http://www.infosecurity-magazine.com/ Copyright Elsevier Ltd Intuitiv Ltd (www.intuitiv.net) Sat, 25 May 2013 14:53:06 GMT http://www.infosecurity-magazine.com/ http://www.infosecurity-magazine.com/_common/img/template/infosec-uk/site-logo.gif http://www.infosecurity-magazine.com/view/32534/comment-cybersecurity-and-reality-whats-in-a-word/ What does the word 'cyber' really mean? Gregor Campbell cracks open his dictionary to trace its transformation Tue, 21 May 2013 15:21:00 GMT http://www.infosecurity-magazine.com/view/32534/comment-cybersecurity-and-reality-whats-in-a-word/ http://www.infosecurity-magazine.com/view/32464/an-inside-look-at-atts-operations-center-and-its-security-strategy/ One of the largest network services providers in the US invited Infosecurity to its Global Network Operations Center in Bedminster, New Jersey, and then explained why it is poised for success within the IT security market. Thu, 16 May 2013 16:34:00 GMT http://www.infosecurity-magazine.com/view/32464/an-inside-look-at-atts-operations-center-and-its-security-strategy/ http://www.infosecurity-magazine.com/view/32399/comment-rethinking-safety-in-the-modern-digital-world/ Eric D Knapp of Wurldtech contemplates what safety means in today’s digital environment Tue, 14 May 2013 16:48:00 GMT http://www.infosecurity-magazine.com/view/32399/comment-rethinking-safety-in-the-modern-digital-world/ http://www.infosecurity-magazine.com/view/32240/the-prognosis-for-medical-device-security/ Medical devices can be hacked – but how much of a danger is it? Danny Bradbury asks the experts Tue, 07 May 2013 10:00:00 GMT http://www.infosecurity-magazine.com/view/32240/the-prognosis-for-medical-device-security/ http://www.infosecurity-magazine.com/view/32191/comment-exposing-the-myths-of-access-rights-management/ Managing access rights is time-consuming and often considered a mundane task. Nevertheless, making sure only the right people can access company data is a business-critical function. Christian Zander of protected-networks.com addresses a number of ‘myths’ he has encountered when discussing this issue with senior IT management across Europe. Thu, 02 May 2013 11:00:00 GMT http://www.infosecurity-magazine.com/view/32191/comment-exposing-the-myths-of-access-rights-management/ http://www.infosecurity-magazine.com/view/32126/interview-dorothy-denning/ In her heart a true academic, Drew Amorosi tracks down Dorothy Denning – renowned information security researcher and trainer of today’s cyber warriors Tue, 30 Apr 2013 10:00:00 GMT http://www.infosecurity-magazine.com/view/32126/interview-dorothy-denning/ http://www.infosecurity-magazine.com/view/32041/an-argument-in-favor-of-licensing-information-security-professionals/ Allan Boardman says it’s time to license information security professionals and join the ranks of other esteemed professions Thu, 25 Apr 2013 10:00:00 GMT http://www.infosecurity-magazine.com/view/32041/an-argument-in-favor-of-licensing-information-security-professionals/ http://www.infosecurity-magazine.com/view/32042/an-argument-against-the-licensing-of-information-security-professionals/ A licensing scheme for information security professionals would create more issues than it solves, according to Hord Tipton Thu, 25 Apr 2013 10:00:00 GMT http://www.infosecurity-magazine.com/view/32042/an-argument-against-the-licensing-of-information-security-professionals/ http://www.infosecurity-magazine.com/view/31962/interview-hd-moore-chief-security-officer-at-rapid7-chief-architect-and-creator-of-metasploit/ HD Moore talks to Infosecurity Magazine about today’s IT security landscape and how his hobby, penetration testing solution Metasploit, attracted the attention of vulnerability management and penetration testing solutions provider Rapid7. Mon, 22 Apr 2013 16:46:00 GMT http://www.infosecurity-magazine.com/view/31962/interview-hd-moore-chief-security-officer-at-rapid7-chief-architect-and-creator-of-metasploit/ http://www.infosecurity-magazine.com/view/31954/comment-authentication-the-text-factor/ Lars Nielsen of SMS PASSCODE explains why multi-factor authentication is moving from traditional, token-based preset codes to real-time connected and mobile systems, and the provisioning and security benefits it offers Mon, 22 Apr 2013 15:00:00 GMT http://www.infosecurity-magazine.com/view/31954/comment-authentication-the-text-factor/ http://www.infosecurity-magazine.com/view/31913/interview-larry-ponemon/ Dr. Larry Ponemon is the chairman and founder of the Ponemon Institute, and one of the nicest people you may ever meet. Here’s what happened when Eleanor Dallaway met the King of Privacy himself… Mon, 22 Apr 2013 12:00:00 GMT http://www.infosecurity-magazine.com/view/31913/interview-larry-ponemon/ http://www.infosecurity-magazine.com/view/31912/in-cyberspace-no-one-can-hear-you-scream/ Royal Holloway’s Geraint Price and Keith Martin call for innovative approaches to securing cyberspace that go beyond the current practitioners’ toolkit Fri, 19 Apr 2013 11:00:00 GMT