Infosecurity Opinions

  1. Comment: Information Assurance as a Flexible Security Solution

    Chris Mayers of Citrix UK outlines how the public sector can meet confidentiality, integrity and availability requirements in the face of ongoing regulatory and technological change

  2. Comment: Information management policies must address risk of human error

    Christian Toon, head of Information Security at Iron Mountain Europe, considers the growing number of avoidable data breaches that involve paper documents and advises businesses how to minimize these risks by getting to grips with information handling, management, storage and secure destruction.

  3. Comment: It’s Time for Smartphone Security

    As the mobile market grows, so does mobile malware. Don DeBolt, director of threat research at internet security company Total Defense, discusses how IT practitioners and company employees can best stay safe by protecting themselves from mobile hacks, privacy concerns and more in a day and age when mobile malware is on the rise

  4. Comment: Data Governance Must Evolve to Meet Growing Insider Threat

    Insider-driven data leaks are in the news every day, and unstructured data provides the biggest challenge for IT to secure and manage. Brian Vecci of Varonis Systems highlights key steps that organizations can take to measure and improve their data governance, and reduce data loss from insiders

  5. Comment: Get Your Money's Worth from PCI Pen Testing

    Orthus’ chief executive, Richard Hollis, says the responsibility for a comprehensive PCI pen test rests with the client – and it’s demands. Otherwise, your pen test could end up being worthless…

  6. Comment: Two-factor Authentication – World of the Token Necklace

    SecurEnvoy’s Andy Kemshall looks at the rise of two-factor authentication and why SMS-based technology is the key to strengthening vulnerable virtual applications and access points

  7. Comment: The Hard Cost of Misunderstanding Least Privilege

    John Mutch and Brian Anderson unravel the common misunderstandings about privileged access that prevent organizations from better protecting their network perimeter from the risk of insider threat and negligence

  8. Comment: Where the CISO Should Sit

    The CISO position is making a comeback, but if not strategically positioned in an organization, it can become a powerless figurehead – competing for mindshare and budget with other “functional” operations. Ed Adams of Security Innovation points out why a CISO can be far more effective if reporting to the CEO (or highest ranking risk officer) instead of the CIO

  9. Comment: Breaching Its Way through Congress – The SAFE Data Act

    Richard Moulds of Thales discusses the merits of the SAFE Data Act as it makes its way through the US Congress

  10. Comment: Myths Plague Perceptions of Mobile Malware

    Trusteer’s Amit Klein takes a closer look at mobile malware, exploding the myths and dispelling the fantasies

  11. Comment: New EU e-Privacy Legislation – Why You Should Act Now

    George Thompson of KPMG IT Advisory explains why companies should act now in response to new e-privacy legislation, and the organizational and technical steps to consider

  12. Comment: Avoid 'Friend or Foe' Syndrome with your IT Auditor

    In a perfect world, the confidence and communication that exist between an organization and its IT security auditor might resemble the doctor–patient relationship. But when Philip Lieberman examines this critical aspect of IT security, he finds an increasingly troubled history – and makes some suggestions about how both sides can gain more from the partnership.

  13. Comment: Companies Lose Encryption Keys – and Security – in the Amazon Cloud

    Jeff Hudson of Venafi discusses the importance of proper education and best practices for protecting SSL and SSH keys that secure the cloud

  14. Comment: Encryption Vendors May Be the Weakest Link

    Infosec analyst Matthew Pascucci examines the security incidents that have plagued encryption and authentication vendors this past year and calls on them to beef up their own in-house security, or face the possibility of sanctions

  15. Comment: Security Has Become a Black and White Issue

    As cyber-attacks become increasingly sophisticated, Bimal Parmar of Faronics argues that organizations can no longer rely solely on traditional blacklist technologies, but must adopt a layered approach to endpoint security

  16. Comment: Password Reuse Equals Misuse

    A recent survey by Swivel Secure shows that 55% of people use the same password, or variations of one, to access all their online activities. Chris Russell examines the corporate risks of password reuse and emphasizes the need for multifactor authentication for accessing business critical data

  17. Comment: Cyber-gang Crackdown Cripples Malware Traffic…for Now

    This past summer’s FBI-coordinated crackdown on computer scareware companies virtually shut the fake security software business down, but without the implementation of tough, diverse preventative solutions, Enigma Software's Alvin Estevez says it might remain akin to nothing more than cutting off the head of a hydra

  18. Comment: Implement Comprehensive Mobile Security – Today

    Mobility and consumerization mean that the landscape of the corporate IT estate is changing in ways that are making new demands of security professionals. Dave Everitt of Absolute Software explains why a multi-tiered security strategy is essential to overcome increased threats

  19. Comment: It’s Time to Take APTs Seriously

    Ross Brewer of LogRhythm explores the danger posed by advanced persistent threats, the rash of high-profile data breaches that have been making headlines this year, and the steps organizations should be taking to protect IT assets

  20. Comment: Network Forensics – Beyond Activity Monitoring

    Network activity monitoring can alert a company to a security breach or an attack, but Jay Botelho of WildPackets points out that a network forensics solution can take network monitoring a step further and use this information to prevent future attacks

Why not watch?

  1. New Cyber Regulations: What it Means for UK and EU Businesses

  2. Navigating Exposures in Energy ICS Environments

  3. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

  4. Mastering Australian Privacy Act and Essential Eight While Improving Cybersecurity Posture

What’s hot on Infosecurity Magazine?