Infosecurity Opinions

  1. Comment: Intelligent IT Choices Will Prevent Disaster

    The recent European Disaster Recovery survey 2011, conducted by EMC², highlights the prevalence of companies that lack a robust disaster recovery strategy, with 54% of those surveyed suffering data loss and system downtime within the last year. If businesses are to minimize the detrimental impact of an IT system failure, intelligent IT choices need to be made, argues Richard Barker of Sovereign Business Integration

  2. Comment: Passwords Are Now Past Their Best

    Phil Robinson of Digital Assurance shares his views about the growing dependence upon passwords and looks at management methods and technical alternatives to improve upon them

  3. Comment: Don’t Compromise on Visibility, Speed or Security

    Stream-based deep packet inspection (DPI) is faster and easier to deploy, manage and update when compared with proxy-based DPI. That’s according to SonicWALL’s Andrew Walker-Brown

  4. Comment: Realizing Business Value from Access Risk Management

    Courion’s Dave Fowler argues that the industry needs to rethink its approach to access risk management and embrace the development of next-generation identity and access management solutions that are easy to deploy, offer quick return on investment and enable organizations to better understand and manage access risk

  5. Comment: A Security Culture Requires Leadership from the Top Down

    To grow an effective ‘security culture’ in your organization, infosec managers must get their management to set the proper example, says consultant Gregor Campbell

  6. Comment: Governance is Key to Managing Cloud Risk

    Adopting cloud computing can save money, but good governance is needed to manage the risks, says analyst Mike Small

  7. Comment: Piracy the Real Winner in War Against SOPA

    Not all provisions written in the original draft of SOPA were as bad as hype suggested; claims of it fueling Internet censorship are grossly exaggerated if you read its core provisions. Piracy is a multi-billion dollar problem that needs federal intervention, says GuardTime’s Mike Gault

  8. Comment: Make PCI DSS Part of Your Security Strategy

    Jeremy King, European director of the PCI Security Standards Council, describes how recent figures from the UK Cards Association showed PCI has been successful in decreasing the volume of card and bank account fraud

  9. Comment: APT Tops Security Risks to Corporate IP in 2012

    Verdasys’ Bill Ledingham shares his insights on advanced persistent threats (APT) and offers steps companies can take to increase their cybersecurity

  10. Comment: Information Assurance as a Flexible Security Solution

    Chris Mayers of Citrix UK outlines how the public sector can meet confidentiality, integrity and availability requirements in the face of ongoing regulatory and technological change

  11. Comment: Information management policies must address risk of human error

    Christian Toon, head of Information Security at Iron Mountain Europe, considers the growing number of avoidable data breaches that involve paper documents and advises businesses how to minimize these risks by getting to grips with information handling, management, storage and secure destruction.

  12. Comment: It’s Time for Smartphone Security

    As the mobile market grows, so does mobile malware. Don DeBolt, director of threat research at internet security company Total Defense, discusses how IT practitioners and company employees can best stay safe by protecting themselves from mobile hacks, privacy concerns and more in a day and age when mobile malware is on the rise

  13. Comment: Data Governance Must Evolve to Meet Growing Insider Threat

    Insider-driven data leaks are in the news every day, and unstructured data provides the biggest challenge for IT to secure and manage. Brian Vecci of Varonis Systems highlights key steps that organizations can take to measure and improve their data governance, and reduce data loss from insiders

  14. Comment: Get Your Money's Worth from PCI Pen Testing

    Orthus’ chief executive, Richard Hollis, says the responsibility for a comprehensive PCI pen test rests with the client – and it’s demands. Otherwise, your pen test could end up being worthless…

  15. Comment: Two-factor Authentication – World of the Token Necklace

    SecurEnvoy’s Andy Kemshall looks at the rise of two-factor authentication and why SMS-based technology is the key to strengthening vulnerable virtual applications and access points

  16. Comment: The Hard Cost of Misunderstanding Least Privilege

    John Mutch and Brian Anderson unravel the common misunderstandings about privileged access that prevent organizations from better protecting their network perimeter from the risk of insider threat and negligence

  17. Comment: Where the CISO Should Sit

    The CISO position is making a comeback, but if not strategically positioned in an organization, it can become a powerless figurehead – competing for mindshare and budget with other “functional” operations. Ed Adams of Security Innovation points out why a CISO can be far more effective if reporting to the CEO (or highest ranking risk officer) instead of the CIO

  18. Comment: Breaching Its Way through Congress – The SAFE Data Act

    Richard Moulds of Thales discusses the merits of the SAFE Data Act as it makes its way through the US Congress

  19. Comment: Myths Plague Perceptions of Mobile Malware

    Trusteer’s Amit Klein takes a closer look at mobile malware, exploding the myths and dispelling the fantasies

  20. Comment: New EU e-Privacy Legislation – Why You Should Act Now

    George Thompson of KPMG IT Advisory explains why companies should act now in response to new e-privacy legislation, and the organizational and technical steps to consider

Why not watch?

  1. Dispelling the Myths of Defense-Grade Cybersecurity

  2. Auditing AI Risk: Essential Strategies for IT & Compliance Leaders

  3. Identifying Concentration Risk and Securing the Supply Chain

  4. Alert Fatigue: What Are You and Your Security Teams Missing?

What’s hot on Infosecurity Magazine?