Infosecurity Opinions
Prevention, Detection and Response: A New Approach to Tackle APTs
Evolving Threats Require CISOs to Disrupt Attacks Across the Entire Chain, From Break-in to Exfiltration, Argues Martin Borrett, Director at the IBM Institute for Advanced Security.
Looking for Clues to Win the Malware War
With Cybercriminals Increasingly Able to Cover Their Tracks, Point-in-time Detection is No Longer Enough. Terry Greer-King Says We Need to Watch for the Trail of Clues it Leaves Behind.
Third Party Libraries: the Swiss Cheese of App Security
Waratek director of client security solutions, Prateep Bandharangshi, explains how to minimize the risk of another Heartbleed.
How to Stay Out of the Headlines with Protective Marking
All organizations can take a leaf out of the Government’s book and use data classification to safeguard information, says Colin Tankard, Managing Director of Digital Pathways
People, Process, Technology: How Good Information Security Can Grow Your Business
Companies must strike a balance between being able to share information and protect it, in order to support business growth. BAE Systems’ Malcolm Carrie explains where the answer lies…
Keeping the crown jewels under lock and key
Information governance is not just good for improving security, it is good business practice.
Comment: Bank Heists Haven’t Disappeared, They’ve Evolved
Evidence suggests bank robberies are in decline, but Auriga’s Darren Hodder suggests the thieves may simply have hung up their balaclavas in favor of the mouse
Comment: Mitigate Cyber Attacks Now in Emerging Markets
As the use of mobile technology continues to rise in emerging markets, there is a growing concern around the compromise of privacy and data security. GlobalLogic’s Juan Manuel Caracoche and Tzvi Kasten explain the state of security in Brazil and other emerging countries and why building security protection into products will mitigate phishing and malware attacks
Comment: Incident Response – Mitigate, Remediate and then Communicate
How do you handle an emergency incident, and communicate the details to management? By appointing a junior member of your team to handle this process, security analyst Bob Covello believes that incident response teams can increase their effectiveness
Comment: New Approaches Needed for Database Security and Advanced Network Threats
Today’s advanced threats require a smarter approach to database security that extends beyond detection and monitoring the usual attack surfaces and SQL injection techniques. This is the view from NetCitadel’s Duane Kuroda
Windows XP’s Time Has Come…and Gone
With support for Windows XP set to run out as of tomorrow, April 8, Microsoft’s Tim Rains issues a last-minute warning on why users of the venerable operating system should upgrade now
Comment: Third Parties and Identity Management – Welcome to the World of Marketing
Marketing teams have many options for managing their activities around social media, website administration and analytics. David Meyer of OneLogin contemplates whether company security policies are being followed and how IT can get involved in managing risks
Anti-virus Lives to Fight Another Day
Anti-virus remains a cornerstone of any security strategy, finds David Harley, as he acknowledges the contributions of anti-malware researchers
Anti-Virus: Little More Than a Team Player
Anti-virus is just one small part of the holistic security strategy, argues Ryan W Smith
Comment: APT Detection – Closing the Gaping Hole
Technology solutions to combat advanced persistent threats are in no short supply, but actually detecting these targeted infiltrations remains difficult. Avishai Ziv of LynuxWorks examines the reasons, and how to overcome the problem
Comment: EU Data Protection Regulation – Will You Be Ready?
The draft EU Data Protection Regulation has been delayed again. However, companies need to start considering now how to ensure they can comply with key provisions when it does reach final form, or risk being exposed to both regulatory fines and litigation
Government Surveillance: With the Damage Comes Promise
On the heels of his recent keynote at the RSA Conference in San Francisco, Scott Charney, corporate VP of Microsoft’s Trustworthy Computing Group, sat down with our Drew Amorosi to talk about the reputational damage inflicted by NSA surveillance disclosures, and what the industry must do to respond
Comment: Protecting Customer Data from Online Vulnerabilities
Following the Barclays data breach, where thousands of confidential customer files were stolen and sold, Wieland Alge of Barracuda Networks shares his views on the current threats to business data and the areas that must be addressed to keep ahead of new exploitation tactics
Comment: Grand Theft Data – How to Protect an Organization from Breaches
Accepting the premise that data breaches will occur doesn't mean that organizations can’t take preventive measures to reduce the frequency and lessen the severity. Eric Cole of the SANS Institute explains…
Comment: RSA Conference 2014 – Information Security’s Civil War Takes Center Stage
Brian Honan, security consultant and RSA Conference presenter, explains why he has chosen to remain on the event’s speaking roster despite the withdrawal of some peers