http://www.infosecurity-magazine.com/view/31912/in-cyberspace-no-one-can-hear-you-scream/ http://www.infosecurity-magazine.com/view/31908/comment-making-the-journey-from-byod-to-byopc/ Is the laptop evolving into a tablet, or is the tablet evolving into a PC? As the device landscape blurs, Yorgen Edholm of Accellion urges enterprises to face the new challenges of how content is secured, synchronized and shared on the new generation of mobile devices Thu, 18 Apr 2013 16:34:00 GMT http://www.infosecurity-magazine.com/view/31908/comment-making-the-journey-from-byod-to-byopc/ http://www.infosecurity-magazine.com/view/31895/the-politics-of-cybersecurity/ President Obama takes the law into his own hands by signing a recent executive order on cybersecurity for critical infrastructure. Drew Amorosi examines the implications Thu, 18 Apr 2013 13:00:00 GMT http://www.infosecurity-magazine.com/view/31895/the-politics-of-cybersecurity/ http://www.infosecurity-magazine.com/view/31887/comment-which-ciso-will-lead-your-organization-to-success/ Choosing the right talent for one of the most challenging jobs in the cyber economy can be a tough job, but what kind of CISO should you be looking to recruit to lead your organization? Amar Singh provides his model CISO for your consideration Wed, 17 Apr 2013 15:56:00 GMT http://www.infosecurity-magazine.com/view/31887/comment-which-ciso-will-lead-your-organization-to-success/ http://www.infosecurity-magazine.com/view/31831/stepping-up-the-banking-authentication-game/ How are banks and card issuers adapting their customer authentication methods to keep up with changes in technology? Ted Kritsonis investigates… Tue, 16 Apr 2013 09:00:00 GMT http://www.infosecurity-magazine.com/view/31831/stepping-up-the-banking-authentication-game/ http://www.infosecurity-magazine.com/view/31807/comment-how-to-fight-back-against-cybercriminals/ Jason Hart of SafeNet discusses the ‘secure breach’ concept based on a data-centric security approach, and how this philosophy can be implemented to protect data in the face of hacker exploits Fri, 12 Apr 2013 18:53:00 GMT http://www.infosecurity-magazine.com/view/31807/comment-how-to-fight-back-against-cybercriminals/ http://www.infosecurity-magazine.com/view/31782/an-overview-of-email-protection-systems-/ Alexander Zatsepin of Protection Technology Research provides a guide to email security technologies and discusses the features you should look for to suit your organization's needs Thu, 11 Apr 2013 12:00:00 GMT http://www.infosecurity-magazine.com/view/31782/an-overview-of-email-protection-systems-/ http://www.infosecurity-magazine.com/view/31687/comment-internal-restructuring-can-expose-security-risks/ Marc Lee of Courion explores the hidden risks that organizations face when making internal changes and significant job cuts, highlighting the importance of access risk management to prevent them Tue, 09 Apr 2013 11:00:00 GMT http://www.infosecurity-magazine.com/view/31687/comment-internal-restructuring-can-expose-security-risks/ http://www.infosecurity-magazine.com/view/31686/comment-malicious-qr-codes-jeopardize-your-security/ Now that QR codes are in the mainstream, they are also fast becoming a favorite tool for attackers seeking new infection vectors. That is why education for the QR code end-user is imperative, says Tripwire’s Dwayne Melancon Tue, 09 Apr 2013 09:00:00 GMT http://www.infosecurity-magazine.com/view/31686/comment-malicious-qr-codes-jeopardize-your-security/ http://www.infosecurity-magazine.com/view/31680/out-in-front-speeds-role-in-information-security/ Speed is critical to battles in the world of information security. Sarb Sembhi explores how security professionals can claim back some lost ground Mon, 08 Apr 2013 15:46:00 GMT http://www.infosecurity-magazine.com/view/31680/out-in-front-speeds-role-in-information-security/ http://www.infosecurity-magazine.com/view/31629/comment-why-hire-a-hacker/ Some organizations employ hackers to prevent criminals from hijacking their systems. But many are still afraid to hire a hacker and are not sure what ‘type’ of hacker they should recruit. AlienVault’s Dominique Karg looks at what kind of hacker an organization should employ and what their knowledge can offer in terms of increased security Thu, 04 Apr 2013 16:59:00 GMT http://www.infosecurity-magazine.com/view/31629/comment-why-hire-a-hacker/ http://www.infosecurity-magazine.com/view/31599/data-breach-battle-lines/ Employee negligence is often blamed for being the root of many information security incidents. Lauren Moraski finds that although these claims are not without merit, more often the enemy still lies outside the fortress walls Wed, 03 Apr 2013 17:17:00 GMT http://www.infosecurity-magazine.com/view/31599/data-breach-battle-lines/ http://www.infosecurity-magazine.com/view/31546/comment-a-tiered-approach-to-byod-fulfillment/ Enterprise mobility and BYOD policies present new IT challenges and security threats for managing endpoints, safeguarding network resources and protecting sensitive data. ForeScout’s Scott Gordon says there is no one-size-fits-all