Opinions

keys / locks / security

Different conferences, common theme: How to best manage the disparate security solutions we’re using

We need to unite the different islands of security solutions in both the physical and cyber worlds to provide the best level of protection.

programming code development split screen display

Lessons learned through 15 years of SDL at work

In short? Security Development Lifecycle is all about the developers...

6 small business security

How a small business should respond to a hack

With small business finding itself in hackers’ crosshairs as much as the big boys, it’s imperative to have an immediate response plan in the event of an attack.

locked binary code and circuits

Why every business should consider ISO 27701 compliance for their vendors

The new standard provide a comprehensive set of controls for information security and the protection of personal information.

Keep third-party risk on your radar: Piggybacked deer, giraffe and cat balance on a tightrope.

Are you taking third-party risk seriously enough?

Because third parties are often responsible for data breaches, your internal security standards must extend beyond your borders to cover vendors and other external partners.

football

What Andrew Luck’s retirement can teach infosec leaders

Andrew Luck was an incredible quarterback who performed at very high levels despite numerous hits and injuries. At the age of 29, he walked away from the sport he loved and untold millions of dollars. This action, and the reaction...

iot security networking privacy

Data privacy in the IoT age: 4 steps for reducing risk

As internet of things (IoT) devices proliferate, corporate security teams face a steep challenge around data privacy. Here's what you can do now to protect your company.

computer crime scene / hacked / infected / cybercrime / cyberattack

Why you need a cybersecurity incident response specialist

If your cyber insurance provider gives you the number of an incident response specialist, call them now. It will save time when an attack occurs.

network security / network traffic scanning

Why I’m not sold on machine learning in autonomous security

Some hard realities on the limitations of machine learning in autonomous netsec.

vmware vmworld sharpen focus

Can VMware become a leading cybersecurity vendor?

VMware's recent acquisition of Carbon Black gives the company a strong security foundation to build on.

secure system / network security policy management

How to become a cybersecurity RSO

How to build a reliable security program.

ransomware healthcare breach hacker

Have you been ransomware’d yet?

You need to understand why this is one of the most potent attacks – what you must do to avoid becoming a target.

cybersecurity eye with binary face recognition abstract eye

Why cybersecurity is a central ingredient in evolving digital business models

Rather than being a hindrance, cybersecurity best practices give you a stable foundation on which to innovate...and can be the can be the gateway to re-imagining your business model.

BlueBorne Bluetooth attack stage fright

Are you being tracked through a Bluetooth security vulnerability?

The Bluetooth protocol, which was never that secure to begin with, now allows the bad guys to track your location on some laptops and phones, but worse could be the entry it offers into the IoT.

fedora hat black hat detective spy

The best and worst of Black Hat 2019

Security rock stars? Fake science? This year's Black Hat had it all.

Let's Encrypt automated encryption gears

Black Hat 2019: 3 cybersecurity concerns and 3 things that give hope

At this year's Black Hat, it was evident that several cybersecurity issues remain a concern, but the industry is making progress.

Las Vegas Sign for Blackhat DefCon Event

Thoughts from Defcon 27 – This is why I do what I do

Every year, thousands of security professionals descend upon Las Vegas to take part in a series of conferences known as Hacker Summer Camp. This year, Black Hat, BSides Las Vegas, Defcon 27 and the Diana Initiative took up the...

Mastery of technology skills + knowledge.

12 things every computer security pro should know

Fighting the good fight takes specialized knowledge. Here's the baseline of what all security pros should know.

Conceptual image of a network of executives / silhouettes of executives in motion.

Staffing the CISO office: A call to senior management for some expansive thinking

More companies need to realize that an inherent staffing misalignment around their CISO role presents potentially critical exposure to the organization.

Smishing, an SMS phishing attack / Vishing, a voice phishing attack by phone

Smishing and vishing: How these cyber attacks work and how to prevent them

Smishing and vishing are types of phishing attacks that try to lure victims via SMS message and voice calls. Both rely on the same emotional appeals employed in traditional phishing scams and are designed to drive you into urgent...

Load More