Is antivirus software dead at last?

Is antivirus software dead at last?

The debate about whether antivirus software is still useful has been going on for a few years now. This technology was once the mainstay of the security efforts for most businesses and home users. The challenge of late is the ability...

The risk of data theft -- here, there and everywhere

The risk of data theft -- here, there and everywhere

Today, the challenge of protecting sensitive data has increased exponentially, due to the fact that data has been leaking into the cloud, and individual PCs and mobile devices. This is how to address the challenges of this data...

Are we drowning in a sea of negative security press?

Are we drowning in a sea of negative security press?

It would seem from news accounts that the increase in the number of new vulnerabilities in devices, software and systems is escalating out of control. While the crisis is real, it has been blown a bit out of proportion by the consumer...

Product security: Not just bells and whistles

Product security: Not just bells and whistles

The announcement this past week about the vulnerability in an insulin pump made by Johnson & Johnson was just one more of an ongoing series of vulnerabilities found in medical and other products. It seems that a common element...

Are you encouraging your employees to take security risks?

Are you encouraging your employees to take security risks?

We impose a growing burden of security rules on employees, while insisting that their productivity at least remain constant. In so doing, we may be encouraging them to put their organizations at risk.

The changing data protection paradigm

The changing data protection paradigm

In just a few years, the industry has experienced a data paradigm shift. Most organizations now must deal with massive amounts of incoming data, in various forms, ranging from structured information in the form of databases and lists...

The danger of unmanaged security service providers

The danger of unmanaged security service providers

The job of keeping networks safe from attack is growing more complex by the day. At the same time, demand for trained and experienced information security analysts is exceeding the supply. This combination of factors is leading to an...

Third-party vendors -- your weakest link?

Third-party vendors -- your weakest link?

Third parties continue to pose an unmanaged risk for many businesses, and they continue to be exposed to hacking and regulatory fines as a result. Learn why third party risk must be properly managed, and discover tips and suggestions...

Information security ignorance is not a defense

Information security ignorance is not a defense

Despite increasing awareness about the importance of information security, underscored by the fear of ransomware attacks, many in the small and medium business world are unprepared for an attack.

So, you bought good security tools. Now what?

So, you bought good security tools. Now what?

The pace of growth in the availability of information security tools in the last five years has been nothing short of astounding, but many organizations get very little for their money. Here are the steps necessary to make these...

The devil is in the details: The importance of tight processes to strong information security

The devil is in the details: The importance of tight processes to strong information security

Have you ever pulled a policy or procedure down from the internet, changed a few things and called it your own? If not, you are probably one of a small minority. Since such documents are the basis of processes that make your operation...

How to build a thriving information security function despite the talent shortage

How to build a thriving information security function despite the talent shortage

It seems that the industry has reached a nearly unanimous conclusion about a key essential for tight information security -- people. This is causing a challenging talent shortage, which is affecting the ability of companies to build...

Are you buried under your security data?

Are you buried under your security data?

I will confess upfront that I am skeptical about the whole idea of threat intelligence sharing. Companies may decline to share such information because they fear the loss of competitive advantage, or because they don't have the time...

Three reasons you should care about technology asset management

After the recent discovery that a restaurant i frequented was processing my credit card on WIndows XP, I was reminded of the importance of technology asset management, for both hardware and software. It seems that many organizations...

When it comes to security standards, one size doesn't fit all

When it comes to security standards, one size doesn't fit all

The California attorney general, in comments made recently, caused quite a stir in the information security community. He cited a particular standards document, and said that companies not following it were not considered to have...

Taking the pulse of your information security culture

If you have been a manager in a company of any size, you likely understand the concept of corporate culture. But do you understand the concept of a corporate security culture? If not, this article will explain what a corporate...

Information security and the art of business enablement

Information security and the art of business enablement

In the security world today, we find that those managing security for organizations are often at odds with the business executives. But it doesn't have to be that way.

Security standards -- sorting through the alphabet soup

Security standards -- sorting through the alphabet soup

Information security is a complex discipline in itself, complicated by the alphabet soup of standards and regulations which exist. The myriad of standards just adds to the intimidation no doubt felt by folks on the business side who...

What service providers won't tell you about their information security

What service providers won't tell you about their information security

In the course of my business, I frequently ask service providers questions about their information security practices, either as part of a third-party review, or as due diligence before a vendor selection. Over the years, I have...

Ransomware: 7 tips for recovery and prevention

Ransomware: 7 tips for recovery and prevention

Ransomware is a rather insidious form of malware that attempts to render all of your important files unreadable, until you pay the perpetrator a ransom to restore them. Once paid, you may or may not be given the key needed to restore...

Load More