New research into eight critical security threats on mobile devices found the majority of small to medium enterprises (SMEs) are either unaware of or defenseless against the threats posed to their networks by mobile devices and BYOD.

Most corporate security incidents are uncovered by a third party, like a security firm, that picks up on evidence of nefarious activity being carried out by infected machines. However, many of the victim organizations don’t have processes in place to react quickly when they’re notified of an incident. And some are simply not discharging their corporate duty, argues one security firm.

Password strength meters that offer web surfers a visual gauge of how weak or strong a chosen lock may be are increasingly present on websites – but how effective are they at getting folks to choose stronger options? When it comes to locking down sensitive data, meters had an impact, suggesting that they act as important reminders for users about what’s at stake.

CISOs are often the first victim following a major security breach. Given the prevalence of such breaches, the average tenure of a CISO is now just 18 months; and this is likely to worsen if corporate security doesn’t improve.

Infosecurity Europe has released basic figures on last month’s eighteenth annual exhibition and conference: pre-ABC audit figures show a 6% increase in visitors over 2012 to 13,200, with more than 70 new exhibitors.

By David Baker With the growing movement of enterprises to the cloud, it’s more important than ever that service providers demonstrate and prove good security practices to their customers, in g...

When new technology introduces new legal questions, it can take a long time for courts to sort matters out, and cybersecurity is no exception to the rule. Cyberattacks that yielded major breaches of f...

By Mark O’Neill Most people have used the Facebook, Twitter, or Google Apps buttons located on websites to log into third-party services. This approach is useful within consumer IT as it enable...

This afternoon, I met the CEO (and co-founder) of Semafone, Tim Critchley. When the invitation to interview him landed in my inbox, I was all set to turn it down. As Critchley himself admits, call cen...

Comment: Cybersecurity and Reality – What’s in a Word? What does the word 'cyber' really mean? Gregor Campbell cracks open his dictionary to trace its transformation

Comment: Exposing the Myths of Access Rights Management Managing access rights is time-consuming and often considered a mundane task. Nevertheless, making sure only the right people can access company data is a business-critical function. Christian Zander of protected-networks.com addresses a number of ‘myths’ he has encountered when discussing this issue with senior IT management across Europe.

Interview: Dorothy Denning In her heart a true academic, Drew Amorosi tracks down Dorothy Denning – renowned information security researcher and trainer of today’s cyber warriors

Allan Boardman says it’s time to license information security professionals and join the ranks of other esteemed professions

A licensing scheme for information security professionals would create more issues than it solves, according to Hord Tipton

Interview: Larry Ponemon Dr. Larry Ponemon is the chairman and founder of the Ponemon Institute, and one of the nicest people you may ever meet. Here’s what happened when Eleanor Dallaway met the King of Privacy himself…

In Cyberspace, No One Can Hear You Scream Royal Holloway’s Geraint Price and Keith Martin call for innovative approaches to securing cyberspace that go beyond the current practitioners’ toolkit

The Politics of Cybersecurity President Obama takes the law into his own hands by signing a recent executive order on cybersecurity for critical infrastructure. Drew Amorosi examines the implications

Comment: Which CISO Will Lead your Organization to Success? Choosing the right talent for one of the most challenging jobs in the cyber economy can be a tough job, but what kind of CISO should you be looking to recruit to lead your organization? Amar Singh provides his model CISO for your consideration

Comment: Malicious QR Codes Jeopardize Your Security Now that QR codes are in the mainstream, they are also fast becoming a favorite tool for attackers seeking new infection vectors. That is why education for the QR code end-user is imperative, says Tripwire’s Dwayne Melancon