David Geer

A former ISP/telecom technician, David Geer writes about information security and a host of technologies for national and international publication.

Fixing the communications breakdown between IT security and the board and c-suite

Fixing the communications breakdown between IT security and the board and c-suite

Stop buying the first security solution that comes down the pike and solve the communications logjam first.

How to mitigate hackers who farm their victims

How to mitigate hackers who farm their victims

Feeling raked over? You’re not alone; someone is probably probing your low hanging fruit right now. CSO covers how hackers farm the enterprise and how companies can mitigate the risks.

Emerging technologies are poking holes in security

Emerging technologies are poking holes in security

Accelerated change challenges change management, security DevOps and emerging technologies that enable business innovation and opportunities demand fast, frequent change from the enterprise. The speed and regularity as well as the...

How to keep viral memes from spreading malware in your enterprise

How to keep viral memes from spreading malware in your enterprise

CSO shares the process attackers use to slip inside the enterprise through memes and games together with enterprise security policies and enforcements that help ensure the next viral internet craze doesn’t lead to malware playtime...

Real-life examples test whether you are prepared for a cyberattack

Real-life examples test whether you are prepared for a cyberattack

Incident response is still largely a human response. Multiply an outdated response plan by the many human errors that can innocently occur during response and you have a recipe for potentially cataclysmic results in the threat event...

The evolution of DevOps: the perfect storm for instituting secure coding practices

The evolution of DevOps: the perfect storm for instituting secure coding practices

The nature of DevOps development approaches eases, invites, cries out for secure coding practices.

The enterprise is in an arm's race with cybercriminals

The enterprise is in an arm's race with cybercriminals

CSO explores the deep web, dwell time, and their roles in the balance of power in cybersecurity, pointing up defensive moves such as employing hackers and improving the effectiveness of employee education about social engineering /...

What is the right DDoS protection cloud service for your organization?

What is the right DDoS protection cloud service for your organization?

An expert’s eye view into how top DDoS protection cloud services perform on many levels.

How to audit external service providers

How to audit external service providers

Failure to audit your providers is like neglecting to audit your internal enterprise, culminating in similar ramifications. In both cases, you can’t close holes you don’t know exist. But knowing what to audit can be the lion’s share...

How to review and test backup procedures to ensure data restoration

How to review and test backup procedures to ensure data restoration

If you want to test backup and restore procedures with your eyes wide open, consider these factors and tips.

How to conduct a tabletop exercise

How to conduct a tabletop exercise

Sharpening incident response teamwork at the tabletop can bring lasting rewards in breach mitigation and preparation.

Reviewing incident response plans for data risk preparedness

Reviewing incident response plans for data risk preparedness

Don’t let holes in your incident response plan review open gaping vulnerabilities in how you act on security events.

7 heavily-hyped information security products, vendors that hit the scrap heap

7 heavily-hyped information security products, vendors that hit the scrap heap

If they can’t secure their own future, the fate of your data is also doubtful.

Which security products do enterprises expect too much from?

Which security products do enterprises expect too much from?

Attackers will thank you for enabling them to bypass firewalls and VPNs by allowing infected laptops to send hostile packets through both into your network.

How to protect security product investments

How to protect security product investments

A security workforce shortage and other factors compound the problem of misconfigured security tools. There are solutions.

Can enterprises keep mobile security threats from driving customers away?

Can enterprises keep mobile security threats from driving customers away?

By building intelligent IDS/IPS into an app from the ground up, an enterprise can enable apps to be self-defending against any malicious use of their capabilities.

Endpoint security still inadequate despite growing threats

Endpoint security still inadequate despite growing threats

There’s not enough good endpoint protection to go around for every endpoint type. Using protections that do exist to the fullest takes extra care.

Attackers are building big data warehouses of stolen credentials and PII

Attackers are building big data warehouses of stolen credentials and PII

Attackers are swapping, selling, and associating increasing stores of linked PII and credentials to run deeper, broader, and more stealthy information invasions.

Can you keep Linux-based ransomware from attacking your servers?

Can you keep Linux-based ransomware from attacking your servers?

Patching pressures don’t make Linux ransomware any easier to take.

7 security maneuvers to stay ahead of password exposures

7 security maneuvers to stay ahead of password exposures

Attackers make unverified claims of compromised PayPal accounts on Pastebin Here are seven security habits and maneuvers enterprises and consumers can use to stay ahead of password exposures.

Load More