your defenses, says SOHO Solutions VP Scott Aurnou.
Despite ongoing attacks against major corporations, not much is changing at the executive level, says Illena Armstrong, VP, editiorial, SC Magazine.
Hackers are finding new attack vectors to exploit and it is becoming harder for us "security professionals" to defend our organizations, says Zouhair Guelzim, CISO, L'Oréal Americas.
Aside from the many benefits native apps provide, enterprises face challenges they need to deal with to make sure they aren't exposed to the new security risks native apps introduce.
When it comes to healthcare security, if you think compliance is the only thing you need to worry about, think again.
On the whole, the recent steps taken by government are thoughtful and meaningful - and the attention to cybersecurity is overdue. But will they be enough?
One of Canada's intelligence agencies has been secretly monitoring file downloads across the world for years.
Canada's companies are ill-prepared to meet modern cybersecurity challenges, according to a survey by the Ponemon Institute.
If we can't stop breaches, then let's remove the incentive for hacking by devaluing the data, especially Social Security Numbers.
The Canadian government has introduced Bill C-51, an 'anti-terror' bill that will broaden the surveillance powers of government agencies.
How can security pros adapt and automate their own processes to support DevOps without the business being eaten alive from non-compliance, hacks and exposures?
The amount of information stored in our medical records creates a ripe environment for security breaches. The health care sector is in search of information security analysts.
In this month's issue we get to know more about Kristi Carrier and her role as the Quality Auditor at Nuspire Networks.
The increasing prevalence of mobile applications is exposing new security holes for businesses.
Enterprises are finding new ways to solve problems and extract value from data.
Every enterprise is susceptible to a breach, unless something changes, says Craig Shumard, principal of Shumard and Associates.
It's important to look at a few other practical takeaways from the headline-grabbing Sony attack.
Streamline your incident plan with clear IT security operational definitions and develop a detailed inventory of every asset within your network, says ViJay Viswanathan, CISO, HD Supply.
Psychological acceptability may not sound like a term that'll hold much significance for the future of secure file sharing, but don't sell it short.
Consider the main learning points from this event and count yourself lucky that you can learn at Sony Picture Entertainment's massive expense.
These two areas of the security space are sure to bring in some interesting changes in the new year.
Many states have laws today that require corporations and government agencies to notify consumers in the event of a breach - but it is not enough.
The wolf isn't at your door, it's inside. Ignorance is definitely not bliss. Just ask any of the regulatory agencies.
While most agree that corporate security needs to improve, a question still remains: Even with best practices in place, could the Sony debacle have been prevented?
With the growing connectedness of all things great and small, the need for trusted identities will take center stage in 2015.
It is now up to banks to self-regulate themselves or continue to deal with the pressing questions of concerned officials like Benjamin Lawsky.
2014 taught us that organizations cannot rest on their laurels. Security team needs to be in a state of hypervigilance. This is precisely why developing and implementing a proactive security plan will be a critical component of 2015 IT priorities.
As we predicted around this time last year, 2014 has seen more high-profile targeted attacks with motivations of stealing information. Here's what could be in store this year.
It was a tumultuous year with several interesting developments in computer security and the lack thereof.
Attackers are moving away from a "smash and grab" theft of credit card numbers towards the benefits accessible by waiting for "interesting" data.
In 2015, we will see the rise of targeted defensive security solutions that are accurate, scalable and lack the need for the coddling hand of security experts.
While we can expect to see the return of some of the issues we faced in 2014, there are still a number of new threats that we need to be aware of in the year to come.
We still need more education in place, especially when it comes to building awareness of cyber hygiene among the general public.
Security teams must spend 2015 preparing for a world of wearable, portable, smart tech that is as promiscuous in its data sharing as it is varied in its form factor.
A year of continuousl breach and surveillance headlines shook both enterprise and consumer confidences and is driving more urgent security discussions.
Big Data just keeps on getting bigger and bigger. It's almost like Moore's Law. And...it has a domino effect.
This holiday shopping season, many retailers have two goals in mind - make record-breaking sales and don't get breached.
Burden of proof should grow heavier as request for access grows more sensitive.
2015 is setup to be one of the most dangerous years for not only your PC but also your mobile devices and cloud storage.
Based on the course of events that we've seen over the last year, and how the market is responding, here are some of the security trends that we will see over the coming 12 months.
From Heartbleed to WireLurker, we certainly had our hands full. Here are some other trends from 2014 and predictions for the coming year.
As we approach the time of year when all the security gurus bring out their crystal balls, we should also focus on the improvements made in 2014.
Part of my role requires me to ask questions that an auditor might. This is especially true when it comes to compliance, why it matters, and how it makes a difference.
Cooperation is required to advance the profession, says Towerwall's Candy Alexander.
Experts debate whether or not organizations should consider hiring hackers with a criminal past.
For this year's annual Reboot edition, we took the opportunity to look back not just on the last 12 months, but the last 25 years SC has been entrenched in the information security space.
The reality of ubiquitous reliance on ICT has given rise to the criticality of cyber security, says Cisco CSO Edna Conway.
Should we rush out signatures for this latest version of malware, or should we take a step back and figure out how to focus our technology and security operations around identifying attackers before they wreak such havoc?
Network security today has similar defensive problems to those posed to American Colonial population centers. Here's why...
As hackers become more advanced, our security methods also have to evolve and become more secure so that we aren't just giving our information away.
