Infosecurity Opinions

  1. Comment: Governance is Key to Managing Cloud Risk

    Adopting cloud computing can save money, but good governance is needed to manage the risks, says analyst Mike Small

  2. Comment: Piracy the Real Winner in War Against SOPA

    Not all provisions written in the original draft of SOPA were as bad as hype suggested; claims of it fueling Internet censorship are grossly exaggerated if you read its core provisions. Piracy is a multi-billion dollar problem that needs federal intervention, says GuardTime’s Mike Gault

  3. Comment: Make PCI DSS Part of Your Security Strategy

    Jeremy King, European director of the PCI Security Standards Council, describes how recent figures from the UK Cards Association showed PCI has been successful in decreasing the volume of card and bank account fraud

  4. Comment: APT Tops Security Risks to Corporate IP in 2012

    Verdasys’ Bill Ledingham shares his insights on advanced persistent threats (APT) and offers steps companies can take to increase their cybersecurity

  5. Comment: Information Assurance as a Flexible Security Solution

    Chris Mayers of Citrix UK outlines how the public sector can meet confidentiality, integrity and availability requirements in the face of ongoing regulatory and technological change

  6. Comment: Information management policies must address risk of human error

    Christian Toon, head of Information Security at Iron Mountain Europe, considers the growing number of avoidable data breaches that involve paper documents and advises businesses how to minimize these risks by getting to grips with information handling, management, storage and secure destruction.

  7. Comment: It’s Time for Smartphone Security

    As the mobile market grows, so does mobile malware. Don DeBolt, director of threat research at internet security company Total Defense, discusses how IT practitioners and company employees can best stay safe by protecting themselves from mobile hacks, privacy concerns and more in a day and age when mobile malware is on the rise

  8. Comment: Data Governance Must Evolve to Meet Growing Insider Threat

    Insider-driven data leaks are in the news every day, and unstructured data provides the biggest challenge for IT to secure and manage. Brian Vecci of Varonis Systems highlights key steps that organizations can take to measure and improve their data governance, and reduce data loss from insiders

  9. Comment: Get Your Money's Worth from PCI Pen Testing

    Orthus’ chief executive, Richard Hollis, says the responsibility for a comprehensive PCI pen test rests with the client – and it’s demands. Otherwise, your pen test could end up being worthless…

  10. Comment: Two-factor Authentication – World of the Token Necklace

    SecurEnvoy’s Andy Kemshall looks at the rise of two-factor authentication and why SMS-based technology is the key to strengthening vulnerable virtual applications and access points

  11. Comment: The Hard Cost of Misunderstanding Least Privilege

    John Mutch and Brian Anderson unravel the common misunderstandings about privileged access that prevent organizations from better protecting their network perimeter from the risk of insider threat and negligence

  12. Comment: Where the CISO Should Sit

    The CISO position is making a comeback, but if not strategically positioned in an organization, it can become a powerless figurehead – competing for mindshare and budget with other “functional” operations. Ed Adams of Security Innovation points out why a CISO can be far more effective if reporting to the CEO (or highest ranking risk officer) instead of the CIO

  13. Comment: Breaching Its Way through Congress – The SAFE Data Act

    Richard Moulds of Thales discusses the merits of the SAFE Data Act as it makes its way through the US Congress

  14. Comment: Myths Plague Perceptions of Mobile Malware

    Trusteer’s Amit Klein takes a closer look at mobile malware, exploding the myths and dispelling the fantasies

  15. Comment: New EU e-Privacy Legislation – Why You Should Act Now

    George Thompson of KPMG IT Advisory explains why companies should act now in response to new e-privacy legislation, and the organizational and technical steps to consider

  16. Comment: Avoid 'Friend or Foe' Syndrome with your IT Auditor

    In a perfect world, the confidence and communication that exist between an organization and its IT security auditor might resemble the doctor–patient relationship. But when Philip Lieberman examines this critical aspect of IT security, he finds an increasingly troubled history – and makes some suggestions about how both sides can gain more from the partnership.

  17. Comment: Companies Lose Encryption Keys – and Security – in the Amazon Cloud

    Jeff Hudson of Venafi discusses the importance of proper education and best practices for protecting SSL and SSH keys that secure the cloud

  18. Comment: Encryption Vendors May Be the Weakest Link

    Infosec analyst Matthew Pascucci examines the security incidents that have plagued encryption and authentication vendors this past year and calls on them to beef up their own in-house security, or face the possibility of sanctions

  19. Comment: Security Has Become a Black and White Issue

    As cyber-attacks become increasingly sophisticated, Bimal Parmar of Faronics argues that organizations can no longer rely solely on traditional blacklist technologies, but must adopt a layered approach to endpoint security

  20. Comment: Password Reuse Equals Misuse

    A recent survey by Swivel Secure shows that 55% of people use the same password, or variations of one, to access all their online activities. Chris Russell examines the corporate risks of password reuse and emphasizes the need for multifactor authentication for accessing business critical data

What’s hot on Infosecurity Magazine?