Infosecurity Opinions

  1. Comment: Data Breaches a Symptom of a Bigger Problem

    The recent rash of high-profile data breaches can have a happy ending if IT and security leaders can convince the C-suite to break the cycle. In this op-ed, Johnathan Norman of Alert Logic explains that the first step is getting the C-suite to consider the value of their data and how much a breach would cost, so they can understand the enormous risk they are taking.

  2. Comment: Cracking the Counterfeit Fraud Challenge

    While banking fraud might be at its lowest level ever in the UK, now is not the time for complacency. Emil Büchler, head of cards at SIX Card Solutions, explains that while advances are being made to stop the card counterfeiters, work remains to be done.

  3. Comment: Visionaries Recognize the Changing Nature of Crime as an Opportunity

    Infosecurity is proud to welcome W. Hord Tipton, executive director of (ISC)², as the newest member of its editorial board. As part of his welcome, Tipton shares why, whether large or small, organizations’ security technology is only as good as the people being tasked to operate and maintain it

  4. Comment: Staying Secure With a Limited Budget

    Ray Bryant, CEO of Idappcom, looks at how IT departments can maintain the same level of service and security with less money. He advises where cuts can be made and how these will help a business run more cost-effectively without affecting service levels and, more importantly, ensure that an organization does not become more vulnerable to attacks.

  5. Comment: Security Research Goes Proactive – The Hacker Intelligence Initiative

    Sun Tzu’s “The Art of War” taught us to know your enemy in order to prevail over it. Imperva’s Amichai Shulman demonstrates why applying such methods to the hacker community can help the security industry come out on top

  6. Comment: Web Vulnerabilities – Vector of Choice

    Aziz Maakaroun, business development director for Outpost24, discusses why organizations need to step up their online defenses by scanning for web application vulnerabilities.

  7. Comment: Virtualization Minus the Migraine

    Shavlik Technologies’ Rob Juncker examines the possible pitfalls of virtualization and offers a strategy for safe and effective technological advancement: cohesive policies and even tighter IT architectures

  8. Comment: 2011– The Year Tokens Died

    Andrew Kemshall, CTO and co-founder of SecurEnvoy, presents a compelling argument for fading out physical tokens for two-factor authentication and replacing them with tokenless solutions using SMS technology, which is both cheaper and faster. Read on as he weighs the pros and cons

  9. Comment: Combating Weaponized Malware

    Ironically, organizations that deploy digital certificates and encryption keys to address security and compliance concerns can end up putting themselves at risk. Improved management can reverse the trend, says Venafi CEO Jeff Hudson.

  10. Comment: Assured government – Where next for government data security?

    The government has announced its direction of travel for data security but now needs industry to tell it what the destination will actually look like. Piecing together the operational and policy Whitehall jigsaw is a challenge to which the industry must rise says William Wallace, former IT security adviser to the Conservative Party.

  11. Comment: Cyber war – is it defensible?

    Frank Coggrave of Guidance Software provides insight into the concept of cyber warfare and talks in detail about the different forms in which it manifests itself. While many are talking about developing some rules of engagement, Coggrave contemplates those who do not play by the rules.

  12. Comment: Cybersecurity requires a multi-layered approach

    Online attacks are increasingly more sophisticated, and organizations need processes and plans in place to prevent, detect and respond to threats. Laura Mather of Silver Tail Systems outlines a multi-layered cybersecurity approach to help organizations better thwart targeted attacks and protect their corporate reputation.

  13. Comment: Authenticating the cloud

    After much debate about the security of applications and data in the cloud, Google is the latest company to roll out two-factor authentication for its Google Apps. But with separate 2FA credentials for all our cloud apps, life could get complicated. Dave Abraham, CEO at Signify, puts forward an alternative approach.

  14. Comment: Trusting contractors with your data

    Matthew Poyiadgi, European VP of CompTIA, argues that organisations have to be more careful when sharing confidential data with third parties and must implement robust policies to ensure data stays safe when it’s out of their hands.

  15. Comment: Building Secure Software From the Inside Out

    Steve Lipner of Microsoft’s Trusworthy Computing Group culls together nearly 40 years of experience in software development to explain what developers can do to help keep data safe and improve the security of their applications.

  16. Comment: Open source can also be highly secure

    Blended technology using open source and proprietary software gives the best of both worlds – cost effective and fit for purpose. Marc Hocking, CTO of Becrypt, explains

  17. Comment: Time to Change the Security Game

    Hackers today assume they’re winning, especially because the security industry is seemingly stuck on the ‘security insanity cycle’. Invincea’s Anup Ghosh offers insight into why the ‘cycle’ approach is simply not working when it comes to enhancing security and, unless security professionals change the way they think about it, they will be ‘winning’ a losing game

  18. Comment: The Lifecycle of a Firewall Rule

    Reuven Harrison, CTO of Tufin Technologies, offers some insightful hints and tips on how to go about getting your firewall rules in order to improve their performance, security and manageability.

  19. Comment: Balancing security and productivity needn’t be all or nothing

    Managing difficult exchanges between security and productivity when designing effective password policies is a major challenge for many IT decision makers. Security is time consuming and complicated, which almost always means extra work for someone. BeyondTrust’s Geoff Haggart looks at the question: is reduced security risk worth the extra work?

  20. Comment: Night Dragon will not be defeated $44.99 at a time

    In IT security, deceptive marketing can sometimes create confusion. Marc Maiffret of eEye Digital Security says that, in order to decipher the true from the false, end users must have clear understanding of what threats mean and how they can be defended against

Why not watch?

  1. Alert Fatigue: What Are You and Your Security Teams Missing?

  2. Navigating Exposures in Energy ICS Environments

  3. Identifying Concentration Risk and Securing the Supply Chain

  4. Mastering Australian Privacy Act and Essential Eight While Improving Cybersecurity Posture

What’s hot on Infosecurity Magazine?