CISOs are often the first victim following a major security breach. Given the prevalence of such breaches, the average tenure of a CISO is now just 18 months; and this is likely to worsen if corporate security doesn’t improve.

Infosecurity Europe has released basic figures on last month’s eighteenth annual exhibition and conference: pre-ABC audit figures show a 6% increase in visitors over 2012 to 13,200, with more than 70 new exhibitors.

The latest Global Information Security Workforce Study (GISWS) shows that application vulnerabilities continue to be the biggest concern for security professionals, with 69% of participants indicating it is the number one security threat.

At the Security Development Conference in San Francisco, Howard Schmidt, executive director, SAFECode, announced that the non-for-profit organization is tackling software development and engineering security with a set of free online training courses, available via on-demand webcasts and covering a range of issues, from preventing SQL injection to avoiding cross-site request forgery.

As many as 58.2 million American adults had at least one malware infection that affected their home PCs’ features or performance in the past year – a fact that collectively cost nearly $4 billion for repairs.

By Mark O’Neill Most people have used the Facebook, Twitter, or Google Apps buttons located on websites to log into third-party services. This approach is useful within consumer IT as it enable...

This afternoon, I met the CEO (and co-founder) of Semafone, Tim Critchley. When the invitation to interview him landed in my inbox, I was all set to turn it down. As Critchley himself admits, call cen...

Shortly before the chaos of Infosecurity Europe, I joined David Emm, senior security researcher at Kaspersky Lab, for lunch in a lovely quiet gastro pub in the Oxfordshire countryside. Whilst I frequ...

Last week we published accompanying editorials from our most recent print edition that asked a rather simple question: Should information security professionals be licensed to practice? Arguing in fa...

Comment: Exposing the Myths of Access Rights Management Managing access rights is time-consuming and often considered a mundane task. Nevertheless, making sure only the right people can access company data is a business-critical function. Christian Zander of protected-networks.com addresses a number of ‘myths’ he has encountered when discussing this issue with senior IT management across Europe.

Interview: Dorothy Denning In her heart a true academic, Drew Amorosi tracks down Dorothy Denning – renowned information security researcher and trainer of today’s cyber warriors

Alan Boardman says it’s time to license information security professionals and join the ranks of other esteemed professions

A licensing scheme for information security professionals would create more issues than it solves, according to Hord Tipton

Interview: Larry Ponemon Dr. Larry Ponemon is the chairman and founder of the Ponemon Institute, and one of the nicest people you may ever meet. Here’s what happened when Eleanor Dallaway met the King of Privacy himself…

In Cyberspace, No One Can Hear You Scream Royal Holloway’s Geraint Price and Keith Martin call for innovative approaches to securing cyberspace that go beyond the current practitioners’ toolkit

The Politics of Cybersecurity President Obama takes the law into his own hands by signing a recent executive order on cybersecurity for critical infrastructure. Drew Amorosi examines the implications

Comment: Which CISO Will Lead your Organization to Success? Choosing the right talent for one of the most challenging jobs in the cyber economy can be a tough job, but what kind of CISO should you be looking to recruit to lead your organization? Amar Singh provides his model CISO for your consideration

Comment: Malicious QR Codes Jeopardize Your Security Now that QR codes are in the mainstream, they are also fast becoming a favorite tool for attackers seeking new infection vectors. That is why education for the QR code end-user is imperative, says Tripwire’s Dwayne Melancon

Out In Front: Speed’s Role in Information Security Speed is critical to battles in the world of information security. Sarb Sembhi explores how security professionals can claim back some lost ground