Improve your internet privacy, with or without help from the government

Improve your internet privacy, with or without help from the government

President Trump, as part of his plan to roll back regulations put in place by President Obama, just signed legislation, passed by Congress, eliminating the prohibition against ISPs selling customer data without their written consent....

04/13/17

Insiders -- the invisible threat lurking in your office

Insiders -- the invisible threat lurking in your office

With all of the focus in the business world recently related to hackers, we have tended to overlook a group of potential bad actors who have already penetrated our perimeter security, and have access to our facilities – our employees...

03/31/17

Phishing: Draining the corporate bottom line

Phishing: Draining the corporate bottom line

Many don't realize the drain phishing attacks place on the information technology team, particularly the information security organization. Their efforts to contain phishing can leave a major dent in the corporate bottom line.

03/10/17

7 tips to turn threat data into true threat intelligence

7 tips to turn threat data into true threat intelligence

Threat intelligence can be your best friend or your worst enemy. Here are some tips to make sure you are making the most of it.

02/16/17

These are the threats that keep me awake at night

These are the threats that keep me awake at night

We have fortunately reached the date on the calendar when the myriad of articles predicting hot information security issues for 2017 have begun to wind down. I say fortunately, because I personally have never found much use for them....

02/02/17

Cybersecurity standards and guidelines -- are you just checking the boxes?

Cybersecurity standards and guidelines -- are you just checking the boxes?

While it is important for any organization to adopt a cybersecurity standard, just checking all of the boxes on one will not make you secure.

01/12/17

Is antivirus software dead at last?

Is antivirus software dead at last?

The debate about whether antivirus software is still useful has been going on for a few years now. This technology was once the mainstay of the security efforts for most businesses and home users. The challenge of late is the ability...

12/06/16

The risk of data theft -- here, there and everywhere

The risk of data theft -- here, there and everywhere

Today, the challenge of protecting sensitive data has increased exponentially, due to the fact that data has been leaking into the cloud, and individual PCs and mobile devices. This is how to address the challenges of this data...

11/14/16

Are we drowning in a sea of negative security press?

Are we drowning in a sea of negative security press?

It would seem from news accounts that the increase in the number of new vulnerabilities in devices, software and systems is escalating out of control. While the crisis is real, it has been blown a bit out of proportion by the consumer...

11/04/16

Product security: Not just bells and whistles

Product security: Not just bells and whistles

The announcement this past week about the vulnerability in an insulin pump made by Johnson & Johnson was just one more of an ongoing series of vulnerabilities found in medical and other products. It seems that a common element...

10/19/16

Are you encouraging your employees to take security risks?

Are you encouraging your employees to take security risks?

We impose a growing burden of security rules on employees, while insisting that their productivity at least remain constant. In so doing, we may be encouraging them to put their organizations at risk.

10/05/16

The changing data protection paradigm

The changing data protection paradigm

In just a few years, the industry has experienced a data paradigm shift. Most organizations now must deal with massive amounts of incoming data, in various forms, ranging from structured information in the form of databases and lists...

09/22/16

The danger of unmanaged security service providers

The danger of unmanaged security service providers

The job of keeping networks safe from attack is growing more complex by the day. At the same time, demand for trained and experienced information security analysts is exceeding the supply. This combination of factors is leading to an...

09/06/16

Third-party vendors -- your weakest link?

Third-party vendors -- your weakest link?

Third parties continue to pose an unmanaged risk for many businesses, and they continue to be exposed to hacking and regulatory fines as a result. Learn why third party risk must be properly managed, and discover tips and suggestions...

08/23/16

Information security ignorance is not a defense

Information security ignorance is not a defense

Despite increasing awareness about the importance of information security, underscored by the fear of ransomware attacks, many in the small and medium business world are unprepared for an attack.

08/11/16

So, you bought good security tools. Now what?

So, you bought good security tools. Now what?

The pace of growth in the availability of information security tools in the last five years has been nothing short of astounding, but many organizations get very little for their money. Here are the steps necessary to make these...

07/12/16

The devil is in the details: The importance of tight processes to strong information security

The devil is in the details: The importance of tight processes to strong information security

Have you ever pulled a policy or procedure down from the internet, changed a few things and called it your own? If not, you are probably one of a small minority. Since such documents are the basis of processes that make your operation...

06/28/16

How to build a thriving information security function despite the talent shortage

How to build a thriving information security function despite the talent shortage

It seems that the industry has reached a nearly unanimous conclusion about a key essential for tight information security -- people. This is causing a challenging talent shortage, which is affecting the ability of companies to build...

06/09/16

Are you buried under your security data?

Are you buried under your security data?

I will confess upfront that I am skeptical about the whole idea of threat intelligence sharing. Companies may decline to share such information because they fear the loss of competitive advantage, or because they don't have the time...

05/25/16

Three reasons you should care about technology asset management

Three reasons you should care about technology asset management

After the recent discovery that a restaurant i frequented was processing my credit card on WIndows XP, I was reminded of the importance of technology asset management, for both hardware and software. It seems that many organizations...

05/10/16

Load More