answer, so a layered security model can and should be applied Thu, 28 Mar 2013 19:00:00 GMT http://www.infosecurity-magazine.com/view/31546/comment-a-tiered-approach-to-byod-fulfillment/ http://www.infosecurity-magazine.com/view/31472/auditors-friend-or-foe/ Wendy M. Grossman examines the unique and oftentimes uncomfortable relationship between organizations and their auditors Tue, 26 Mar 2013 16:57:00 GMT http://www.infosecurity-magazine.com/view/31472/auditors-friend-or-foe/ http://www.infosecurity-magazine.com/view/31450/comment-employ-datacentric-security-to-tackle-the-insider-threat/ Watchful Software’s Charles Foley discusses how data-centric security approaches help keep sensitive information safe from security breaches Mon, 25 Mar 2013 18:19:00 GMT http://www.infosecurity-magazine.com/view/31450/comment-employ-datacentric-security-to-tackle-the-insider-threat/ http://www.infosecurity-magazine.com/view/31313/a-ceos-guide-to-information-security-compliance/ Does your chief executive need a crash course in information security compliance and risk management? Stephen Pritchard provides them with a brief primer Tue, 19 Mar 2013 10:00:00 GMT http://www.infosecurity-magazine.com/view/31313/a-ceos-guide-to-information-security-compliance/ http://www.infosecurity-magazine.com/view/31184/securitys-steering-force/ Is the information security industry driven by compliance, or security? Kevin Townsend seeks out the answer Tue, 12 Mar 2013 10:00:00 GMT http://www.infosecurity-magazine.com/view/31184/securitys-steering-force/ http://www.infosecurity-magazine.com/view/31182/comment-make-internal-and-external-threats-a-boardroom-priority/ Cyber-Ark’s Udi Mokady discusses the threats facing organizations today and considers whether internal or external attacks are a greater risk to modern business Mon, 11 Mar 2013 17:55:00 GMT http://www.infosecurity-magazine.com/view/31182/comment-make-internal-and-external-threats-a-boardroom-priority/ http://www.infosecurity-magazine.com/view/31092/hack-to-the-future/ Hacktivism has been around for at least 20 years. Danny Bradbury takes a peek inside the community and finds out how it is evolving Tue, 05 Mar 2013 18:38:00 GMT http://www.infosecurity-magazine.com/view/31092/hack-to-the-future/ http://www.infosecurity-magazine.com/view/30984/perimeter-security-in-memoriam/ Paul Simmonds submits his obituary for perimeter-based security strategies Wed, 27 Feb 2013 19:38:00 GMT http://www.infosecurity-magazine.com/view/30984/perimeter-security-in-memoriam/ http://www.infosecurity-magazine.com/view/30983/perimeter-security-evolved-not-dead/ Perimeter security strategies must adapt to today’s realities, but the concept itself is not entirely obsolete, says Scott Gordon Wed, 27 Feb 2013 19:20:00 GMT http://www.infosecurity-magazine.com/view/30983/perimeter-security-evolved-not-dead/ http://www.infosecurity-magazine.com/view/30930/interview-christopher-buse-ciso-state-of-minnesota/ Serving the public, and the people of Minnesota, has been a life-long passion for Christopher Buse. Drew Amorosi discovers why this CISO finds the challenge so rewarding… Tue, 26 Feb 2013 16:10:00 GMT http://www.infosecurity-magazine.com/view/30930/interview-christopher-buse-ciso-state-of-minnesota/ http://www.infosecurity-magazine.com/view/30864/comment-avoid-the-seven-deadly-sins-of-cloud-computing/ The benefits of cloud computing services are now well established; however, uncertainty still surrounds several of the inherent risks. The ISF’s Steve Durbin examines what organizations can do to realize the benefits of the cloud, while avoiding the information security bear-traps that exist Thu, 21 Feb 2013 17:28:00 GMT http://www.infosecurity-magazine.com/view/30864/comment-avoid-the-seven-deadly-sins-of-cloud-computing/ http://www.infosecurity-magazine.com/view/30852/the-dark-side-of-cryptography-kleptography-in-blackbox-implementations/ Hardware security modules (HSMs) and other black-box implementations aim to keep valuable cryptographic keys secure. However, these devices can be subverted to turn their cryptographic algorithms into subliminal channels that grant unwarranted access to presumably secured data, as the authors demonstrate. Wed, 20 Feb 2013 16:26:00 GMT http://www.infosecurity-magazine.com/view/30852/the-dark-side-of-cryptography-kleptography-in-blackbox-implementations/ http://www.infosecurity-magazine.com/view/30794/get-up-on-the-download-a-timeline-of-kim-dotcom-and-mega/ The start of 2013 witnessed the resurrection of besieged file sharing site MegaUpload. Drew Amorosi lays out a timeline of the service’s rebirth and the legal troubles of its embattled founder, Kim Dotcom Tue, 19 Feb 2013 10:00:00 GMT http://www.infosecurity-magazine.com/view/30794/get-up-on-the-download-a-timeline-of-kim-dotcom-and-mega/ http://www.infosecurity-magazine.com/view/30700/two-payment-worlds-collide/ Is there a crisis of convergence in the online and offline worlds of transactional security? Davey Winder investigates... Tue, 12 Feb 2013 16:18:00 GMT