U.S. is still tiptoeing toward EMV credit cards

At least we’re finally officially in the transition period, but it could last for years.

Anonymous just might make all the difference in attacking ISIS

The hacking group’s activities have always seemed dubious, but in this case, success will be quite welcome.

When it comes to enterprise network security, less is more

Diminishing returns in network security.

To get new initiatives done, money talks

A couple of worthwhile security initiatives will languish if staffers have no incentive to work on them. Solution? Tie them to bonus pay.

Strengthen your network security with Passive DNS

Collecting and analyzing Passive DNS data can help identify malicious sites and combat phishing and malware; here’s how to get started.

Social engineering: Employees could be your weakest link

Business leaders should be aware of the risks that social engineering can pose to their operations, reputation and customers.

FireEye shows that even security products can have security holes

But we never should have assumed otherwise. Any product can have security holes, and security vendors aren’t exempt.

Malvertising is a troubling trend

Malware that can infect a computer with no user interaction needed is certainly bad news.

Security companies shouldn’t be this thin-skinned

FireEye, like all companies, wants to protect its intellectual property. But it needs to realize that security companies aren’t perceived like other companies.

The perils of single sign-on

SSO will bring several benefits, but our manager has to be prepared to address any security lapses that could accompany it.

Kaspersky: Great product, dreadful installation/upgrade process

All companies need to pay more attention to the experience that ordinary users have when they try to install new products and upgrades.

We can still ‘Nail’ security in the IoT

It’s a matter of getting product developers to overcome their naïveté, ignorance and laziness. Harsh? Yeah, but the truth hurts.

The sharks of the Internet

That’s what hackers are — they should be feared, but our fears are completely out of proportion.

The RMS Titanic and cybersecurity

Famous shipwreck holds many lessons for the cybersecurity community

By Jon Oltsik | 02 September, 2015 18:20

Tags: RMS Titanic, cybersecurity, security

Of Black Hat and security awareness

The annual security conference was a chance to go deep. But back in the office, how do you get 100% of the company’s employees to complete the security awareness training?

Adobe Flash: Kill it now

It’s time to put Flash out of our misery once and for all. And, thanks to Google, it may finally happen.

Advanced pedestrian detection is here. It is very useful and makes me nervous

Google has made a big leap forward with real-time image recognition that can be applied to pedestrian detection. This is good news for potential accident victims out there. But the privacy implications!

By Erika Morphy | 28 August, 2015 21:00

Tags: surveillance

Why we love last-millennium password policies

IT pilot fish goes to work at a large retailer's distribution center, where the policy is that passwords must be changed every 90 days -- which turns out to have unexpected consequences.

Oracle, still clueless about security

Oracle Chief Security Officer Mary Ann Davidson let loose a long rant about people who dare to look into the security of the company’s products. Oracle quickly backed away from those remarks, but has it faced up to the fact that its CSO has some wrongheaded notions about her own area of expertise?

By Steven J. Vaughan-Nichols | 25 August, 2015 19:49

Tags: Oracle

The security and risk management of shadow IT

Shadow IT brings many security issues, but since these systems are not on IT's radar, they do not get factored into overall risk management strategy. Here are some practical suggestions.

By Robert C. Covington | 24 August, 2015 20:00

Tags: security

Top Whitepapers

Featured Whitepapers