Infosecurity Opinions
Cyber Resilience: Building a Defense Strategy that Works
The ISF’s Steve Durbin discusses how organizations can converge cybersecurity and risk management strategies to help deal with unknown threats in cyberspace
Comment: Finding Common Ground through Simulated Phishing Attacks
By helping users understand that they can be part of the security solution, Joe Ferrara of Wombat Security says simulated phishing attacks can mend the often difficult relationship between users and infosecurity teams by opening up lines of communication
Comment: Encryption is Critical for IaaS
When organizations move their data to the cloud, traditional security measures may not be effective. With some basic knowledge, Bill Hackenberger of HighCloud Security says companies can take advantage of Infrastructure-as-a-Service, while keeping their data private
Comment: Cybercrime Goes Back to the Future
Cybercrime goes back to its roots to infiltrate tomorrow’s organizations. Darren Turnbull of Fortinet looks at the importance of a unified approach and sandboxing as a key tactic in the fight against advanced persistent threats
Comment: Data Retention – The Privacy Threat Hidden in Plain Sight
The US may be reeling from revelations surrounding the NSA’s PRISM program but, as IVPN's Nick Pearson discusses, the next government program to threaten online privacy may originate from European shores
Say No to Digital Rights Management and Intellectual Property Rights?
Steve Mathews explores DRM options in a world where completely preventing the copying and distribution files is nearly impossible
Comment: Cybersecurity in a Post-prevention World
As long as we continue to incorrectly believe that we can simply block bad things, cybercriminals will win the battle, says Blue Coat’s Brian Contos. He suggests investing in incident detection and response to minimize the threat window following an incident, and to better understand what’s actually happened
Comment: Getting the Compliance Budget “Just Right”
A risk aware, long-term approach to regulatory compliance budgets is the path toward optimized spending. EventTracker’s AN Ananth explains his Goldilocks strategy
Go Ahead, Blame China
David Stupples contends China’s state-sponsored actors not only have the means, but also the motive to hack away at any organization’s intellectual property
Mutually Assured Cyber Destruction
Jarno Limnell says without the unveiling of evidence that’s nearly impossible to collect, nation-states should take a look in the mirror before they blame China as the world’s worst transgressor of cyber-espionage
Comment: Myths and Misconceptions on Securing Open-source Software
Agile security expert Ryan Berg addresses the common myths and misconceptions of securing open-source software and offers practical tips on how to build in security throughout the software development lifecycle – from design, development and deployment through to production
Comment: There’s No Such Thing as Cyber War
Chester Wisniewski of Sophos wages battle on the term ‘cyber war’
Comment: Secure Everything, Everywhere
Andrew Walker-Brown of Dell SonicWALL discusses the need for all-encompassing security to ensure performance and productivity
Comment: Mutual Authentication and Customer Education Can Prevent Fraud
Pat Carroll of ValidSoft uses recent examples of fraud to illustrate the need for mutual authentication and better customer education
Comment: Securely Embracing ‘Shadow-IT’ – the Apps an IT Department Can’t Control
Simplexo’s Simon Bain examines how IT departments can deal with the security issues related to ‘Shadow-IT’ and cloud storage
Comment: A Cultural Spat? Data Protection and Privacy Issues between the EU and US
As the EU Commission edges closer to adopting revisions to its Data Protection Directive, US companies will be looking more closely at their IT practices in consumer data retention says Andy Green of Varonis.
Comment: Beware a Quiet Queen’s Speech
Consultant William Wallace finds that what wasn’t said in the recent speech to open the new session of parliament may be as interesting as what was.
Comment: Cybersecurity and Reality – What’s in a Word?
What does the word 'cyber' really mean? Gregor Campbell cracks open his dictionary to trace its transformation
Comment: Rethinking Safety in the Modern Digital World
Eric D Knapp of Wurldtech contemplates what safety means in today’s digital environment
Comment: Exposing the Myths of Access Rights Management
Managing access rights is time-consuming and often considered a mundane task. Nevertheless, making sure only the right people can access company data is a business-critical function. Christian Zander of protected-networks.com addresses a number of ‘myths’ he has encountered when discussing this issue with senior IT management across Europe.