Infosecurity Opinions
Is Compliance-Only Vaccination Enough?
Organizations who have adopted security measures - not just for auditor’s consent but genuinely for their businesses - will find themselves victorious.
Cyber Attack Trends: Detection, Response, and Cure
Being able to detect attacks is only a small fraction of the process, organizations must also be suitably prepared to defend themselves from potential attacks and respond effectively if an incident occurs.
Threat Hunting: The What, Why and Who?
Threat hunting focuses on identifying perpetrators who are already within the organization's systems and networks, and who have the three characteristics of a threat.
The Developers' Skills Gap for Secure DevOps
Businesses embrace DevOps to feed their need for speed, binding the previous separate developer and operations teams.
The Ins and Outs of GDPR
GDPR will require companies to take truly effective steps to safeguard the data with which their customers have entrusted them.
Why The New NIST Guidelines Are Not Enough
Instead of bending guidelines to succumb to user behavior, the industry should be working to create better and more secure technology that is also easier for consumers to use.
Patching Problems, but is Runtime an Attractive Solution
Moving security controls from outside of the application to inside the runtime will allow visibility.
Prevention is no Longer the Best Medicine - Recovery is Key
There are ways to avoid nasty cyber scenarios — if you know what to look for.
Government Efforts to Weaken Privacy are Bad for Business and National Security
Relaxed security standards will lead to a decrease in demand for American-made products.
Nothing as Safe as Houses From Spear-Phishers
Why spear-phishers are now targeting wannabe homeowners.
Using Business Impact Analysis to Address Network Security Risks
How organizations can apply the business impact analysis methodology to remediate risk within the network security infrastructure - and ensure security is business driven
Securing the Data Center on Wheels
We are rapidly approaching a point in which the automobile will be built around the software, as opposed to the other way around.
Phishing Prevention Begins with Education
The most effective way to prevent this is to educate people about what to look for and avoid, which means understanding why they fall for phishing messages in the first place
Reducing Time Spent Reacting to Emergencies
About one-third of the time of IT operations is spent dealing with emergencies.
Using Machines to Understand When Normal isn't Normal
Is AI a means to make the incident responder’s job a lot easier?
The Password Takes its Last Breath
Behavioral biometrics activities cannot be hacked or duplicated, as no one can imitate exactly how another person uses their phone.
Why Cyber Attacks are Not as Scary as they Sound
The truth is that there are already excellent processes and diligent professionals that have kept us safe, and will continue working to keep us safe.
The Silent Risk: The Risk of File-Less Cyber Attacks
Silent attacks which make it past the gateway and pose the greatest risk to an organization?
Are Data Brokers Actually Secure?
If data brokers are going to amass ever-greater collections of user data, it would make sense that this user data is protected adequately.
HTTPS for the Masses, and Attackers
10% of all phishing links are now hosted on such “secure” sites, but takedowns require the
