Security Leadership

Security Leadership news, information, and how-to advice

011215 president barack obama
it security salaries

full disclosure

Hacked Opinions: Vulnerability disclosure – Sam Curry

Arbor Networks' Sam Curry talks about disclosure, bounty programs, and vulnerability marketing with CSO, in the first of a series of topical discussions with industry leaders and experts.

master lock with root password

Google: Users still aren’t getting message about online security

Google researchers say that experts and non-experts go about protecting their digital privacy in very different ways, according to survey results they plan to present at the upcoming Symposium on Usable Privacy and Security.

microphone

A primer on dealing with the media as a hacker, and dealing with hackers as the media

Next month, thousands of hackers will travel to Las Vegas, and hundreds of journalists are going follow them. The adversarial relationship between hackers and the press has existed for years, but there are ways to navigate the playing...

full disclosure

Hacked Opinions: Vulnerability disclosure – Jeff Williams

Contrast Security's Jeff Williams talks about disclosure, bounty programs, and vulnerability marketing with CSO, in the first of a series of topical discussions with industry leaders and experts.

american justice courtroom gavel legal system law justice flag 000000804982

FTC sues identity protection service LifeLock again

Identity protection service LifeLock said Tuesday it is prepared to go to court after the U.S. Federal Trade Commission filed a fresh lawsuit alleging the company has failed to protect its users' data and deceptively advertises its...

full disclosure

Hacked Opinions: Vulnerability disclosure – Chuck Bloomquist

InteliSecure's Chuck Bloomquist talks about disclosure, bounty programs, and vulnerability marketing with CSO, in the first of a series of topical discussions with industry leaders and experts.

Hacking the Gibson in the movie “Hackers”

Modern APTs start at your corporate website

Have you ever though which role your corporate web applications may play in an APT attack against your company?

hand holding spoon

Why the perception of a security talent shortage is really a leadership opportunity

Reframe the discussions about the lack of qualified security professionals to reveal the real opportunity for leaders to develop the people around them

black hat logo

InfoSec pros spend most time, money on self-inflicted problems

According to a new survey of Black Hat attendees released last week, InfoSec professionals are spending the biggest amount of their time and budgets on security problems created within the organization itself.

full disclosure

Hacked Opinions: Vulnerability disclosure – Rahul Kashyap

Bromium's Rahul Kashyap talks about disclosure, bounty programs, and vulnerability marketing with CSO, in the first of a series of topical discussions with industry leaders and experts.

google hits misses google logo

Google slams proposed export controls on security tools

A proposed set of software export controls, including controls on selling hacking software outside the U.S., are "dangerously broad and vague," Google said Monday.

usa goverment cyber security

Silicon Valley wary of U.S. push for cyber security info sharing

Tech execs cite privacy, litigation concerns.

So, you want a Masters Degree in cybersecurity?

University and College Masters Degree programs in cybersecurity

full disclosure

Hacked Opinions: Vulnerability disclosure - Andrew Avanessian

Avecto's Andrew Avanessian talks about disclosure, bounty programs, and vulnerability marketing with CSO, in the first of a series of topical discussions with industry leaders and experts.

hackingteam hacked logo

Phishing attacks targeting government agencies linked to Hacking Team breach

In an alert on Friday, the FBI has issued a warning about an active phishing campaign targeting various government agencies in the U.S. The alert says that recent phishing emails and those from June targeted the Adobe Flash...

spilled coffee

Just get rid of Java finally

The latest security update from Oracle fixed 25 vulnerabilities in Java, including a zero-day flaw being actively exploited in the wild. It's time to just get rid of Java on the client unless it's absolutely essential.

ladder clouds

Why security leaders must seize the opportunity to implement cloud and improve security

Leading Security Change contributor B. Scott Wilson explains why -- and how -- security leaders need to embrace cloud to benefit their organizations and improve security

government columns

Regulators seek to limit security software exports

The comment period on Wassenaar ends next Monday, and the rules, as written, would severely restrict international sales, deployment, research and even discussion of cybersecurity tools and exploits, experts say.

Load More