Security Leadership

Security Leadership news, information, and how-to advice

cso cio
2014 11 21 cso value of time

Businessman holding holiday gift box 187371991

Raising awareness quickly: Holiday tips and tricks

The holidays are here. From now until the end of the year, the retail sector will see a business boom, while organizations both large and small deal with staffers who opt to become part of the shopping rush.


Building our cyber workforce (part 2 of 2)

In part 2 of this look at growing our cyber workforce, let's address the IT Security staff, executive leadership, suppliers, customers and also consider how we might engage the wider community.

happy thanksgiving

Five security developments we can be thankful for in 2014

The end of the year usually brings with it the annual tradition of consulting the InfoSec "crystal ball" to create a list of prognostications of doom for the coming year. Let's start a new tradition of looking back at the things that...


10 security mistakes that will get you fired

From killing critical business systems to ignoring a critical security event, these colossal slip-ups will get your career in deep water quick

mobile security

5 steps to more mobile-security-savvy employees

It takes more than policies and penalties to make your workers smart about mobile security. Here’s how to identify and correct problem behaviors in your organization that can leave your corporate data vulnerable.


(ISC)2 election time! Vote now!

I’m in the process of wrapping up my second year with (ISC)2 as a board member. To be clear, I’m not up for re-election until next year. I have to admit that I’m pleasantly surprised with the amount of work we’ve been able to get...

2014 11 14 value in passwords

After this judge's ruling, do you finally see value in passwords?

Judge rules authorities can use your fingerprint to unlock your smartphone. What that means for authentication and the future of passwords.

Cyber Workers

Building our cyber workforce (part 1 of 2)

There is a skills gap in cybersecurity that has led to hundreds of thousands of unfilled jobs in the US alone. The number of new job openings is estimated to continue to grow at a rate of some 10 to 12 percent per year, or roughly...

sony wearables 7915

ISACA survey shows security disconnect for breaches, wearables

Consumers are very much aware of the latest data breaches, but few are changing behaviors, according to a new survey released today. They are also looking forward to getting wearable devices this holiday season, while few companies...

bounty hunter

Why bug bounty hunters love the thrill of the chase

The financial reward of hunting for bugs is nice, but these White Hat hackers often find holes for companies simply because they love the challenge. What motivates them? And how can you get involved?


What happens when enterprises promote employees with low security IQs?

Enterprise bi-polar security disorder: promote employees with low security IQs up the ladder, then beat them down when they exhibit risky behavior.

glasses focus

Number 3 on my top 10 list for security executives: Focus

The threat landscape has evolved. Security solutions have evolved. Has your focus?

7 deadly sins

The 7 deadly sins of startup security

The shift in mindset about security for startups is even more critical in this ever changing risk landscape.

2014 11 07 cso 3 questions

Answer these 3 questions if you want to get your security projects funded

Before asking for funding for new initiatives, make sure you can answer these three questions


Drupal vulnerability blamed for problems at Indiana Dept. of Education

On Monday, Indiana's Department of Education glimpsed the dark side of patch management, after administrators discovered that their website had been defaced. The root cause of the defacement was their vulnerable Drupal installation,...

adobe logo

Adobe's e-reader software collects less data now, EFF says

Digital Editions 4.0.1 doesn't send data on e-books without DRM and uses encryption

Security certification

Where to find security certifications

Some say they are essential to a successful security career. Others argue they are an outdated concept and a waste of time. Despite the debate, here are 10 places to further learn about the security trade and the certifications...

colored flags

Social Engineers work in teams to harness the power of information

Proving once again that information viewed as harmless can often enable an attacker, the contestants in this years Social Engineering Capture the Flag (SECTF) contest at DEF CON 22 worked in teams of two in order to collect vital...

Load More