Infosecurity Opinions
AI Must Prove its Trustworthiness
Box CISO Julien Soriano says we must turn our attention to the security and veracity of the data we are feeding into AI models
How Banks Can Safeguard Customers From Romance Fraud
Online dating's rise as the leading way to meet potential partners has created a boom in romance scams, demanding industry solutions to protect users
Why Culture is the Bedrock of Cybersecurity
Ken Deitz explains why culture is the guiding principle for good cyber governance
Three Psychological Theories to Ensure Cybersecurity Training Sticks
Andrew Rose says leveraging behavioral psychology theories will create a much higher success rate in employee cybersecurity training programs
The Data Privacy Risks from Video Surveillance at the Paris Olympics
Vishwa Narayan discusses how authorities can strike the right balance between privacy and security by using video surveillance at the Paris Olympics
How to Protect Yourself from Rising Romance Investment Scams
Erin Fracolli sets out how online daters can detect sophisticated romance investment scams
Why Federal Agencies Must Learn from the Cyber Safety Review Board Report on Microsoft
Sean Moran says the CSRB report into Microsoft shows that the US government needs to end its single-source reliance on cybersecurity contractors
Why Banks Should be Taking Quantum Security Very Seriously
Andersen Cheng says banks are acutely vulnerable to the threat posed by quantum computers
How to Navigate the Risks of Generative AI
KPMG's Matthew Roach says a holistic approach is needed to ensure the safe and responsible use of generative AI
Banning Ransomware Payments Will Do More Harm Than Good
Ian Thornton-Trump argues that a ransomware ban would have severe unintended consequences
Learning from Heartbleed to Quantum-Proof the Future
Kevin Bocek says we must learn from the Heartbleed vulnerability crisis 10 years ago to prepare for the threat posed by quantum to current encryption methods
Is the Human Factor Overlooked in Cybersecurity?
LRQA's Lisa Washer explains why people, not just technology, must be at the core of cybersecurity
Why Voice Authentication Should Not Be Used to Secure Critical Assets
Alex Haynes highlights a case study involving the use of voice authentication for HSBC, which shows the security flaws of this method
Why DDoS Threat Actors Are Shifting Their Tactics
With the changes in DDoS attack size, diversity, and the development of new methods, organizations must not become complacent
Enhancing Collaboration: Incident Response Teams and Law Enforcement
As cyber-attacks surge, fostering collaboration between Incident Response Teams and law enforcement is crucial to fortify defenses and respond effectively
Overcoming the AI Privacy Predicament
The IAPP's Müge Fazlioglu says organizations must address consumers' privacy concerns to realize the full potential of AI
Learning from File Transfer Software Vendors’ Vulnerability Response
Rapid7's Caitlin Condon explains why organizations could learn from file transfer vendors' response to high-severity vulnerabilities coming to light
Rethinking Open-Source Intelligence for Security in Commercial Settings
Jonathan Couch expects OSINT capabilities to be integrated into network security within the private sector in the next few years
Four Steps to Cultivating a Cyber Resilient Workforce
Businesses must address the cyber security training gap to combat rising attacks, this must be a joint effort through solutions, policies, and employee training is key
Resisting Hindsight Bias: A Proposed Framework for CISO Liability
Debevoise & Plimpton proposes criteria for evaluating whether to charge CISOs for violations of federal security laws
