Infosecurity Blogs
#infosec15: The Role of the News Media in Security
How press and the security industry can work together
All Set Up for Defending your Company
Writing this from a vantage point above the main exhibition floor at Infosecurity Europe, the day before the industry flagship opens, the concept of ‘security set-up’ takes on a whole new meaning
A Passion for Online Safety, Part 1
(ISC)2 Foundation’s Safe and Secure Online program is a unique charitable effort linking (ISC)2-certified information security experts to schools and other community groups
A Day in the Life of an IT Pro: Just Listen to Teacher
I have written a lot about network security and how to track down rogue issues during this series. However, as an IT Pro my role is also to advise and teach those around me about the pros and cons of adopting new technologies.
Mr. President, Backdoors are Stupid
As pressure mounts in the US to pass laws requiring tech companies to include backdoors in their technologies, tech companies push back with a letter to President Obama.
The Great Schism: Cybersecurity in Fact and Fiction
Carey Nachenberg's new novel raises questions about the relationship between fact and fiction in security
In Security, Stay Lean!
A security function should be lean and focused on managing controls. Tendencies to expand its scope, grow in size to become top-heavy, or allow overly hierarchical structures to develop, are potentially harmful
Dealing with Information Overload
Events and conferences come thick and fast in the security industry, and it’s sometimes hard to find time to sit and reflect on each one
Goodbye For Now
As I get ready to send to press what will be the last issue of Infosecurity that I work on for a year, allow me to indulge in a trip down memory lane as I pick nine of my favourite memories from my nine years at the best information security magazine and news site there is.
A Day in the Life of an IT Pro: Poisoned by the Ethernet
As I’ve previously mentioned, being an IT Pro can often require some super sleuthing. Sometimes this can be through the actual systems and networks, and sometimes it means donning the cloak and hat and physically hunting down the issue.
The Rise and Rise of Bad Bots – Part 2: Beyond Web-Scraping
Some bots have good intentions when they visit your web site, but many do not. How do you tell good bots from bad bots and control or block them?
The Rise and Rise of Bad Bots – Part 1: Little DDoS
Bots do many useful things on the web, but all too often they are up to no good. This two part blog starts but looking at bot-driven denial of service and the growing problem of short duration distraction attacks.
#RSAC: Android: Malware? What Malware?
Android malware (or Potentially Harmful Applications): a problem, or overstated?
Online Security in the Insurance Sector
By admission of its own IT leaders, insurance companies are less advanced when it comes to IT security than banks. There are plenty of reasons to catch up.
A Day in the Life of an IT Pro: A Virtual Lesson in Virtualization
The life of an IT admin is full of challenges, and technological changes are driving the role into new territory
A Day Out at CRESTCon & IISP Congress 2015
Security conferences in London are not in short supply, with several occurring this week alone. Given this state of affairs, standing out from the crowd is not an easy task – but it’s a challenge that CRESTCon & IISP Congress approached head-on
Cybersecurity in an Age of Austerity
Back in 2010 the UK government promised £650m spending on cybersecurity over four years, with further funding to follow by 2016. Turn the clock forward five years, and the coalition has successfully delivered on its pledge amidst a culture of cuts to other sectors
Facebook Expertly Increases Its Data Stash
On the Friday before Super Bowl 2015, while America was obsessing over a gridiron game, Facebook quietly released an update to its privacy policies. Was this timing a cunning move using distraction as the background?
Ask the CISO: Third-Party Vendor Management
Should we be documenting our relationships with third-party vendors and should third-party vendors be required to incorporate security controls?