http://www.infosecurity-magazine.com/view/30700/two-payment-worlds-collide/ http://www.infosecurity-magazine.com/view/30676/comment-overcoming-a-year-of-vulnerability/ Mark Dunleavy of Informatica takes a look back at 2012, and explores why it’s being described as a year of vulnerability. We have seen data breaches galore over the past 12 months, so he offers guidance in how to make 2013 the year of data breach prevention Tue, 12 Feb 2013 10:00:00 GMT http://www.infosecurity-magazine.com/view/30676/comment-overcoming-a-year-of-vulnerability/ http://www.infosecurity-magazine.com/view/30657/privacy-your-best-case-for-security/ Jim Mortleman shows why doing the ‘right thing’ with respect to data privacy is more than a compliance necessity. It can help your organization save money while avoiding costly headlines Fri, 08 Feb 2013 15:00:00 GMT http://www.infosecurity-magazine.com/view/30657/privacy-your-best-case-for-security/ http://www.infosecurity-magazine.com/view/30595/comment-contactless-payments-retailers-must-learn-to-be-more-secure-in-2013/ Calum MacLeod of Venafi takes a closer look at near-field communications, which many retailers are planning to implement this year, and finds some potential pitfalls in their plans for contactless payments Wed, 06 Feb 2013 10:30:00 GMT http://www.infosecurity-magazine.com/view/30595/comment-contactless-payments-retailers-must-learn-to-be-more-secure-in-2013/ http://www.infosecurity-magazine.com/view/30594/the-insecurity-of-security-a-hacking-retrospective/ Take a stroll through recent history, as John Walker reviews the origins of hacking and how it arrived at where it is today Wed, 06 Feb 2013 10:00:00 GMT http://www.infosecurity-magazine.com/view/30594/the-insecurity-of-security-a-hacking-retrospective/ http://www.infosecurity-magazine.com/view/30418/intelligent-design-the-evolution-of-security-technology/ Information security threats are highly adaptive to environmental realities. Wendy M. Grossman examines whether the security industry’s technology is evolving as forward-thinking, or simply responding to today’s challenges Thu, 24 Jan 2013 15:53:00 GMT http://www.infosecurity-magazine.com/view/30418/intelligent-design-the-evolution-of-security-technology/ http://www.infosecurity-magazine.com/view/30325/a-risk-managementbased-look-at-the-infosec-skills-gap/ The (ISC)² US Government Advisory Board Executive Writers Bureau explores a broader perspective of the skills gap challenge and addresses why a wide range of knowledge and skill – from junior technical levels to senior management – is needed to adequately meet the demands Tue, 22 Jan 2013 10:30:00 GMT http://www.infosecurity-magazine.com/view/30325/a-risk-managementbased-look-at-the-infosec-skills-gap/ http://www.infosecurity-magazine.com/view/30324/comment-give-security-a-voice-in-the-boardroom/ Most organizations depend on IT, making them mortally vulnerable if security is breached. Phil Bindley of The Bunker believes that business consulting skills are the key to giving security a voice in the boardroom Mon, 21 Jan 2013 11:00:00 GMT http://www.infosecurity-magazine.com/view/30324/comment-give-security-a-voice-in-the-boardroom/ http://www.infosecurity-magazine.com/view/30212/the-changing-role-of-security-professionals/ John Pironti discusses the new skills that industry professionals must acquire to keep pace in an increasingly cloudy and mobile world Tue, 15 Jan 2013 10:30:00 GMT http://www.infosecurity-magazine.com/view/30212/the-changing-role-of-security-professionals/ http://www.infosecurity-magazine.com/view/30211/comment-audit-whats-going-on-in-your-it-infrastructureits-not-rocket-science/ Aidan Simister of NetWrix looks at what organizations need to audit, but too often don’t Tue, 15 Jan 2013 10:00:00 GMT http://www.infosecurity-magazine.com/view/30211/comment-audit-whats-going-on-in-your-it-infrastructureits-not-rocket-science/ http://www.infosecurity-magazine.com/view/30076/information-security-certifications-is-the-cissp-just-a-badge-or-is-it-more/ John Colley defends the merits of the CISSP exam and warns that it's not as easy as some think Mon, 07 Jan 2013 16:00:00 GMT http://www.infosecurity-magazine.com/view/30076/information-security-certifications-is-the-cissp-just-a-badge-or-is-it-more/ http://www.infosecurity-magazine.com/view/30075/information-security-certifications-badges-of-dishonor/ Gregor Campbell questions whether those who earn their CISSP are truly capable information security professionals, just by virtue of having passed an examination Mon, 07 Jan 2013 15:58:00 GMT http://www.infosecurity-magazine.com/view/30075/information-security-certifications-badges-of-dishonor/ http://www.infosecurity-magazine.com/view/30044/higher-learning-information-security-on-campus/ Danny Bradbury goes back to school and discovers that educational institutions face a unique set of security challenges Thu, 03 Jan 2013 15:28:00 GMT http://www.infosecurity-magazine.com/view/30044/higher-learning-information-security-on-campus/ http://www.infosecurity-magazine.com/view/30008/comment-diy-it-security-the-hard-and-wrong-ways/ Do-it-yourself security is typically a bad idea. Matt Harrigan of Critical Assets explains why Wed, 02 Jan 2013 14:27:00 GMT http://www.infosecurity-magazine.com/view/30008/comment-diy-it-security-the-hard-and-wrong-ways/ http://www.infosecurity-magazine.com/view/29958/interview-news-internationals-amar-singh/ Amar Singh, CISO at News International, met Eleanor Dallaway in Miami, Florida, and explained how to handle a data breach, how to win buy-in from the board, and why CISOs need more respect… Thu, 20 Dec 2012 15:56:00 GMT http://www.infosecurity-magazine.com/view/29958/interview-news-internationals-amar-singh/ http://www.infosecurity-magazine.com/view/29948/comment-why-justin-bieber-is-the-only-hope-left-for-information-security/ Dominique Karg from AlienVault gives his opinion on how Justin Bieber can help raise IT security awareness and influence people via his millions of ‘teenie’ followers Wed, 19 Dec 2012 16:42:00 GMT http://www.infosecurity-magazine.com/view/29948/comment-why-justin-bieber-is-the-only-hope-left-for-information-security/ http://www.infosecurity-magazine.com/view/29913/in-windows-we-trust/ Drew Amorosi calls in the experts to evaluate security features of Microsoft’s new Windows 8 operating system Wed, 19 Dec 2012 10:00:00 GMT http://www.infosecurity-magazine.com/view/29913/in-windows-we-trust/ http://www.infosecurity-magazine.com/view/29823/comment-cybersecurity-is-an-issue-now-what/ Recent cyber attacks have proven that hackers and terrorists are trolling for ways to disrupt national infrastructure. We all recognize the problem, yet no one can agree on a solution. Benga Erinle says time is running short for the US government to decide what role it will play to protect critical infrastructure Wed, 12 Dec 2012 17:50:00 GMT http://www.infosecurity-magazine.com/view/29823/comment-cybersecurity-is-an-issue-now-what/ http://www.infosecurity-magazine.com/view/29735/policing-the-internet-the-players-take-the-stage/ The (ISC)² US Government Advisory Board Executive Writers Bureau highlights the roles that various actors play in helping create a safer internet – and the opposition they encounter Fri, 07 Dec 2012 15:31:00 GMT http://www.infosecurity-magazine.com/view/29735/policing-the-internet-the-players-take-the-stage/ http://www.infosecurity-magazine.com/view/29709/comment-ensure-you-can-trust-your-cloud-provider/ Can an organization trust an IT service provided through the cloud? ISACA’s Mike Small says the answer can be found in the old Russian maxim, often quoted by US President Ronald Reagan: “trust but verify” Thu, 06 Dec 2012 15:13:00 GMT http://www.infosecurity-magazine.com/view/29709/comment-ensure-you-can-trust-your-cloud-provider/ http://www.infosecurity-magazine.com/view/29700/finding-safety-in-the-cloud/ Are you lost in a sea of cloud computing possibilities? Ted Kritsonis helps organizations navigate risks along the journey Wed, 05 Dec 2012 16:37:00 GMT http://www.infosecurity-magazine.com/view/29700/finding-safety-in-the-cloud/ http://www.infosecurity-magazine.com/view/29612/comment-mobile-devices-get-means-for-tamperevident-forensic-auditing/ Providing early evidence of tampering can shorten investigation times for breaches and audits, says Michelle Drolet of Towerwall Fri, 30 Nov 2012 19:15:00 GMT http://www.infosecurity-magazine.com/view/29612/comment-mobile-devices-get-means-for-tamperevident-forensic-auditing/ http://www.infosecurity-magazine.com/view/29589/its-raining-apps/ The deluge of apps at end-users’ disposal grows larger each day. Stephen Pritchard provides cover for organizations looking to address software vulnerabilities as the cloud and mobile take over Thu, 29 Nov 2012 17:00:00 GMT http://www.infosecurity-magazine.com/view/29589/its-raining-apps/ http://www.infosecurity-magazine.com/view/29391/how-secure-are-contactless-payments/ Does wireless necessarily equate to insecure in the world of payment transactions? Davey Winder examines the fears, and the realities Tue, 20 Nov 2012 10:30:00 GMT http://www.infosecurity-magazine.com/view/29391/how-secure-are-contactless-payments/ http://www.infosecurity-magazine.com/view/29390/comment-is-your-office-printer-secure/ The once ‘humble’ office printer has developed into a networked communication hub with an inherent security risk if not managed correctly. Quentyn Taylor of Canon Europe discusses the importance of a comprehensive, overall security policy to minimize print security risks Tue, 20 Nov 2012 10:00:00 GMT http://www.infosecurity-magazine.com/view/29390/comment-is-your-office-printer-secure/ http://www.infosecurity-magazine.com/view/29389/a-sick-patient-data-security-in-the-healthcare-sector/ The privacy and security of healthcare data needs some serious work, says Danny Bradbury. How did we get into this mess, and how can we get out of it? Mon, 19 Nov 2012 10:00:00 GMT http://www.infosecurity-magazine.com/view/29389/a-sick-patient-data-security-in-the-healthcare-sector/ http://www.infosecurity-magazine.com/view/29356/comment-securing-data-from-the-threat-of-sql-injection/ As the value of an organization’s data continues to grow, Slavik Markovich at McAfee discusses what they can do to protect their IT systems and the information they hold Thu, 15 Nov 2012 15:00:00 GMT http://www.infosecurity-magazine.com/view/29356/comment-securing-data-from-the-threat-of-sql-injection/ http://www.infosecurity-magazine.com/view/29286/responding-to-a-data-breach/ So, you’ve already figured out that your organization is the victim of a data breach. Conrad Constantine explains what your next steps should be Tue, 13 Nov 2012 10:00:00 GMT http://www.infosecurity-magazine.com/view/29286/responding-to-a-data-breach/ http://www.infosecurity-magazine.com/view/29192/comment-mobile-device-security-whats-coming-next/ James Lyne from Sophos believes that the mobile device revolution is quite possibly the most significant change in computing since the shift from the mainframe more than 20 years ago Wed, 07 Nov 2012 10:00:00 GMT http://www.infosecurity-magazine.com/view/29192/comment-mobile-device-security-whats-coming-next/ http://www.infosecurity-magazine.com/view/29160/data-breach-scoreboard/ Infosecurity compiles history’s top data breaches, while surveying the mandatory reporting landscape in the US and Western Europe Tue, 06 Nov 2012 10:00:00 GMT http://www.infosecurity-magazine.com/view/29160/data-breach-scoreboard/ http://www.infosecurity-magazine.com/view/29071/comment-keeping-vpns-clean-in-the-era-of-global-mobile-anarchy-/ IT managers need to avoid mobile anarchy while providing reliable, secure mobile access. It’s proving a challenge to strike the right balance without affecting performance and upsetting the workforce, observes Dell SonicWALL’s Andrew Walker-Brown Wed, 31 Oct 2012 09:00:00 GMT http://www.infosecurity-magazine.com/view/29071/comment-keeping-vpns-clean-in-the-era-of-global-mobile-anarchy-/ http://www.infosecurity-magazine.com/view/28904/governments-role-in-information-security-involvement-global-priority/ Hord Tipton believes government has a significant role in developing and enforcing information security standards Wed, 24 Oct 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/28904/governments-role-in-information-security-involvement-global-priority/ http://www.infosecurity-magazine.com/view/28905/governments-role-in-information-security-leave-it-to-the-experts/ Daniel R Walsh says those already tasked with protecting our information society are in the best position to create and implement any standards Wed, 24 Oct 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/28905/governments-role-in-information-security-leave-it-to-the-experts/ http://www.infosecurity-magazine.com/view/28903/comment-file-sharing-opens-the-box-of-information-security/ Sharing may be part of internet culture, but it does not sit well with data governance. David Reed of the Data Governance Forum argues that business executives need to be reminded of the rules Tue, 23 Oct 2012 10:00:00 GMT http://www.infosecurity-magazine.com/view/28903/comment-file-sharing-opens-the-box-of-information-security/ http://www.infosecurity-magazine.com/view/28902/data-breach-insurance-underwriting-your-liabilities/ As high-profile data loss incidents become commonplace, Wendy M. Grossman examines the nascent field of data breach insurance aiming to hedge against the risks Mon, 22 Oct 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/28902/data-breach-insurance-underwriting-your-liabilities/ http://www.infosecurity-magazine.com/view/28901/comment-may-the-enforcement-be-with-you-security-lessons-from-star-wars/ From applying security policies to DLP and effective user authentication, there are many infosecurity lessons to be learned from the classic space opera. Terry Greer-King of Check Point shows how companies can avoid the Empire’s mistakes Fri, 19 Oct 2012 17:00:00 GMT http://www.infosecurity-magazine.com/view/28901/comment-may-the-enforcement-be-with-you-security-lessons-from-star-wars/ http://www.infosecurity-magazine.com/view/28777/interview-paul-judge-of-barracuda-networks/ Paul Judge is a contradiction. Juxtaposing the words geek and cool, and the words laid-back and workaholic, seemingly creates an unlikely, inaccurate personality, but having spent a decent amount of time with Mr Judge, Eleanor Dallaway is confident and committed to these adjectives Mon, 15 Oct 2012 12:00:00 GMT http://www.infosecurity-magazine.com/view/28777/interview-paul-judge-of-barracuda-networks/ http://www.infosecurity-magazine.com/view/28774/comment-tackling-the-geolocation-cookie-imperative/ ISACA’s Ramsés Gallego discusses the new EU cookie legislation and the effect it will have on companies that provide location-based services Mon, 15 Oct 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/28774/comment-tackling-the-geolocation-cookie-imperative/ http://www.infosecurity-magazine.com/view/28657/the-cloud-gives-takes-away-and-gives-back-again/ How far would someone go to take over another person’s Twitter account? Drew Amorosi finds out that in the case of Mat Honan, senior