Infosecurity Opinions
Could a Weak Link in the Chain Hamper Retailer Implementation of PCI DSS Version 3.2?
Application of the PCI DSS’s latest system is not a quick fix, but a means to an end.
Overcoming Application Security Challenges
The majority of strategic business processes are supported by software applications, so why does application security continue to receive less budget and attention than network security?
Is Compliance Bad for Security?
Standards are a security bar for organizations to meet through compliance. Arguably their value is in the reassurance they provide stakeholders that a baseline of reasonable security measures is in place. But what if compliance is faked?
A Moving Target: Why SMEs need Threat Intelligence
Justifying security spend can be challenging as a SME: there are limited resources, you’re trying to defend against an unquantifiable range of threats, and there are plenty of other aspects of the business to invest in that can give tangible results.
Communications Security Beyond the Turret
What was once a system based on a digital time-division multiplexing (TDM) architecture has turned into a high-tech Internet Protocol (IP) based work center
Who is Responsible for Cybersecurity Within Your Organization?
Don't underestimate the need for clear guidance on who should do what within an organization.
Security from the Ground Up: The Need for Data Classification
Governments, businesses large and small, and even private citizens worry over how to keep their digital assets out of the wrong hands.
The Service Desk: The Unsung Hero of IT Security
Estimates suggest that the gap between a data breach and discovery is somewhere in the region of 80 and 200+ days, depending on whose research you’re reading.
Regular Check-ups: Pentesting-as-a-Service
Penetration testing needs to be performed much more frequently than it is today by most organizations, and that requires a new type of service offering: ‘pentesting-as-a-service’.
Machine Learning – Keeping Us One Step Ahead of Fraudsters
While it is clear that machine learning has a lot to offer to financial institutions and merchants in an effort to detect and prevent fraud, the approach does have its limitations.
Why Weakening Encryption Could be Throwing the Baby Out with the Bathwater
Should communications providers be legally forced to break their own security when required, even if they must fundamentally change the way their encryption works in order to comply?
Walking the Line Between Data Protection and Privacy Invasion
While there has been growing awareness of what we should, as consumers, do to secure our data, how can we be assured our data is being appropriately cared when we hand over information to companies?
Evading IT Threats: Integrating Security in Your Overall Cloud Strategy
In cloud infrastructure, it becomes even more challenging to overcome such threats without incurring any losses.
How Context Can Provide Application-centric Security
It’s the applications themselves that are the targets, because that is where the data is housed.
Access Badges: The link between physical and logical access
Organizations using access badges to secure physical access to (all or part of) their premises increasingly ask for the ability to use the same badges for access to their network and applications.
File Sharing: The Silent Threat
Employees secretly transfer various forms of confidential information to cloud-based file-sharing services.
Banking's Darkside Lurks in Your Inbox
While banks cannot and will not be able to stop all attacks, staying up to date on current threats and investing heavily in security teams and technology will most certainly help them prevent most.
Bridging the Gap Between Executive Cyber Awareness and Enterprise Security
IT security professionals are facing greater challenges than ever before and should be providing greater visibility into how cybersecurity programmes are performing.
