Infosecurity Opinions

  1. Comment: Tackling Data Protection Concerns on Public Cloud Services

    To ensure highest security and compliance standards are met in the cloud, organizations need to adopt a data-centric approach that focuses on protecting data throughout its lifecycle, argues Mike Smart of SafeNet.

  2. Comment: Privacy, Trust and Identity in the Cloud

    The cloud provides many services that are used by individuals to network, and to buy services. ISACA’s Mike Small explores how this has created new challenges relating to identity, privacy and trust

  3. Comment: We All Need to Keep Closer Tabs on Financial Data

    Mohan Koo, managing director of Dtex Systems, explains how recent data breaches show that organizations are focusing on external security while neglecting insider threats

  4. Comment: Power to the People to Secure Consumerized Devices

    How should you deliver security to the personal devices your users want to use for work? Simple – give the users some responsibility. Terry Greer-King of Check Point explains

  5. Comment: Intelligent Network Forensics – Peeling Back the Onion

    Dealing with a true ‘targeted’ attack or ‘advanced persistent threat’ (APT) is a process, not an event, and it includes a discovery phase, an investigation phase, and a remediation phase. The objective is being able to see, study, and stop the threats that are flowing over networks, says Kurt Bertone of Fidelis Security Systems

  6. Comment: The SSL Offload Dilemma

    Nathan Pearce of F5 Networks discusses why more organizations are reviewing their security in the wake of recent breaches, how raised security arrangements will inevitably put strain on servers, and the need to take action.

  7. Comment: EU Data Breach Notification Law is a Start, but Not Enough

    In the wake of the announcement that companies in the EU will have to disclose data breaches, Thales’ Steve Brunswick suggests the imposition of fines would improve information security standards

  8. Comment: Phone Hacking – Scandal, Spyware and Trust

    Gareth Maclachlan, founder and COO of AdaptiveMobile, discusses the issue of mobile malware and explores why mobile operators need to enhance their security practices to ensure subscribers are protected from the increasingly sophisticated range of mobile threats

  9. Comment: Physical Security in a Digital World

    While most managed services providers can provide excellent levels of digital security, servers still exist in the real world and this is often where they are at their most vulnerable. Simon Neal, COO at The Bunker, outlines why some measures and human processes should be implemented to guard against physical threats

  10. Comment: Don't Forget Your Password (Security)

    Idan Shoham of Hitachi ID Systems explores today’s authentication methods and why password security is still relevant in today’s environment

  11. Comment: Securing Mobile Commerce from Start to Finish

    With the rise of mobile commerce comes increased responsibility for retailers to ensure they have the necessary systems in place to protect customer data, writes Verizon Business’ David Tran.

  12. Comment: HIPAA vs The Cloud

    Cloud computing provides a cost effective service option for the IT needs of healthcare organizations; however, loss of assured end-to-end control of data can create HIPPA compliance issues. Chris Witt, CEO of WAKE Technology Services, serves up his perspective on the tradeoffs

  13. Comment: Mastering Mobile Security

    Paul Lothian, principal adviser at KPMG, believes increasingly functional mobile devices are now firmly in the sights of cybercriminals.

  14. Comment: Public vs Private – Things that Really Matter In the Cloud

    Aydin Kurt-Elli, COO at Lumison, reflects on the Amazon EC2 outage, exploring what a private cloud infrastructure can offer organizations amid public cloud fears.

  15. Comment: Accidental Data Deletion Still Considered Spoliation

    Bill Tolson of Autonomy examines the perils of eDiscovery requirements and what organizations should do to prepare for all-but-inevitable lawsuits

  16. Comment: Passwords Are No Longer Enough

    Strong authentication is key to adequately protecting critical data in a mobile age. Stephen Howes, CTO of GrIDsure, looks at the options

  17. Comment: RSA SecurID Breach – Where Do We Go From Here?

    Philip Lieberman, CEO and president of Lieberman Software, gives us his opinion on the origins of the recent RSA Security data breach, laying much of the blame on lack of investment and lax management. He outlines some of the lessons we should learn from this disaster and a way forward for the wary.

  18. Comment: Financial Institutions Must Plug Insider Leaks

    With whistleblowing website WikiLeaks stepping up its attack on governments and corporates, financial institutions are increasingly facing the threat of insider collusion with outsiders. Simon Romp, principal consultant at Rule Financial, explains how banks can strengthen their walls and minimise the risk of sensitive data being leaked from the inside.

  19. Comment: Breaches Underscore Need for Device ID

    The recent compromise of RSA’s SecurID tokens and the subsequent breach of Lockheed Martin’s network doesn’t signify a complete failure, argues Wave Systems’ Steven K. Sprague, but rather an incomplete defense.

  20. Comment: Key Management Strategies in the Cloud

    Jon Geater, director of technical strategy at Thales e-Security, discusses the need for an information-centric approach to key management in the cloud and a range of strategies that could be deployed.

Why not watch?

  1. New Cyber Regulations: What it Means for UK and EU Businesses

  2. Alert Fatigue: What Are You and Your Security Teams Missing?

  3. Navigating Exposures in Energy ICS Environments

  4. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

What’s hot on Infosecurity Magazine?