Infosecurity Opinions

  1. Comment: Why Amazon Is My #1 Attacker

    AlienVault’s Conrad Constantine explains why the need to establish reputation information from cloud instances cannot be underestimated for incident responders

  2. Hacktivism Debate: Security’s Little Awareness Helper

    Matthew Pascucci shines a light on a by-product of hacktivism: increased security awareness. Their attacks may be embarassing, but he says hacktivists do serve a functional purpose for the security professional

  3. Hacktivism Debate: Occupy DDoS

    There's little room in Ted Swearingen's heart for the exploits of so-called hacktivists. His sympathies lie with those charged with combating them

  4. Comment: Too Much Security May Affect Business Processes

    A balance is needed between the protection of information and productivity within a business environment, says David Cowan of Plan-Net

  5. Comment: Don’t Ban Social Media (And What To Do Instead)

    Forensic analyst Paul Henry explains why banning social media is hardly the way to deal with the risks it poses

  6. Comment: Building a Risk-aware, Cyber-secure Culture

    Using technology solutions to complement your security awareness programs is simply not enough, says IBM’s Chris Nott. You must go further and explain the risks to your employees, and why the technical controls were put in place

  7. Safe and Secure Online: Make it Count

    Tim Wilson, lead UK volunteer for the (ISC)² Safe and Secure Online program and assistant director ICT, NHS East London and City, tells us what he does, what he hears, and why you too should get involved in Safe and Secure Online

  8. Comment: The Risks of Generic Approaches to Employee Information Security Awareness

    Keith Ducatel of Article 10 talks about the dangers of off-the-shelf information security policies and training

  9. Comment: Poor Information Risk Assessment Is Worse than Doing Nothing at All

    Information risk assessment should be second nature to security practitioners, and yet too few of us understand what it really takes to do it well – and few organizations have a world-class capability in place. Andrew Wilson explores some of the reasons why this is the case and what we need to do to get it fixed

  10. Comment: Securing BYOD is More Than a One-step Process

    BYOD is no longer a trend, it’s a reality says Frank Andrus of Bradford Networks. Here he explains why implementing BYOD securely requires a comprehensive blueprint, and cannot be done through a single technology solution

  11. Comment: The Missing Link from DLP

    Solutions to prevent data loss need to involve the data owners themselves, so they can take appropriate actions to remediate risks before data is leaked. Traditional DLP technologies alone cannot achieve your security and governance goals, says David Gibson of Varonis

  12. Comment: Avoid the Inherent Risks of Consumer Gadgets and Email

    Consumer gadgets and corporate email can be a risk to information; John Thielens of Axway looks at how this can be avoided without banning consumer devices altogether

  13. Comment: It’s Not about Network Security, It’s about Business Security

    Gidi Cohen of Skybox Security explores the challenges information security executives face, and provides key steps they can take to tune their existing security infrastructure to be more effective and efficient

  14. Comment: Defeating APT in the Cyber Trenches

    Jim Butterworth of HBGary argues that instead of building bigger digital walls to secure their organizations, CSO’s must instead build resilience by combating advanced persistent threats (APTs) where they least expect them – already firmly established inside the network

  15. Comment: Mobility Goes Mainstream

    Infosecurity welcomes Patricia Titus, VP and CISO of Symantec, as the newest member of our Editorial Advisory Board. Titus tells us why following security best practices is the key to a successful mobility strategy

  16. Protecting Distributed Network Infrastructure Availability across a Cloud-Connected Workforce

    Robert Waldie of Opengear looks at three strategies learned in the data center to secure distributed sites against breach-of-availability incidents

  17. Comment: Turn to Military-grade Security

    Key industrial infrastructure is becoming as vulnerable as corporate data to attack, driving commercial organizations toward defense-grade IT solutions for protection. Arun Subbarao of LynuxWorks explains the wisdom behind the strategy

  18. Comment: Do You Know Where Your Data Is?

    As businesses increasingly bring in mobile devices for their staff, data can no longer be pinpointed to the. Siân John of Symantec discusses the threats to businesses and how employing data encryption on mobile devices brings a new level of security to sensitive business information

  19. Comment: Taking the Ethical High Road

    Marcus Ranum of Tenable Network Security outlines how the IT security industry can ensure its integrity by maintaining a strong code of ethics

  20. Comment: Visibility Is an Essential Component to Data Governance

    Addressing the volume of organizational data requires a balanced approach, which includes locating and identifying data by category. This visibility is the first step in identifying risk, says Gerard Curtin of PixAlert

Why not watch?

  1. Identifying Concentration Risk and Securing the Supply Chain

  2. Navigating Exposures in Energy ICS Environments

  3. Dispelling the Myths of Defense-Grade Cybersecurity

  4. How to Manage Your Risks and Protect Your Financial Data

What’s hot on Infosecurity Magazine?