Opinions

Department of Justice FBI building
Mobile phone data privacy.

risk

5 trends making cybersecurity threats riskier and more expensive

Risks increase as the world becomes more digital, regulated, and interconnected, but you can take steps to reduce their impact.

CSO > wolf in sheeps clothing / fraud / identity theft / social engineering

How a sex worker became a defense contractor employee -- and an insider threat

An accomplished research scientist manipulated a defense contractor CEO into hiring a prostitute for a technical role. Here's how this insider threat could have been avoided.

binary silhouettes / data / tracking / surveillance

NSO Group’s Pegasus crashes as Apple initiates Dignity and Justice Fund

The failed sale of NSO Group to L3Harris raises concerns about who will own its surveillance technology, while Apple takes steps to hold surveillance firms accountable.

A laptop user works securely behind a firewall.

Cybersecurity is a constant fire drill—that’s not just bad, it’s dangerous

Security efforts based on heroism and tribal knowledge can’t scale. CISOs must address this situation as soon as possible.

CSO  >  danger / security threat / malware / grenade-shaped flash drive

How you handle independent contractors may determine your insider threat risk

Outside experts can be willing or accidental security threats. Reduce that risk by changing how you onboard, train and offboard them.

A group of anonymous hooded figures exist amid raining streams of binary code. [security threats]

Russia-China cybercriminal collaboration could “destabilize” international order

Russian cybercrime groups are courting their Chinese counterparts potentially could scale up the capabilities of both.

Double-exposure of a city and a businessman's silhouette containing the shadow of a strongman.

The strange business of cybercrime

How modern cybercrime syndicates adopt the ways of enterprise business, reaping the gains and suffering the difficulties.

Insider threats  >  Employees suspiciously peering over cubicle walls

MITRE's Inside-R Protect goes deep into the behavior side of insider threats

The new Inside-R program looks to collect historical insider threat data to more deeply analyze behaviors that signal risk.

Tech Spotlight   >   Analytics [Computerworld]   >   An image of an eye with virtual surveillance.

Location data poses risks to individuals, organizations

App-based location data has been used against individuals, and that presents real risks for those people and organizations.

superhero executives strong leaders mask rescue cape colorful costume

We don’t need another infosec hero

By setting yourself up as the defender, the solver of problems, you cast your business colleagues as hapless victims or, worse, threats. This is not a useful construct for engagement.

Family in silhouette waving goodbye at airport

Bye-bye best-of-breed?

ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process.

access management / access control / user connections / identities

Web3 and IAM: Marching toward disruption

While the debate about Web3’s long-term relevance rages, the technology itself goes merrily on its way, finding ever more avenues of use. One area that is seeing interesting potential and actual developments is IAM.

Intelligent workspaces - Redefining the future of work

Latest Cyberspace Solarium Commission 2.0 Report focuses on cyber workforce

The June 2022 report offers recommendations to the private sector, U.S. Congress, and the federal government to build up the nation's cybersecurity talent pool.

cso security breach hack gettyimages 966835276 by metamorworks

OPM's $63 million breach settlement offer: Is it enough?

The nature and scope of the data stolen in the U.S. Office of Personnel Management presents a life-long risk to victims, who might get as little as $700 if the court accepts the settlement.

gavel / abstract binary lines  >  court judgment / fine / penalty / settlement

HiQ v LinkedIn court ruling will have a material effect on privacy

A U.S. appeals court has ruled that hiQ's scraping of public LinkedIn data is not a violation of the U.S. Computer Fraud and Abuse Act.

Team member extends all hands in for a huddle. [unity / teamwork / trust / diversity / inclusion]

What does it mean for cybersecurity to “align with the business"?

Showing how security helps business achieve its objectives is a two-step process: Speak the language of business and do cost-benefit analyses that prove value returned.

binary highway

Uber CISO's trial underscores the importance of truth, transparency, and trust

The criminal trial offers a lesson in the value of both CISOs and organizations adhering to a policy of truth, transparency and trust when it comes to security.

The shadow of hand unsettlingly hovers over a keyboard.

China's cyber espionage focus: intellectual property theft

The recently uncovered Operation CuckooBees campaign shows how serious China is about using IP theft as a competitive advantage. Protect IP now or chase it later.

Load More