Infosecurity Opinions
Fighting on Today's Front Lines
The overall impression is that data breaches are the result of enemy nation states, hacktivists, organized crime, and other evil forces,
Believe It: Cybersecurity is Getting Better, Not Worse
We’ve become beholden to our own fear, uncertainty, doubt – which basically says that cybersecurity has never been worse.
To Mitigate Phishing Risk, Let Employees 'Fail Forward'
Learning from mistakes is vital to a strong anti-phishing program.
'Zero Trust' Security Will Make A Comeback in 2018
Zero trust controls will allow careful scrutiny of how to raise cybersecurity defenses.
Is Your Social Media Strategy More Of A Cybersecurity Faux Pas?
You can’t stop staff members using social media, but you can effectively train and continuously educate them about the hazards.
Is The NCSC Doing Enough to Protect us from Today's Cyber Threats?
How successful has the NCSC been to date? What else can be done to safeguard the UK against a relentless cybersecurity onslaught?
The Most Important Part of Least Privilege Tactics
If a cyber-criminal manages to get their hands on an employee’s legitimate but limited login credentials, their ability to do any damage is greatly reduced.
The Case of Disappearing Vulnerabilities
While the practice of identifying vulnerabilities is basically sound, the SaaS vendor cannot rely on public databases of vulnerabilities.
Solving the Human Problem: A Progressive Security Strategy to Phishing
A realistic anti-phishing goal is not to focus on a click-through rate but to track the rate at which employees report phishing emails to their IT or security teams.
ICOs: No Credibility Without Better Security
Without good protection, ICOs will continue to reside on the sidelines. With solid security, they could become a major player.
Inactive Accounts: The Key to Your Company's Sensitive Data
Most organizations focus on protecting current users, but ghost users are a huge and often overlooked threat.
People Do What You Inspect, Not What You Expect
How can companies solve problems related to configuration and patching more effectively?
Are UK Companies Better Prepared than US Counterparts for GDPR?
Among both UK and US privacy professionals, more than 60% of respondents have not begun their GDPR implementation.
Why Phishing Alone is Not Enough Awareness Training
Phishing simulations have become synonymous with security awareness training, they’re not.
The Problem with Cybersecurity Regulations
As cyber-insecurity grows, calls are increasing for someone to do something. But what?
Will Secure Authentication Remove the Need for Credentials?
What if users were to abandon the use of usernames/passwords all together for authentication and migrate to alternative forms of authentication?
Guest Editor: Empathy as a Service
Why aren’t themes of approachability and user experience central to Information Security?
Staying Safe While Accessing Online Banking
Even though banking trojans have been around for a decade, most banks still lack the tools that would give them the correct level of insight into the frequency and scale of such intrusions.
Guest Editor: The Rise of the Internet of Everything
Like any other technology, that enormous and growing area known as the Internet of Everything (IoE) did not spring into existence from out of a vacuum
How SMBs Can Leverage Managed Solutions to Overcome Budget and Talent Constraints
Anything that threatens SMBs threatens the global economy.