With many organizations rushing to formulate their own advanced persistent threat (APT) prevention plans, recent data show that a lack of attention to systematically managing cryptographic keys and certificates is still leaving the attack door wide open.

In a tweet yesterday and accompanying blog, Twitter announced that it has joined other large cloud companies in offering two-factor authentication.

Since its launch in October 2012, 5,700 people have used the Microsoft Cloud Security Readiness Tool (CSRT). The tool asks 27 questions regarding the current state of an organisation’s security posture and cloud readiness. The results have been anonymised and analysed, and the overarching conclusion is that most organisations are relatively immature across almost all control areas represented by the CSRT.

Barracuda Networks, eyeing Google’s move to unify storage across its products, has increased the amount of free cloud storage for its own Copy online file syncing users, from 5GB to 15GB.

Infosecurity Europe has released basic figures on last month’s eighteenth annual exhibition and conference: pre-ABC audit figures show a 6% increase in visitors over 2012 to 13,200, with more than 70 new exhibitors.

  “Won't somebody please think of the children?” seems to be Russia's refrain when it comes to their recent inception of internet censorship laws. It appears that Russian...

By David Baker With the growing movement of enterprises to the cloud, it’s more important than ever that service providers demonstrate and prove good security practices to their customers, in g...

When new technology introduces new legal questions, it can take a long time for courts to sort matters out, and cybersecurity is no exception to the rule. Cyberattacks that yielded major breaches of f...

By Mark O’Neill Most people have used the Facebook, Twitter, or Google Apps buttons located on websites to log into third-party services. This approach is useful within consumer IT as it enable...

Comment: Cybersecurity and Reality – What’s in a Word? What does the word 'cyber' really mean? Gregor Campbell cracks open his dictionary to trace its transformation

An Inside Look at AT&T’s Operations Center, and its Security Strategy One of the largest network services providers in the US invited Infosecurity to its Global Network Operations Center in Bedminster, New Jersey, and then explained why it is poised for success within the IT security market.

Interview: Dorothy Denning In her heart a true academic, Drew Amorosi tracks down Dorothy Denning – renowned information security researcher and trainer of today’s cyber warriors

Allan Boardman says it’s time to license information security professionals and join the ranks of other esteemed professions

A licensing scheme for information security professionals would create more issues than it solves, according to Hord Tipton

Interview: Larry Ponemon Dr. Larry Ponemon is the chairman and founder of the Ponemon Institute, and one of the nicest people you may ever meet. Here’s what happened when Eleanor Dallaway met the King of Privacy himself…

In Cyberspace, No One Can Hear You Scream Royal Holloway’s Geraint Price and Keith Martin call for innovative approaches to securing cyberspace that go beyond the current practitioners’ toolkit

Comment: Making the Journey from BYOD to BYOPC Is the laptop evolving into a tablet, or is the tablet evolving into a PC? As the device landscape blurs, Yorgen Edholm of Accellion urges enterprises to face the new challenges of how content is secured, synchronized and shared on the new generation of mobile devices

Comment: Which CISO Will Lead your Organization to Success? Choosing the right talent for one of the most challenging jobs in the cyber economy can be a tough job, but what kind of CISO should you be looking to recruit to lead your organization? Amar Singh provides his model CISO for your consideration

Comment: How to Fight Back against Cybercriminals Jason Hart of SafeNet discusses the ‘secure breach’ concept based on a data-centric security approach, and how this philosophy can be implemented to protect data in the face of hacker exploits