Opinions

neon skull sign / danger / caution / threat

The 24/7 insider threat – Managing risk in a changing environment

A new model for managing insider risk in the "always-on” and “on-demand” workplace.

Job vacancy / security staffing problem  >  empty chair / abstract lock + circuit mechanisms

The security staffing problem isn't going away. Now what?

6 strategies and tactics to adjust to a future characterized by higher levels of both vacancy and turnover.

protected key within a secured network

4 big changes coming to cybersecurity in 2020 and beyond

The pace of technology and market changes will pick up in 2020, impacting security technologies, innovation, investment, and the industry at large.

CSO > cloud computing / backups / data center / server racks / data transfer

5 cloud security basics and best practices

Companies that move to the cloud have to assume new responsibilities, develop new skill sets and implement new processes. The first step to better cloud security is to assume you have no security.

Cloud security threats  >  Lightning strikes a digital landscape via binary clouds.

Rising complexity, higher stakes for enterprise risk management

As the pace of business and a shifting threat landscape challenge enterprises, optimizing risk has become a moving target.

rfp write a proposal document contract signature deal agreement paper by extreme media getty

4 key vendor contracting pitfalls

Unless these 4 pitfalls are avoided, a vendor can have the absolute best security documents in the industry and still present material risk to its customers.

EU / European Union / GDPR data privacy, regulation, compliance

Global Data Protection and the right to be forgotten

Will the United States ever get its own privacy law?

aerial view of a network of roads

Privacy legislation: The road ahead

The pace of change in privacy laws, and the technologies they seek to regulate, is only accelerating.

Cybersecurity awareness  >  A weary businessman holds hand to forehead at security training.

Cybersecurity Awareness Month: Increasing our self-awareness so we can improve security

With the increased prominence of cybersecurity in organizations due to many crippling cyberattacks, the emphasis is now on continual engagement, as it should be. It’s also important to address the tunnel vision that has plagued the...

Cybersecurity awareness  >  A man with a binary blindfold finds his way through question marks.

3 actions to take during cybersecurity awareness month

Based on recent research, improving cybersecurity awareness among business executives, CIOs, and, yes, infosec professionals should be a goal for any organization.

detection radar computer bug threats identify breach  by the lightwriter kao studio getty

Autonomy and the death of CVEs?

Is the manual process of reporting bugs holding back the advent of automated tools?

A binary mask.

Deepfakes and synthetic identity: More reasons to worry about identity theft

How can we maintain control over digital identity In a world where it is being blurred and abused by fraudsters?

Chains of binary data.

Regulatory landscape provides added incentive for enterprises to explore blockchain

Evolving security regulatory requirements should provide incentive for enterprises to explore what blockchain and other emerging technologies can do to strengthen their security programs.

keys / locks / security

Different conferences, common theme: How to best manage the disparate security solutions we’re using

We need to unite the different islands of security solutions in both the physical and cyber worlds to provide the best level of protection.

programming code development split screen display

Lessons learned through 15 years of SDL at work

In short? Security Development Lifecycle is all about the developers...

6 small business security

How a small business should respond to a hack

With small business finding itself in hackers’ crosshairs as much as the big boys, it’s imperative to have an immediate response plan in the event of an attack.

locked binary code and circuits

Why every business should consider ISO 27701 compliance for their vendors

The new standard provide a comprehensive set of controls for information security and the protection of personal information.

Keep third-party risk on your radar: Piggybacked deer, giraffe and cat balance on a tightrope.

Are you taking third-party risk seriously enough?

Because third parties are often responsible for data breaches, your internal security standards must extend beyond your borders to cover vendors and other external partners.

football

What Andrew Luck’s retirement can teach infosec leaders

Andrew Luck was an incredible quarterback who performed at very high levels despite numerous hits and injuries. At the age of 29, he walked away from the sport he loved and untold millions of dollars. This action, and the reaction...

iot security networking privacy

Data privacy in the IoT age: 4 steps for reducing risk

As internet of things (IoT) devices proliferate, corporate security teams face a steep challenge around data privacy. Here's what you can do now to protect your company.

Load More