Infosecurity Opinions
Comment: Organizations Must Keep Up with New Compliance Regulations
Guy Churchward of LogLogic addresses the compliance challenges for 2012 and how enterprises need to respond
Comment: Managing Authentication in Heterogeneous Environments
SafeNet’s Gary Clark outlines the layered approach necessary for secure digital identities in cloudy, mobile ecosystems
Comment: Information Assurance Professionals – You Are Competent, but Are You Certified?
A new certification scheme has been developed for information assurance professionals to help the UK Government meet its cybersecurity objectives. The APM Group’s Richard Pharro looks at why the scheme has been developed, what benefits it will bring to the industry, and how people working in IA are assessed
Comment: Proposed EU Data Protection Revisions Good for Businesses, and Individuals
Sarb Sembhi of consultancy Incoming Thought sees the proposed revisions to the EU Data Protection Directive as a win-win situation
Comment: Building a Fence around Data and the EU
The proposed revisions to the EU Data Protection Directive will mean that global organizations must have a strong "on the ground" presence in Europe. That's according to the University of Milan's Marco Cremonini
Comment: Intelligent IT Choices Will Prevent Disaster
The recent European Disaster Recovery survey 2011, conducted by EMC², highlights the prevalence of companies that lack a robust disaster recovery strategy, with 54% of those surveyed suffering data loss and system downtime within the last year. If businesses are to minimize the detrimental impact of an IT system failure, intelligent IT choices need to be made, argues Richard Barker of Sovereign Business Integration
Comment: Passwords Are Now Past Their Best
Phil Robinson of Digital Assurance shares his views about the growing dependence upon passwords and looks at management methods and technical alternatives to improve upon them
Comment: Don’t Compromise on Visibility, Speed or Security
Stream-based deep packet inspection (DPI) is faster and easier to deploy, manage and update when compared with proxy-based DPI. That’s according to SonicWALL’s Andrew Walker-Brown
Comment: Realizing Business Value from Access Risk Management
Courion’s Dave Fowler argues that the industry needs to rethink its approach to access risk management and embrace the development of next-generation identity and access management solutions that are easy to deploy, offer quick return on investment and enable organizations to better understand and manage access risk
Comment: A Security Culture Requires Leadership from the Top Down
To grow an effective ‘security culture’ in your organization, infosec managers must get their management to set the proper example, says consultant Gregor Campbell
Comment: Governance is Key to Managing Cloud Risk
Adopting cloud computing can save money, but good governance is needed to manage the risks, says analyst Mike Small
Comment: Piracy the Real Winner in War Against SOPA
Not all provisions written in the original draft of SOPA were as bad as hype suggested; claims of it fueling Internet censorship are grossly exaggerated if you read its core provisions. Piracy is a multi-billion dollar problem that needs federal intervention, says GuardTime’s Mike Gault
Comment: Make PCI DSS Part of Your Security Strategy
Jeremy King, European director of the PCI Security Standards Council, describes how recent figures from the UK Cards Association showed PCI has been successful in decreasing the volume of card and bank account fraud
Comment: APT Tops Security Risks to Corporate IP in 2012
Verdasys’ Bill Ledingham shares his insights on advanced persistent threats (APT) and offers steps companies can take to increase their cybersecurity
Comment: Information Assurance as a Flexible Security Solution
Chris Mayers of Citrix UK outlines how the public sector can meet confidentiality, integrity and availability requirements in the face of ongoing regulatory and technological change
Comment: Information management policies must address risk of human error
Christian Toon, head of Information Security at Iron Mountain Europe, considers the growing number of avoidable data breaches that involve paper documents and advises businesses how to minimize these risks by getting to grips with information handling, management, storage and secure destruction.
Comment: It’s Time for Smartphone Security
As the mobile market grows, so does mobile malware. Don DeBolt, director of threat research at internet security company Total Defense, discusses how IT practitioners and company employees can best stay safe by protecting themselves from mobile hacks, privacy concerns and more in a day and age when mobile malware is on the rise
Comment: Data Governance Must Evolve to Meet Growing Insider Threat
Insider-driven data leaks are in the news every day, and unstructured data provides the biggest challenge for IT to secure and manage. Brian Vecci of Varonis Systems highlights key steps that organizations can take to measure and improve their data governance, and reduce data loss from insiders
Comment: Get Your Money's Worth from PCI Pen Testing
Orthus’ chief executive, Richard Hollis, says the responsibility for a comprehensive PCI pen test rests with the client – and it’s demands. Otherwise, your pen test could end up being worthless…
Comment: Two-factor Authentication – World of the Token Necklace
SecurEnvoy’s Andy Kemshall looks at the rise of two-factor authentication and why SMS-based technology is the key to strengthening vulnerable virtual applications and access points
