Infosecurity Opinions
Shrinking the Exploding Attack Surface
Nowadays, it seems that no organization is immune from being hacked; and governments globally are recognizing the need to invest heavily to protect vital services and infrastructure. However, today’s security models are not completely flawed; they are, perhaps, naïve.
Design Vulnerabilities: They Hide and You can’t Catch Them
Exploiting memory-corruption bugs to compromise computers and gain access to organizations is all too common and relatively simple. But what we haven't heard much about are so-called design vulnerabilities in operating systems or other software that can provide other avenues of attack into an organization's network.
Thin Clients and Isolation; is the Future of Computing off the Desktop?
The future of computing, at least personal computing, has been showing signs of weaning away from the traditional desktop for quite some time now.
How Psycholinguistics helps you Spot Potential Danger to your Company Before it’s too Late
How can you tell if someone going through a personal crisis poses a threat to your company? Is a disgruntled employee about to steal sensitive data or sabotage one of your key systems?
Bangladeshi Bank Hack – Firewalls, Fat Fingers and ‘Fandation’
The Bangladesh bank’s naïve approach to managing a firewall was made worse by the use of second-hand routers to connect their internal systems to the global financial networks.
The First 48 Hours: How to Respond to a Data Breach
The first few hours after a breach are critical in asserting control of the situation and, as such, businesses must have a comprehensive incident response plan in place that enables them to react immediately should the worst happen.
It’s Time to Stop Relying on Passwords to Protect Our Information Online
Mass adoption of mobile devices around the world means organizations can implement more robust, two-factor or multi-factor authentication systems without having to worry about the high cost of providing the devices to consumers themselves.
Teaching Users to Practice “Safe IT”
The subversion of IT by users introducing applications, which are not formally provided by IT - whether deliberate or accidental - presents a management and support challenge to the IT department and a potential security risk to the organization as a whole.
BYOD? More like “Bring Your Own Divide"
Basic first steps will go a long way in making BYOD a credible, transparent and, most of all, secure way to work.
How to Keep Passwords from Failing the IT Security Industry
Perhaps it is time for a rethink about the way in which passwords are handled within organizations.
Branding Security Issues – Curse or Blessing?
With so little substance, do vulnerability awareness campaigns help or hinder IT professionals in their approach to security?
SSH Key Management: What To Focus On Now
The awareness of the importance of proper management of SSH user keys is growing, but confusion still abounds within organizations.
Commercial Security Systems for the Digital Age
The best commercial security systems will be a step ahead of the people who are trying to breach the security systems in question.
The Internet of Toys: How Young Is Too Young to Bombard Our Children with the IoT?
For these children, the Internet of Things (IoT) isn’t a ‘brave new world’, it’s the only reality they know
Next Step Security – How to Defend Against Perimeter Breaches
Alex Winterflood, solutions architect, MTI Technology, outlines the benefits of network micro-segmentation and how this new approach is set to change the security landscape by enabling granular-level protection if a hacker breaches the perimeter.
Barbarians at the Gate - Shoring Up Web Application Defenses with Client Reputation
Adding client reputation monitoring to a cloud security strategy not only helps stop malicious attacks at the source, but also provides the security intelligence needed for improved security decisions and risk evaluation.
Securing your Personal Entry Points
Perhaps it is time to treat each member of staff as an individual local area network (LAN).
How to Address the Cybersecurity Resourcing Challenge
Many businesses are ill-equipped to address disruption of networks, attacks on infrastructure, DDoS attacks and theft of personal data, leaving them vulnerable to hackers.
Threat Hunting: Root out the Bad Guys Before it’s Too Late
With cybercrime high on the agenda for many, IT professionals have spent too much time and energy discussing the causes, methods and impact of data breaches