The primary challenge to secure payment card data is that too many involved see the PCI DSS as a panacea for every risk in the marketplace.
The Internet of Things requires a new way of thinking and acting, one that will protect a business and help it grow.
It's easy to get hung up on discussions around chip-and-pin, malware and network segmentation, and in the process lose sight of the broader trends that underlie many breaches.
If organizations are looking to raise their security profile, they should certainly examine these commonly overlooked areas.
A Canadian federal bill that would force companies to notify individuals of breaches moved a step closer to being law in October.
British Columbia's provincial government is notifying 15,000 individuals after a privacy breach in its Wildfire Management Branch.
Canada's RCMP cannot tell whether it complies with federal privacy law when gathering information about citizens without a warrant, according to a report.
Everyone involved with vendor management should now develop a common, collaborative security strategy.
This incident gives the industry hope that proactive measures can stop an attacker before a breach drives catastrophic results.
This year has been so bad for merchant data breaches that the president felt the need to ensure that the government would offer itself as a more safe and secure place to do business with.
Threat of the month: Bash bug/Shellshock
Good news for those industry pros that specialize in biometric security...you're in demand.
This month, we get to know Marisa Faga, Bugcrowd's director of crowd operations.
Industry experts debate whether organizations should or should not pay a cyber ransom to miscreants.
As mobile devices are further integrated into networks, organizations will have a critical need to implement end-to-end security solutions.
Edward Snowden has the same broad access and privileges that many employees in similar positions have at almost every business.
With parameters, new tech can help your business, says McAfee's Jonathan Fox and Tyson Macaulay.
Some experts contend that a reason for the seeming decline in IT security spend is that it is now becoming a pervasive part of everyday corporate operations.
Successful CISOs need to master more than system security to make their companies competitive and improve their own job security.
Modern mobile hacks are diverse and can be performed by anyone, from an inexperienced amateur to highly skilled teams operating like tech startups.
Bring the insider issue into the light and focus on culture change, says PSCU's Gene Fredriksen.
This Hallows Eve might be a good time to remind ourselves that zombies can be just as deadly, and I'm referring to recycled tools and techniques from years gone by.
Major retailers are falling prey to massive credit card information heists, despite spending millions on cyber security systems.
When it comes to enterprise security, one rule remains constant - attacks will continue to increase in sophistication and attackers will seek to outmaneuver existing defenses.
While it may seem like 2014 is the year of the vulnerability, in reality, this year has not been much different than years past.
It's clear that vulnerabilities continue to exist, despite our best efforts to combat them. In fact, we have addressed many of the same problems before.
As new solutions emerge, it's critical for organizations to protect themselves by being informed, aware, and acting whenever possible. Those that don't take action are playing a very dangerous game.
We are now in the fast lane towards a driverless future. Will we have to brake for hackers?
Alberta Health Services is apologizing following a data breach at Alberta Children's Hospital.
A Canadian is leading a $500 million class-action lawsuit against Home Depot following its data breach in which up to 56 million US and Canadian credit cards were stolen.
Students at the University of British Columbia have been warned that their personal information may have been exposed thanks to a software bug.
Despite big responsibilities compounded by a string of headline-grabbing data breaches, the skies are looking brighter for CISOs.
It will continue to be a year where companies need to focus on how their employees interact online.
A cyber liability policy covers first-party liability (property and theft) and third-party liability (privacy and data security).
We catch up and learn a bit more about Michael Canavan, senior director, systems engineering, Kaspersky Lab North America.
Chris Weber, co-founder, Casaba Security, and Geoffrey Vaughan, security consultant, Security Compass, go head to head on the use of password managers in the enterprise.
It's possible to safely manage the security risks posed by BYOD, says Anders Lofgren at Acronis Access.
Active security thinking ensures that we don't simply perpetuate security folklore.
Security leaders must create visible value for the organization, says Unisys's Francis Ofungwu.
The Internet of Things promises so much. And so the question arises, how are we going to keep all this 'stuff' safe and secure?
Our networks are our field; no one knows our network better than us, the people who maintain it. We need to use that to our advantage.
The breach shaming trend impedes forward progress in preventing such incidents in the future and leaves consumers worrying without educating them.
Canada's foreign spy agency mishandled information on private communications that it had collected by mistake, according to the most recent report by a government watchdog.
Canada's National Research Council has written to partner companies informing them of a breach of its cybersecurity systems.
A Canadian ISP has been identified as the source of a cryptocurrency hack that stole $83,000 over four months.
This month we get to know Chris Sullivan, vice president of advanced solutions at Courion.
Sign up to our newsletters
SC Magazine Articles
- State breakdowns: Anthem breach by the numbers
- Malware on Lime Crime website, payment cards compromised
- Botnet of Joomla servers furthers DDoS-for-hire scheme
- Bug in popular WordPress plugin opens up websites to SQL injection attacks
- Report: Majority of health-related websites leak data to third parties
- State breakdowns: Anthem breach by the numbers
- Carbanak APT campaign made off with $1B from banks globally
- NIST requests final comments on ICS security guide
- Disconnect yawns between CISOs, exec leadership, study says
- Microsoft phishing emails target corporate users, deliver malware that evades sandboxes
- Infections caused by prevalent financial trojans dropped 53 percent last year
- Spammers leverage DMARC to more successfully distribute ransomware
- Laptop stolen from employee contained data on Pioneer Bank customers
- In growing market for genetic data, privacy implications prove lasting
- Natural Grocers investigating unauthorized access to POS systems