Security

Let’s encrypt – but let’s also decrypt and inspect SSL traffic for threats

You need a dedicated SSL inspection platform to eliminate the blind spot in your defenses

Obama’s cybersecurity agenda bold, but relies on untested funding, experts say

The IT Modernization fund has important goals that won’t be reached until well after the current administration expires.

Snowden leaks furor still spilling over into courts and 4th Amendment debate

Nearly three years after former NSA contractor Edward Snowden first leaked details about massive domestic spying, his revelations have prompted a broader discourse, especially among legal scholars, over the potentially invasive nature of big data cybersurveillance tools.

User behavior analytics is key to identifying nefarious use of insider credentials

What to look for when shopping for these new tools

Oracle fixes critical flaws in Java, Database Server

While most of the fixes for Java, Database, and MySQL are run-of-the-mill, four are rated critical if the targeted user has administrator privileges

By Fahmida Y. Rashid | 22 January, 2016 04:03

Tags: Oracle

Ukrainian power grid hack: What happened and what needs to change?

A former CISO in a critical infrastructure sector shares his thoughts

Will the European Union's new General Data Protection Regulation impact your business?

The European Commission has approved the most stringent data privacy regulation anywhere and it is sure to impact businesses worldwide

The ins and outs of deception for cyber security

Today’s deception technologies abandon reliance on known attack patterns and monitoring and use advanced luring techniques and engagement servers

Mingis on Tech: Hackable health records, bold predictions for 2016

Executive News Editor Ken Mingis and Computerworld staffers discuss the sorry state of health record security and bold predictions for the coming year in IT.

The most innovative and damaging hacks of 2015

The year's most significant attacks highlight how hackers are changing tactics -- and how IT security must evolve in the year ahead

By Fahmida Y. Rashid | 28 December, 2015 14:00

Tags: Apple

Acts of terrorism could push Congress toward encryption backdoors in 2016

Despite the risks to online commerce, international high-tech sales, security of trade secrets and the fact that it won’t actually make encryption useless to criminals, decryption backdoors to let law enforcement access encrypted communications could become U.S. law in 2016 – and a nightmare to enterprises – especially if terrorists succeed in carrying out major acts of violence.

By Tim Greene | 16 December, 2015 21:13

Tags: Look ahead 2016

Maximum security: Essential tools for everyday encryption

Thanks to technical advances and increased adoption, securing your data and communications is a lot easier than you might think

Biggest data breaches of 2015

Data breaches made big news in 2015 as measured by a variety of criteria that range from the number of records compromised to the types of data stolen to the potential threat to specific groups such as children.

By Tim Greene | 02 December, 2015 21:12

Tags: Year in review 2015, data breaches

10 dumb security mistakes sys admins make

Do as I say, not as I do: Admin mistakes often surpass the severity of those made by users. Here are 10 of the most common -- and their remedies

How to deal with the blind spots in your security created by SSL encrypted traffic

With attackers preying on the security gaps created by encrypted traffic, let’s examine the five most common network traffic inspection errors made today

NIST publishes guidelines for SSH key management: What happens next?

The guidelines provide guidance for enterprises, government agencies and auditors for implementing Secure Shell key management practices and polices

10 reasons why phishing attacks are nastier than ever

Forget Nigerian princes -- today’s spearphishing is sophisticated business, fooling even the most seasoned security pros

007 Tips for keeping your business as secure as MI6

Criminal organizations don’t have James Bond’s resources, but are sophisticated and well funded so you have to continually up your efforts to reduce the threat surface

5 signs your Web application has been hacked

Website defacements? Database dumps? Mysterious files? Here's how to tell if your Web application has been hacked -- and how to secure it once and for all

CISA won’t do much to turn threat intelligence into action

With the Cybersecurity Information Sharing Act (CISA) the feds are trying to make it more attractive to share threat intelligence, but it won’t do much to help businesses deal with the high cost of sorting through what can be an overwhelming flow of possible security incidents.

Top Whitepapers

Featured Whitepapers