Security Leadership

Security Leadership news, information, and how-to advice


How to get creative with your penetration testing

Are your employees ready for whatever the hackers can throw at them? Try one of these tests



Spam turns 20 and is still going strong

For more than two decades now unsolicited email messages have clogged inboxes around the world. And we're still trying to stop the scourge.

Phishing key

Four of the newest (and lowest) Social Engineering scams

Social engineering thugs have reached new lows, as gangs play on users’ fears of privacy loss, theft and even death.

CDW Integrates with Google Apps for Cloud Collaboration

Through a partnership with Google and Esna Technologies, CDW has rolled out native access to the CDW Cloud Collaboration suite within Google Apps.

Cost of healthcare    167248933

Hundreds of medical professionals targeted in multi-state tax scam

Medical professionals in several states have come forward with reports of identity theft, after their personal information was used to file fraudulent tax returns.

ssl secure browser lock

Bugcrowd launches funding drive to audit OpenSSL

Bugcrowd, the bug bounty marketplace driven by crowdsouring, has launched a donation campaign in order to help pay for a security audit of OpenSSL.

3 ways to reduce BYOD legal liability with the right conversation

As "bring your own device" (BYOD) reshapes the way organizations handle technology, how do we handle the uncertainty of legal liability and security concerns? The key to turning a potential liability into an opportunity lies in having

Kimberly Clark names new CISO

Timothy Youngblood joins Kimberly Clark as their Chief Information Security Officer.

Redefining Endpoint Security With Isolation Technology: An innovative, new security architecture

Find out how to secure your enterprise and empower your users to click on anything, anywhere without the fear of being compromised.

Why security professionals need to get more creative with penetration testing (and how to do it)

Criminals are evolving with their techniques for hacking and breaching corporate assets, so security managers need to as well. Here are some ways companies are going beyond standard pen testing in order to increase awareness

Think tank challenges Heartbleed handwringing

Recent opinion piece has researchers debating seriousness of the OpenSSL flaw


How to create awareness of the insider threat

Snowden causes companies to consider doing what was unthinkable

How you need to respond to Heartbleed, and how you can explain it to others

With the flood of information surfacing about Heartbleed, it is important to distill to the immediate steps to take to protect our organizations and those we serve. This article covers the five actions for organizations, three for...

Predictive Defense and Real-Time Insight: The Next Step in Advanced Threat Protection

Download this complimentary report, featuring the Gartner Research "Designing an Adaptive Security Architecture for Protection From Advanced Attacks", and learn why organizations can't rely solely on traditional blocking

The real security lesson Windows XP taught us is to challenge our assumptions

As support for Windows XP comes to an official end, the real security lesson is hidden. Broader than what to do about it today is the consideration of what it means for the future. Find out the one question Windows XP taught us we...

Cognitive bias: The risk from everyone in your organization, including you

Cognitive bias is subtle enough that most people think everybody else but them suffers from it. But no one is immune, and it can lead to bad analytics and false conclusions, which can damage an organization through errors in judgement

Elavon appoints Agcaoili as new CISO

Phil Agcaoili will be joining Elavon as the Vice President and Chief Information Security Officer


Salted Links: 7 April 2014

The Hash is on the road this week, but while yours truly is flying the friendly skies, the following round-up will keep you in the loop on current events and interesting research. Today's cache includes a unique attack on Microsoft...

Healthcare Information Management: A New Urgency

With the challenges of an evolving regulatory environment and the information overload problem with management practices, many organizations have now reached an inflection point.

Businesses face rising political pressure from data breaches

FTC encourages Congress to pass national breach notification legislation, among other efforts.

Why you need to measure the right things in your incident reporting process to improve your security culture

Shape a successful culture of security with an approach that gives individuals a voice and uses smart measurements to guide action.

Talking insider threats at the CSO40 Security Confab and Awards

InfoSec supervisor Arthur Wang discusses insider threats and his supportive approach to spreading security awareness within an organization.

What’s quality got to do, got to do with it?

At the CSO40 conference next week, I'll be speaking on ISO 9001 and its application to information security. But what does ISO 9001, an international standard of quality management, have to do with information security? Answer: Lots.

Load More