writer for Wired, it appears to be great lengths Mon, 08 Oct 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/28657/the-cloud-gives-takes-away-and-gives-back-again/ http://www.infosecurity-magazine.com/view/28630/comprehensive-cybersecurity-securing-the-human-operating-system/ In honor of National Cybersecuirty Awareness month in the US, Eric Cole of the SANS Institute highlights the role of people in any comprehensive security program Thu, 04 Oct 2012 15:56:00 GMT http://www.infosecurity-magazine.com/view/28630/comprehensive-cybersecurity-securing-the-human-operating-system/ http://www.infosecurity-magazine.com/view/28542/scada-security-inertia/ It’s no secret that SCADA systems are vulnerable to compromise, and the tools to mitigate many of the vulnerabilities are within reach. Yet, as Fred Donovan discovers, the vendors that supply these systems are often slow to react to the security issues Tue, 02 Oct 2012 10:00:00 GMT http://www.infosecurity-magazine.com/view/28542/scada-security-inertia/ http://www.infosecurity-magazine.com/view/28541/comment-public-sector-security-time-to-step-into-the-breach/ Adam Evans of NetIQ looks at how public sector organizations can make sure that private data remains private Mon, 01 Oct 2012 17:41:00 GMT http://www.infosecurity-magazine.com/view/28541/comment-public-sector-security-time-to-step-into-the-breach/ http://www.infosecurity-magazine.com/view/28491/application-forecast-partly-cloudy/ With the market for cloud-based applications exploding, Stephen Pritchard tells security professionals what they need to know about software-as-a-service Thu, 27 Sep 2012 18:47:00 GMT http://www.infosecurity-magazine.com/view/28491/application-forecast-partly-cloudy/ http://www.infosecurity-magazine.com/view/28385/comment-enterprise-log-managers-an-unsexy-but-vital-tool/ Representatives from ISACA and CA Technologies look at why enterprise log managers are an essential element of IT security that can also provide value through non-IT security use cases Fri, 21 Sep 2012 17:00:00 GMT http://www.infosecurity-magazine.com/view/28385/comment-enterprise-log-managers-an-unsexy-but-vital-tool/ http://www.infosecurity-magazine.com/view/28368/hard-soft-or-smart-evaluating-the-twofactor-authentication-options-/ Engineer and researcher Grant Le Brun evaluates the current landscape for two-factor authentication Thu, 20 Sep 2012 16:48:00 GMT http://www.infosecurity-magazine.com/view/28368/hard-soft-or-smart-evaluating-the-twofactor-authentication-options-/ http://www.infosecurity-magazine.com/view/28078/the-potential-weaknesses-in-a-virtualized-infrastructure/ IEEE’s Kevin Curran examines the weak points of virtualized infrastructures and the solutions everyone should consider Thu, 13 Sep 2012 12:00:00 GMT http://www.infosecurity-magazine.com/view/28078/the-potential-weaknesses-in-a-virtualized-infrastructure/ http://www.infosecurity-magazine.com/view/28077/comment-theres-much-to-learn-from-recent-data-security-breaches/ SafeNet’s Jason Hart looks at what the security industry has learned from last year’s data breaches and reiterates the importance of encrypting all data to ensure comprehensive protection against the latest security threats Wed, 12 Sep 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/28077/comment-theres-much-to-learn-from-recent-data-security-breaches/ http://www.infosecurity-magazine.com/view/28076/the-growing-movement-in-social-responsibility/ Julie Peeler, director of the (ISC)² Foundation, examines how the IT security community is prioritizing its contribution to society Tue, 11 Sep 2012 10:30:00 GMT http://www.infosecurity-magazine.com/view/28076/the-growing-movement-in-social-responsibility/ http://www.infosecurity-magazine.com/view/28075/comment-the-death-of-the-ciso-/ At a significant crossroads, the infosec profession must adapt to avoid failure says Mark Brown of Ernst & Young Mon, 10 Sep 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/28075/comment-the-death-of-the-ciso-/ http://www.infosecurity-magazine.com/view/28048/should-you-give-biometrics-a-break/ Biometric identification has been around for more than 100 years. Davey Winder investigates its relevance and feasibility for the IT security world today Fri, 07 Sep 2012 11:30:00 GMT http://www.infosecurity-magazine.com/view/28048/should-you-give-biometrics-a-break/ http://www.infosecurity-magazine.com/view/28046/comment-protecting-critical-network-systems-and-the-information-within/ Benga Erinle, president of 3eTI, discusses the shift in focus from securing physical facilities to warding off cyber attacks against critical infrastructures – and why our reliance on control systems makes us more vulnerable than ever to attack Thu, 06 Sep 2012 19:00:00 GMT http://www.infosecurity-magazine.com/view/28046/comment-protecting-critical-network-systems-and-the-information-within/ http://www.infosecurity-magazine.com/view/27933/pci-in-the-cloud-ready-willing-and-able/ Andrew Hay discusses what you can expect from the ‘PCI compliant’ cloud provider Tue, 04 Sep 