Infosecurity Opinions
Looking Past the ‘APT’ Hype to Defend Against Today’s (Actual) Advanced Threats
Much of the work in threat protection is focused on helping employees recognize and avoid sophisticated phishing attacks.
Life Sciences Information Security
A Broad Overview of the Unique Challenges Serving Biotech, Pharma and Academia.
Protecting the New Perimeter
Ultimately, recognizing the new perimeter and managing identities with SSO and provisioning will provide businesses with a better way to secure and control the magnitude of users, devices and applications that span traditional company and network boundaries.
Static Code Analysis Tools for Bulletproof Software Security
Manual security reviews are useful, but humans are humans after all, and they just aren't capable of finding every security hole within a large or even midsize application.
Could a Weak Link in the Chain Hamper Retailer Implementation of PCI DSS Version 3.2?
Application of the PCI DSS’s latest system is not a quick fix, but a means to an end.
Overcoming Application Security Challenges
The majority of strategic business processes are supported by software applications, so why does application security continue to receive less budget and attention than network security?
Is Compliance Bad for Security?
Standards are a security bar for organizations to meet through compliance. Arguably their value is in the reassurance they provide stakeholders that a baseline of reasonable security measures is in place. But what if compliance is faked?
A Moving Target: Why SMEs need Threat Intelligence
Justifying security spend can be challenging as a SME: there are limited resources, you’re trying to defend against an unquantifiable range of threats, and there are plenty of other aspects of the business to invest in that can give tangible results.
Communications Security Beyond the Turret
What was once a system based on a digital time-division multiplexing (TDM) architecture has turned into a high-tech Internet Protocol (IP) based work center
Who is Responsible for Cybersecurity Within Your Organization?
Don't underestimate the need for clear guidance on who should do what within an organization.
Security from the Ground Up: The Need for Data Classification
Governments, businesses large and small, and even private citizens worry over how to keep their digital assets out of the wrong hands.
The Service Desk: The Unsung Hero of IT Security
Estimates suggest that the gap between a data breach and discovery is somewhere in the region of 80 and 200+ days, depending on whose research you’re reading.
Regular Check-ups: Pentesting-as-a-Service
Penetration testing needs to be performed much more frequently than it is today by most organizations, and that requires a new type of service offering: ‘pentesting-as-a-service’.
Machine Learning – Keeping Us One Step Ahead of Fraudsters
While it is clear that machine learning has a lot to offer to financial institutions and merchants in an effort to detect and prevent fraud, the approach does have its limitations.
Why Weakening Encryption Could be Throwing the Baby Out with the Bathwater
Should communications providers be legally forced to break their own security when required, even if they must fundamentally change the way their encryption works in order to comply?
Walking the Line Between Data Protection and Privacy Invasion
While there has been growing awareness of what we should, as consumers, do to secure our data, how can we be assured our data is being appropriately cared when we hand over information to companies?
Evading IT Threats: Integrating Security in Your Overall Cloud Strategy
In cloud infrastructure, it becomes even more challenging to overcome such threats without incurring any losses.
How Context Can Provide Application-centric Security
It’s the applications themselves that are the targets, because that is where the data is housed.
Access Badges: The link between physical and logical access
Organizations using access badges to secure physical access to (all or part of) their premises increasingly ask for the ability to use the same badges for access to their network and applications.
