Security Leadership

Security Leadership news, information, and how-to advice

security officer ciso


Quick tips before you switch to a new iPhone

Millions of people are switching to the latest iPhone this week. But before you trade-up, here's some basic tips to help protect your new device, both at home and at the office.

female ninja

Myths and truths about employing women in Infosec

Lisa Myers breaks down the truths and the fallacies behind women in security careers.

galdius sword

Number 1 on my top 10 list for security executives: History’s lessons

History has given us a wealth of stories from which analogies related to information security can be drawn. Some of these stories significantly predate the digital age but are relevant because they can impress upon us the significance...


Old CGI-PHP vulnerability used to spread Bitcoin botnet

In 2012, researchers discovered a flaw in some PHP builds that would enable a remote attacker to execute commands on the server, if PHP was configured as a CGI script (PHP-CGI) at the time. Now, it's being used again to propagate a...

Budget tools

Security tops CIO worries; IT budgets, turnover on the rise

Enterprises' five largest IT investments are analytics and business intelligence, data center infrastructure, ERP, software development, and cloud computing.

colorful apps

Data protection authorities find privacy lapses in majority of mobile apps

One in three applications request excessive permissions, and privacy information is inadequate in 85 percent of them, a study found


What the symbol you use for security reveals to the people around you

How to consider and select a better symbol to represent you and your approach to security

Hand held over flame

Successful Security Awareness programs hold employees' hands to the fire

Few CSOs and the people responsible for implementing awareness programs are aware of the impact that consequences have on the success of not just an awareness program, but on the entire security program.

boardroom meeting

Addressing security with the board: Tips for both sides of the table

In the boardroom, when it comes to addressing the topic of security, there's tension on both sides of the table. It doesn't happen all the time, but when it does, the cause of the friction is usually security executives and board...

gmail signin

Five million Gmail addresses and passwords dumped online

The data was not likely stolen from Google, but from other websites, researchers said

nsa sign

Tech groups press Congress to pass USA Freedom Act

As Congress returned from summer recess Monday, several technology and civil rights groups quickly renewed their push for a bill that seeks to put curbs on the bulk collection of phone records and Internet data by the government.

careers 2

Pay up for talent? Is there a security salary disconnect?

Demand for security pros has never been higher, so why are salaries flat?

Will bitcoin's creator be unmasked for $12,000?

The anonymous poster wants 25 bitcoins, about $12,000, for the information

OpenSSL warns vendors against using vulnerability info for marketing

Vulnerability information will be closely held until patches are ready, the OpenSSL Project said

help wanted ad 000006764972

How to get a job in computer security

The secret to the security profession is to develop all the computer experience you can before you even begin to think about a career in cybersecurity.

People talking illustration

Social media remains an easily exploitable attack surface

Twitter, like every other social platform, has an interesting attack surface; one that criminals have been exploiting for years. The instant connection to information offered by those platforms can be turned against their users,...

LinkedIn beefs up account security with session management, detailed alerts

LinkedIn now allows users to see and terminate their authenticated sessions from multiple devices

Do you agree with Google's tactics to speed adoption of SHA-2 certificates?

Google recently announced a plan to degrade the user experience for SHA-1 certificates in their Chrome browser nearly two years ahead of schedule. Smart move or harmful decision?

Load More