Infosecurity Opinions

  1. Comment: Virtualization Minus the Migraine

    Shavlik Technologies’ Rob Juncker examines the possible pitfalls of virtualization and offers a strategy for safe and effective technological advancement: cohesive policies and even tighter IT architectures

  2. Comment: 2011– The Year Tokens Died

    Andrew Kemshall, CTO and co-founder of SecurEnvoy, presents a compelling argument for fading out physical tokens for two-factor authentication and replacing them with tokenless solutions using SMS technology, which is both cheaper and faster. Read on as he weighs the pros and cons

  3. Comment: Combating Weaponized Malware

    Ironically, organizations that deploy digital certificates and encryption keys to address security and compliance concerns can end up putting themselves at risk. Improved management can reverse the trend, says Venafi CEO Jeff Hudson.

  4. Comment: Assured government – Where next for government data security?

    The government has announced its direction of travel for data security but now needs industry to tell it what the destination will actually look like. Piecing together the operational and policy Whitehall jigsaw is a challenge to which the industry must rise says William Wallace, former IT security adviser to the Conservative Party.

  5. Comment: Cyber war – is it defensible?

    Frank Coggrave of Guidance Software provides insight into the concept of cyber warfare and talks in detail about the different forms in which it manifests itself. While many are talking about developing some rules of engagement, Coggrave contemplates those who do not play by the rules.

  6. Comment: Cybersecurity requires a multi-layered approach

    Online attacks are increasingly more sophisticated, and organizations need processes and plans in place to prevent, detect and respond to threats. Laura Mather of Silver Tail Systems outlines a multi-layered cybersecurity approach to help organizations better thwart targeted attacks and protect their corporate reputation.

  7. Comment: Authenticating the cloud

    After much debate about the security of applications and data in the cloud, Google is the latest company to roll out two-factor authentication for its Google Apps. But with separate 2FA credentials for all our cloud apps, life could get complicated. Dave Abraham, CEO at Signify, puts forward an alternative approach.

  8. Comment: Trusting contractors with your data

    Matthew Poyiadgi, European VP of CompTIA, argues that organisations have to be more careful when sharing confidential data with third parties and must implement robust policies to ensure data stays safe when it’s out of their hands.

  9. Comment: Building Secure Software From the Inside Out

    Steve Lipner of Microsoft’s Trusworthy Computing Group culls together nearly 40 years of experience in software development to explain what developers can do to help keep data safe and improve the security of their applications.

  10. Comment: Open source can also be highly secure

    Blended technology using open source and proprietary software gives the best of both worlds – cost effective and fit for purpose. Marc Hocking, CTO of Becrypt, explains

  11. Comment: Time to Change the Security Game

    Hackers today assume they’re winning, especially because the security industry is seemingly stuck on the ‘security insanity cycle’. Invincea’s Anup Ghosh offers insight into why the ‘cycle’ approach is simply not working when it comes to enhancing security and, unless security professionals change the way they think about it, they will be ‘winning’ a losing game

  12. Comment: The Lifecycle of a Firewall Rule

    Reuven Harrison, CTO of Tufin Technologies, offers some insightful hints and tips on how to go about getting your firewall rules in order to improve their performance, security and manageability.

  13. Comment: Balancing security and productivity needn’t be all or nothing

    Managing difficult exchanges between security and productivity when designing effective password policies is a major challenge for many IT decision makers. Security is time consuming and complicated, which almost always means extra work for someone. BeyondTrust’s Geoff Haggart looks at the question: is reduced security risk worth the extra work?

  14. Comment: Night Dragon will not be defeated $44.99 at a time

    In IT security, deceptive marketing can sometimes create confusion. Marc Maiffret of eEye Digital Security says that, in order to decipher the true from the false, end users must have clear understanding of what threats mean and how they can be defended against

  15. Comment: Stopping Employees from Stealing Your Data

    Whether leaked intentionally or accidentally, the practice of information sharing has been known to cause problems. Sean Glynn of Credant Technologies examines how to limit the information users have access to without thwarting trust, and how encryption can play an integral part.

  16. Comment: Is key management the new compliance?

    Jon Geater, director of technical strategy for Thales and a co-founder of the OASIS KMIP key management group, considers the effects of focussing solely on compliance to form the basis of information security strategy

  17. Comment: Building a Bridge between Legislators and IT Firms

    Elizabeth Hyman, vice president of public advocacy at CompTIA, provides an overview of the recent launch of TechVoice.org, a new online community to discuss federal policy issues that directly impact the IT industry and to connect members of the industry with policymakers. She discusses key issues and provides examples of how TechVoice serves as an education and advocacy resource.

  18. Comment: Public vs. private sector information security

    More dedicated staff, yet less awareness: according to recent data, the private sector lags behind with regards to data protection, while public sector organisations lead the way. David Cowan, head of security at Plan-Net, explains how firms can improve their IT security and avoid losing money, clients and reputation.

  19. Comment: Securing the remote working environment

    Vodafone's Andy McFarlane examines how, through effective mobile and data management within a secure environment, communications can become an enabler of successful growth

  20. Comment: The Seven Habits of Highly Infected People, and Your Security

    Modeled after the popular self-help book, this article by NaviSite’s chief security officer, Allen Allison, discusses how to eliminate the most common and easiest to avoid habits that introduce security risks and governance violations that can imperil an organization’s sensitive data.

Why not watch?

  1. Supply Chain Risk and Mitigation in Operational Technology

  2. The Future of Fraud: Defending Against Advanced Account Attacks

  3. Supercharge Your Security With Intelligence-Driven Threat Hunting

  4. Going Beyond Traditional Attack Surface Management with Cyber Threat Intelligence

What’s hot on Infosecurity Magazine?