Infosecurity Opinions

  1. Comment: Effective Smart Grids Require Multiple Layers of Security from the Outset

    Michelle Lewis, smart grid specialist at Symantec, explores the benefits and challenges of smart grids and outlines the strategies needed to secure and protect them

  2. Comment: Cloud Security is not a Myth

    Security is frequently cited as the primary reason why organizations are reluctant to adopt public cloud offerings. But is the public cloud inherently insecure? With the correct approach to security architecture, FireHost’s Chris Hinkley argues that securing the public cloud is possible

  3. Comment: The EU’s Proposed 24-hour Breach Disclosure Rules will Drive Automation

    The EU’s proposed revisions to the Data Breach Directive reminds us that it’s about respecting customers, not just ticking boxes, opines Michael Hamelin of Tufin Technologies

  4. Comment: Cybersecurity and Information Sharing Is a Two-way Street

    Strengthening cybersecurity cooperation between government and industry is a growing necessity. As threats evolve rapidly, ongoing information sharing will serve a critical role in keeping public and private networks safe. Entrust’s Dave Rockvam explores the current landscape and areas for improvement

  5. Comment: Why You Need a Google Security Policy

    Through its many services, Google can track your browsing, scan your emails, read your documents, listen to voicemails, analyze your calendar, and more – all in the name of better connecting sellers to its users. Babak Pasdar of Bat Blue Networks says this feeding of the Google Monster must be monitored and controlled

  6. Comment: Passwords Are the Achilles’ Heel of Cloud Security

    To address single sign-on (SSO) at cloud scale, Ping Identity’s Patrick Harding says IT administrators, security architects and developers must focus their energy on solving the problem with secure standards such as SAML, rather than implementing Band-Aid solutions like password vaulting

  7. Comment: Securing SharePoint's Content Blind Spots

    Storing sensitive information inside SharePoint doesn’t have to be scary, claims Kurt Mueffelmann of HiSoftware. By implementing governance policies that couple education with compliance and security technologies, he believes organizations can store and share information inside SharePoint with confidence

  8. Comment: Why Amazon Is My #1 Attacker

    AlienVault’s Conrad Constantine explains why the need to establish reputation information from cloud instances cannot be underestimated for incident responders

  9. Hacktivism Debate: Security’s Little Awareness Helper

    Matthew Pascucci shines a light on a by-product of hacktivism: increased security awareness. Their attacks may be embarassing, but he says hacktivists do serve a functional purpose for the security professional

  10. Hacktivism Debate: Occupy DDoS

    There's little room in Ted Swearingen's heart for the exploits of so-called hacktivists. His sympathies lie with those charged with combating them

  11. Comment: Too Much Security May Affect Business Processes

    A balance is needed between the protection of information and productivity within a business environment, says David Cowan of Plan-Net

  12. Comment: Don’t Ban Social Media (And What To Do Instead)

    Forensic analyst Paul Henry explains why banning social media is hardly the way to deal with the risks it poses

  13. Comment: Building a Risk-aware, Cyber-secure Culture

    Using technology solutions to complement your security awareness programs is simply not enough, says IBM’s Chris Nott. You must go further and explain the risks to your employees, and why the technical controls were put in place

  14. Safe and Secure Online: Make it Count

    Tim Wilson, lead UK volunteer for the (ISC)² Safe and Secure Online program and assistant director ICT, NHS East London and City, tells us what he does, what he hears, and why you too should get involved in Safe and Secure Online

  15. Comment: The Risks of Generic Approaches to Employee Information Security Awareness

    Keith Ducatel of Article 10 talks about the dangers of off-the-shelf information security policies and training

  16. Comment: Poor Information Risk Assessment Is Worse than Doing Nothing at All

    Information risk assessment should be second nature to security practitioners, and yet too few of us understand what it really takes to do it well – and few organizations have a world-class capability in place. Andrew Wilson explores some of the reasons why this is the case and what we need to do to get it fixed

  17. Comment: Securing BYOD is More Than a One-step Process

    BYOD is no longer a trend, it’s a reality says Frank Andrus of Bradford Networks. Here he explains why implementing BYOD securely requires a comprehensive blueprint, and cannot be done through a single technology solution

  18. Comment: The Missing Link from DLP

    Solutions to prevent data loss need to involve the data owners themselves, so they can take appropriate actions to remediate risks before data is leaked. Traditional DLP technologies alone cannot achieve your security and governance goals, says David Gibson of Varonis

  19. Comment: Avoid the Inherent Risks of Consumer Gadgets and Email

    Consumer gadgets and corporate email can be a risk to information; John Thielens of Axway looks at how this can be avoided without banning consumer devices altogether

  20. Comment: It’s Not about Network Security, It’s about Business Security

    Gidi Cohen of Skybox Security explores the challenges information security executives face, and provides key steps they can take to tune their existing security infrastructure to be more effective and efficient

Why Not Watch?

  1. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  2. Mastering AI Security With ISACA’s New AAISM Certification

  3. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

  4. Modernizing GRC: From Checkbox to Strategic Advantage

What’s Hot on Infosecurity Magazine?