IT Security Opinions | SC Media

Opinion

Data Ethics – What Would You Do? Step Up or Step Away

On the ABC show “What Would You Do”, the show captures how people react when witnessing ethically challenging situations. Do they follow their moral compass and step up and say something or do they remain silent and “step away”? I suggest in today’s world where business interests all too often outweigh users’ rights and privacy;…

Why 2019 will prove biometrics aren’t a security “silver bullet”

Over the past decade, technology giants like Microsoft, Google and Apple have been raging an all-out war against the use of passwords with new applications for biometrics. First came the emergence of fingerprint readers on smartphones, designed to replace PIN codes. Next came Windows Hello, allowing users to log into their computer by simply looking…

Building protections from within for 2019

2018 was an interesting year for Insider Threat. While most CISOs were already painfully aware of the risks posed by insiders – both malicious and inadvertent – the public has a growing understanding of how business can suffer because of employee misbehavior. In a well-publicized case filed in the Northern District of New York, an…

Top five application security pitfalls to avoid

What are the common perils and pitfalls CISOs should consider when investing in corporate application security and Application Security Testing (AST)? Spending without holistic application inventory Shadow and legacy web-based systems, abandoned web services and APIs, expired SSL certificates, and unprotected cloud storage (e.g. AWS S3 buckets) adversely affect even the vast majority of FT 500…

The death of the VPN – It’s time to say goodbye

Virtual private networks, VPNs, have often been referred to as the “backbone of the enterprise network.”  This is a bold statement to make about a technology that essentially hasn’t changed in almost over two decades.  And yet, a VPN’s ability to offer employees, third parties and even customers “secure” remote access into enterprise applications and…

Will PSD2 Finally Kill The Password?

The EU Payment Services Directive (PSD2) will revolutionize consumer authentication. Passwords have been dying a slow death for a while, but PSD2 is likely going to deal the final death blow. Can we all say, “hip hip hooray?” For those who feel that this is just an issue for the European market, think again. The…

Improve cybersecurity program reporting with time-based metrics

As executives allocate an increasing amount of funds to security efforts, they want tangible evidence that their investment is worthwhile. However, this poses a challenge for security teams because when programs are successful, there’s often nothing to report, such as data breaches, email outages, loss of service, or locked out users. This makes it hard…

Inside Security: Plan for That One Unintended Click

By Jason Lamar, Sr. Director, Product Management, Security Business Group, Cisco What’s at the top of the food chain when it comes to security breaches? People. And, no amount of security awareness training can completely protect an organization against a phishing attack. Even the most security-conscious end user can accidentally click on a suspicious link…

Next post in Opinion