Opinions

Group of diverse women standing lined up in a row

Women in cybersecurity need to take more risks

Projecting confidence and taking risk are keys to success for women in cyber

img 20170504 151717 01 01

Healthy security cultures eat lots of phish

The Google Docs phishing scam was widespread across the internet recently. Thanks to regular phishing training and a strong security awareness culture, our company was spared and as the CISO, I didn't even have to drive the effort....

swiss federal intelligence service

Not all is sweet. Swiss intelligence infiltrates German tax authorities

German tax authorities have been bribing Swiss bank personnel to reveal bank data since 2006. In late-April a Swiss national operating on behalf of the Swiss Federal Intelligence Service was arrested in Frankfurt, and charged with...

global connection communications

Debating the impact of marketing on the security industry

Jennifer Leggio winds up for the launch of the new Security Slapshot series with some bold statements on the impact of marketing on the security industry

beijing alley

China's spy hunting tactics

China’s counterintelligence capabilities continue to evolve. The newest arrow in their quiver to detect those who are breaking trust with Mother China is the “bounty” for identification of “suspicious foreigners.”

Hurricane Matthew

A guide to business continuity planning in the face of natural disasters

Natural disasters often strike with little to no warning, but their operational and economic impact to organizations can be devastating. Preparation is the best defense against these disasters, and the time for preparing is now –...

restricted zone sign

A pathway for security leaders to finally enforce least privilege

Jonathan Sander explains how to automate the process of enforcing least privilege on the files raging on your network

beware

Job seekers beware of recruiters

Paying a recruiter to find you a job could leave you the victim of a scam. Trending scams that could leave N00bs paying to stay unemployed.

rx drugs thinkstock

Need a fix? Steal patient data

Trusted insiders within the healthcare sector with access to patients, patient data and dispensaries, have unencumbered access to sensitive data and drugs. William Osler Health System (Canada) had one of their insiders break trust and...

employees technology planning data [Computerworld, January-February 2017 - HR IT]

Cyber Resilience 2.0, now shipping

The heads of IT security gathered at a recent Think Tank and agreed on a next generation definition of cyber resilience.

Top 4 reasons to become a CISSP

Why IT security pros should join the growing ranks of Certified Information Systems Security Professionals.

post-it with the word

IT mistakes that could cost an organization millions

Here are some scenarios for N00bs to safeguard against costly mistakes for them and their company.

hacker login password cliche

Three shoddy security tropes it's time to retire

It's not unusual for our collective cultural or technological understanding to discredit certain tropes over time. Tired cliches about shoddy security practices have been especially slow to be moved to the ash heap of history. Here...

professional development 9

Information security professionalism requires both credentialing and codes of professional practice

It's time for information security practitioners to be recognized as professionals. But that will require self-discipline. Independent validation of skills and the promulgation of strong and enforceable codes of professional practice...

hand cookie jar

China's hand caught in the cookie jar

China's hand was caught in the cookie jar, again. In early April 2017, an employee of Siemens was arrested on suspicion of espionage, the theft of trade secrets and intellectual property.

change management

Keep the change: 9 steps to adapting to IT security

Changing the way we look at "security" could make the difference in how successful we are. Here's a step-by-step process CSOs and their teams can implement to integrate any type of GRC or Infrastructure Security change initiative into...

behavior facial expressions emotions

You can steal my identity, but not my behavior

The compromise and misuse of identity is at the core of modern threats and data breaches. This has been documented for years and continues to escalate. As a result, we are rapidly approaching the end of life for password-based...

pig bricks building

Secure systems and the three little pigs

How to create a secure systems development practice in spite of Agile, DevOps and changing threats

devops

The intersection of DevOps and application security

This article discusses DevOps security and the application security tools that need to be embedded within its process. These additions enable proper InfoSec protection of web applications.

sprint track runners

Security leaders need to sprint before getting forced to scramble

Udi Mokady shares insights on the changing nature of security threats and how a focused sprint now builds trust and sets the stage for future success

Load More