Infosecurity Opinions
Coping in a 'Code Yellow' World with Threat Intelligence
While there’s no specific threat identified, your mindset should be “the world is a potentially unfriendly place, I have to be on the lookout for potential threats”.
Top Five Ways to Improve SOC Efficiencies and Bridge the Security Skills Gap
Not only have enterprises bought more products, but they also have tried to hire more security analysts to deal with alerts.
Want to Know Your Customer? Try Authenticating Them
It’s no longer a question of “build or buy?”, but rather a matter of utilizing available tools to develop solutions that adapt to the challenges of protecting your users.
To Err Is Human; To Automate, Divine
99% of firewall breaches will be caused by simple firewall misconfigurations, not flaws.
Looking Past the ‘APT’ Hype to Defend Against Today’s (Actual) Advanced Threats
Much of the work in threat protection is focused on helping employees recognize and avoid sophisticated phishing attacks.
Life Sciences Information Security
A Broad Overview of the Unique Challenges Serving Biotech, Pharma and Academia.
Protecting the New Perimeter
Ultimately, recognizing the new perimeter and managing identities with SSO and provisioning will provide businesses with a better way to secure and control the magnitude of users, devices and applications that span traditional company and network boundaries.
Static Code Analysis Tools for Bulletproof Software Security
Manual security reviews are useful, but humans are humans after all, and they just aren't capable of finding every security hole within a large or even midsize application.
Could a Weak Link in the Chain Hamper Retailer Implementation of PCI DSS Version 3.2?
Application of the PCI DSS’s latest system is not a quick fix, but a means to an end.
Overcoming Application Security Challenges
The majority of strategic business processes are supported by software applications, so why does application security continue to receive less budget and attention than network security?
Is Compliance Bad for Security?
Standards are a security bar for organizations to meet through compliance. Arguably their value is in the reassurance they provide stakeholders that a baseline of reasonable security measures is in place. But what if compliance is faked?
A Moving Target: Why SMEs need Threat Intelligence
Justifying security spend can be challenging as a SME: there are limited resources, you’re trying to defend against an unquantifiable range of threats, and there are plenty of other aspects of the business to invest in that can give tangible results.
Communications Security Beyond the Turret
What was once a system based on a digital time-division multiplexing (TDM) architecture has turned into a high-tech Internet Protocol (IP) based work center
Who is Responsible for Cybersecurity Within Your Organization?
Don't underestimate the need for clear guidance on who should do what within an organization.
Security from the Ground Up: The Need for Data Classification
Governments, businesses large and small, and even private citizens worry over how to keep their digital assets out of the wrong hands.
The Service Desk: The Unsung Hero of IT Security
Estimates suggest that the gap between a data breach and discovery is somewhere in the region of 80 and 200+ days, depending on whose research you’re reading.
Regular Check-ups: Pentesting-as-a-Service
Penetration testing needs to be performed much more frequently than it is today by most organizations, and that requires a new type of service offering: ‘pentesting-as-a-service’.
Machine Learning – Keeping Us One Step Ahead of Fraudsters
While it is clear that machine learning has a lot to offer to financial institutions and merchants in an effort to detect and prevent fraud, the approach does have its limitations.
Why Weakening Encryption Could be Throwing the Baby Out with the Bathwater
Should communications providers be legally forced to break their own security when required, even if they must fundamentally change the way their encryption works in order to comply?