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/27933/pci-in-the-cloud-ready-willing-and-able/ http://www.infosecurity-magazine.com/view/27877/token-debate-worthless-worthless-/ This sums up the opinion of ISACA’s Richard Hollis when it comes to the value of token-based authentication Thu, 30 Aug 2012 11:30:00 GMT http://www.infosecurity-magazine.com/view/27877/token-debate-worthless-worthless-/ http://www.infosecurity-magazine.com/view/27878/token-debate-battle-tested-industry-approved/ Their ability to remain nimble is why RSA’s Dan Schiappa believes tokens are the past, present, and future of two-factor authentication Thu, 30 Aug 2012 11:30:00 GMT http://www.infosecurity-magazine.com/view/27878/token-debate-battle-tested-industry-approved/ http://www.infosecurity-magazine.com/view/27828/comment-how-decentralized-encryption-can-impair-security/ To protect digital assets and meet regulatory requirements, many organizations secure sensitive data with point encryption solutions. Vormetric’s Ashvin Kamaraju explains the risks and challenges associated with decentralized encryption key management, and the role of interoperability standards in establishing a centralized key management infrastructure Tue, 28 Aug 2012 14:00:00 GMT http://www.infosecurity-magazine.com/view/27828/comment-how-decentralized-encryption-can-impair-security/ http://www.infosecurity-magazine.com/view/27798/the-strange-case-of-indian-censorship-in-oman/ Jean-Loup Richet explains how researchers in Canada have come across a new example of the “upstream filtering” phenomenon, in which internet content is blocked in one country due to censorship imposed by another Mon, 27 Aug 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/27798/the-strange-case-of-indian-censorship-in-oman/ http://www.infosecurity-magazine.com/view/27792/comment-effective-smart-grids-require-multiple-layers-of-security-from-the-outset/ Michelle Lewis, smart grid specialist at Symantec, explores the benefits and challenges of smart grids and outlines the strategies needed to secure and protect them Fri, 24 Aug 2012 15:19:00 GMT http://www.infosecurity-magazine.com/view/27792/comment-effective-smart-grids-require-multiple-layers-of-security-from-the-outset/ http://www.infosecurity-magazine.com/view/27696/looking-good-on-paper/ Take note when warned of digital data loss, says Danny Bradbury – but don’t forget to secure your paper-based documents. It may be harder than you think Tue, 21 Aug 2012 10:00:00 GMT http://www.infosecurity-magazine.com/view/27696/looking-good-on-paper/ http://www.infosecurity-magazine.com/view/27695/a-qa-with-ashar-aziz-founder-ceo-cto-fireeye-/ Whilst in the Silicon Valley in July 2012, Infosecurity editor Eleanor Dallaway met FireEye’s very intelligent and articulate founder and CEO, Ashar Aziz, at FireEye HQ. Mon, 20 Aug 2012 22:58:00 GMT http://www.infosecurity-magazine.com/view/27695/a-qa-with-ashar-aziz-founder-ceo-cto-fireeye-/ http://www.infosecurity-magazine.com/view/27668/interview-royal-holloways-fred-piper/ Often referred to as ‘the grandfather of information security’, this Professor needs no introduction. Here’s what happened when Eleanor Dallaway met Fred Piper… Fri, 17 Aug 2012 15:24:00 GMT http://www.infosecurity-magazine.com/view/27668/interview-royal-holloways-fred-piper/ http://www.infosecurity-magazine.com/view/27584/comment-cloud-security-is-not-a-myth/ Security is frequently cited as the primary reason why organizations are reluctant to adopt public cloud offerings. But is the public cloud inherently insecure? With the correct approach to security architecture, FireHost’s Chris Hinkley argues that securing the public cloud is possible Tue, 14 Aug 2012 13:00:00 GMT http://www.infosecurity-magazine.com/view/27584/comment-cloud-security-is-not-a-myth/ http://www.infosecurity-magazine.com/view/27434/stoking-the-flames-of-cyber-war/ Call it Flame, Flamer, sKyWIPer, or Stuxnet’s father – the labels simply don’t matter. Drew Amorosi concludes that one well-crafted piece of malware can be more valuable than a thousand secret agents Tue, 07 Aug 2012 10:30:00 GMT http://www.infosecurity-magazine.com/view/27434/stoking-the-flames-of-cyber-war/ http://www.infosecurity-magazine.com/view/27433/comment-the-eus-proposed-24hour-breach-disclosure-rules-will-drive-automation-/ The EU’s proposed revisions to the Data Breach Directive reminds us that it’s about respecting customers, not just ticking boxes, opines Michael Hamelin of Tufin Technologies Tue, 07 Aug 2012 10:00:00 GMT http://www.infosecurity-magazine.com/view/27433/comment-the-eus-proposed-24hour-breach-disclosure-rules-will-drive-automation-/ http://www.infosecurity-magazine.com/view/27369/securitys-alleged-disappearing-act/ Recent acquisitions in the market have given rise to the notion of embedded security, rather than security as an add-on layer. Wendy M. Grossman discovers that this is only one of many trends shaping the future of data protection Thu, 02 Aug 2012 10:30:00 GMT http://www.infosecurity-magazine.com/view/27369/securitys-alleged-disappearing-act/