Infosecurity Opinions
Why Life Under GDPR will Encourage Technology Innovation
The GDPR is the first step as data protection evolves from compliance to accountability – creating opportunities to develop new services as well as to improve public perceptions.
Do It Yourself? Could be a Painful Experience
A decision to buy will always be affected by whether or not you trust a vendor.
Security at the Speed of Business
Bringing security professionals into the business conversation as early as possible will allow them to lay out a plan where the business can grow but also be secure,
Batten Down the Hatches against Crypto-Mining Pirates
Cryptocurrency pirates are happy to steal computational power to do it, and they don’t care who they hurt in the process.
We’re Losing the Race to Patch Known Security Flaws: Will GDPR Help?
Virtual Patching is emerging as a solution to the problem of too many unapplied software fixes.
How Much do Passwords Cost your Business?
The cost of supporting password systems, including staffing and infrastructure, can be significant for today’s digital businesses
DMARC Will Not Make Email Secure
DMARC will make little, if any, difference in improving email security respecting phishing because DMARC inadequately addresses both the technical proficiency of dedicated threat actors and their tools of psychological manipulation.
Somebody Else's Security: Rethinking Cloud FUD
The list of enterprise IT organizations who had their private data publicly exposed in 2017 because of misconfigured AWS S3 buckets is long.
Effectively Managing Mistrust for Optimal Cybersecurity
It’s vital that businesses work together to share information to stay one step ahead of the ever-evolving threat landscape.
Undermining Crypto-Threats
Cryptomining has the potential to be as big a threat a ransomware, and it is harder for law enforcement to track the perpetrators.
Establishing Trust in a World without Boundaries
This brave new world has new security challenges, necessitating a new strategy based on a perimeter-less, “zero-trust” approach.
Protecting Privileged Identities: Why IAM starts with PAM
Like any good security measure designed to protect critical information assets, managing and protecting privileged accounts requires both a plan and an ongoing program
Bouncing Back from Cyber Attack
Knowing where to get started a cyber-attack specific disaster recovery plan is always half the battle..
Zero Trust: Method or Madness?
Zero Trust is a method of security where the central premise is ridiculously simple: trust no one.
The Role of Automated Asset Management in Industrial Cybersecurity
Without an up-to-date and accurate inventory of ICS assets, including the automation controllers responsible for managing physical processes, it is virtually impossible to assess risk and apply effective defenses.
NIS Directive Is a Good Start for Railway Cybersecurity - But It's Not Enough
Although the NIS Directive represents an essential step towards securing critical infrastructure, its shortcomings are palpable with regard to the rail industry.
Go Overseas to Solve the US Infosecurity Talent Crunch
We need to create international security teams, not just those ones who are siloed by countries or individual companies.
Protecting your Network Against Ever-Changing Cyber-Attacks
In the age of IoT and cloud, it’s getting worse for these traditional defenses.
What Lies Beneath - Avoiding the Unseen Dangers of OT Vulnerabilities
Attacks on OT systems are rapidly escalating, yet many industrial organizations continue to focus cybersecurity efforts on IT-centric, rather than production-centric, endpoints.
