Security

Where's the data?

It's a time-honored tradition: U.S. businesses find ways to skirt inconvenient or expensive laws by moving operations to other countries. Thus we have had U.S. corporations operating overseas to exploit child labor, run sweatshops or avoid taxes and rigorous health and safety inspections. Now the U.S. government says something similar is happening in regards to email.

By Evan Schuman | 18 March, 2015 01:56

Tags: Apple, data security, at&t, security, Electronic Freedom Foundation, Microsoft, data protection

Don't get into an email mess

Though she may have broken no laws, Hillary Clinton acted irresponsibly in using a personal email account to conduct official U.S. government business in her capacity as secretary of State.

By Kenneth van Wyk | 13 March, 2015 08:01

Tags: Carnegie Mellon University, email, data security, security, data protection

Making the case for security

Having been at my new company for several months now, this week I was invited to inform executive management about the state of our security. I had half an hour to formally introduce myself and talk about my philosophy, my initial findings and the priorities I think we need to have.

By By Mathias Thurman | 11 March, 2015 03:46

Tags: security, firewall, security awareness, Rule of Least Privilege

Web browsers are also to blame for Lenovo's Superfish fiasco

Lenovo pre-installing Superfish software was a security disaster. Whether Lenovo was evil, or, as they eventually claimed, merely incompetent, it's hard to trust them going forward. If nothing else, their initial denials that anything was wrong, leave a lasting impression. Of course, Superfish, along with the software that they bundled from Komodia, also deserve plenty of blame for breaking the security of HTTPS and SSL/TLS.

By Michael Horowitz | 10 March, 2015 00:07

Tags: Apple, web browsers, Komodia, Firefox, Google, Microsoft, security, Lenovo, Gogo

Rating the payment options

Several electronic and mobile payment options have become available, but most of us in the U.S. are still using plain-vanilla credit and debit cards with magnetic stripes. They use technology that dates to the first Nixon administration. That's not a problem in itself; I have no problem with time-tested security measures that work effectively. But just look around: Data breaches are everywhere, and those magnetic-stripe cards are often implicated.

By Kenneth van Wyk | 27 February, 2015 03:07

Tags: Apple, Google Wallet, mobile payments, Google, mastercard, EMV, mobile, Square, Apple Pay

No one is too small to hack

As the White House and Congress consider new cybersecurity legislation, some middle-market companies may still be questioning whether the cybersecurity crisis is a real threat for their businesses.

By By Matthew F. Prewitt | 17 February, 2015 21:08

Tags: white house, security

The ‘sophisticated attack' myth

Sometimes I wonder whether any company will ever fall victim to an unsophisticated cyberattack. Because after every attack that comes to light, we hear that same excuse: It was a sophisticated attack.

By Ira Winkler | 11 February, 2015 03:26

Tags: Target, Anthem, intrusion, security, beca, Home Depot, sony, Cybercrime & Hacking

Protect yourself from hackers and the NSA

The downside of email, chat, text and messaging apps is that they make you feel like you're communicating privately, with only the intended recipients. And that your messages are private. Until they're not.

By Mike Elgan | 07 February, 2015 23:07

Tags: data security, security, Sony Pictures Entertainment, Sony Pictures, sony, data protection

Uber shows how not to do a privacy report

The Uber privacy report released last week (Jan. 30) is the perfect example of how not to handle a privacy PR disaster -- or any privacy policy matters at all.

By Evan Schuman | 06 February, 2015 06:08

Tags: Uber, security, data privacy, privacy policy, privacy

It's time for the chip-and-PIN'ing of America

Thank goodness for that signature on the back of my credit card. If it weren't for that smudged scrawl, a thief might steal my card (or card number) and make fraudulent purchases. Or steal my identity. Right.

By By Bret Swanson | 05 February, 2015 02:05

Tags: Target, chip and pin, security, credit cards, paypal, Sena, Home Depot

Can you trust Amazon's WorkMail?

When Amazon unveiled its cloud-based corporate WorkMail email offering last week (Jan. 28), it stressed the high-level of encryption it would use and the fact that corporate users would control their own decryption keys. But Amazon neglected to mention that it will retain full access to those messages -- along with the ability to both analyze data for e-commerce marketing and to give data to law enforcement should subpoenas show up.

By Evan Schuman | 03 February, 2015 20:07

Tags: Amazon Workmail, amazon, Apple, Google, security, encryption

7 smartphone rules changed this week

Federal regulators have been throwing their weight around lately, and mostly to good effect for consumers and users of mobile technology.

By Mike Elgan | 03 February, 2015 01:24

Tags: Mobile & Wireless, Federal Trade Commission, Federal Communications Commission, at&t, ftc, mobile

'Parks And Recreation,' Facebook and The New Privacy

If you tuned into Parks And Recreation Tuesday night, you were treated to an episode where social media startup Gryzzl attempts to win over the hearts and minds of its  new neighbors in the fictional town of Pawnee with boxes full of gifts, delivered via Amazon-esque drones.

By Matt Weinberger | 29 January, 2015 09:04

Tags: security, computerworld, data privacy, twitter, privacy

Be prepared for the breach that's headed your way

January 2015 is already winding down, but it's not too late to think about the lessons of 2014. For anyone in information security, 2014 was a year marked by spectacular breaches. It ended with Sony Pictures Entertainment getting its clock cleaned by hackers, quite possibly from North Korea. Wouldn't it be great if 2015 doesn't include the same sort of clock cleaning at your company?

By By Kenneth van Wyk | 27 January, 2015 02:28

Tags: network security, security, data breach, Sony Pictures Entertainment, Sony Pictures, sony

Facebook, take note!

In the last few weeks it's possible some of your Facebook chums posted messages on their walls in which they tried to revoke permission for the social network to use and distribute content they post.

By Jonny Evans | 22 January, 2015 13:58

Tags: intellectual property, security, copyright, data privacy, legal, privacy, Facebook

Sony hack: Never underestimate the stupidity of criminals

So who was really behind the Sony hack? And does it really matter?

By By Ira Winkler and Araceli Treu Gomes | 15 January, 2015 03:07

Tags: Anonymous, intrusion, security, north korea, Sony Pictures, sony, Cybercrime & Hacking

2015: The year the Internet crashes. Hard.

An Internet joke that goes back at least to the early 1980s consists entirely of the phrase: "Imminent Death of the Net Predicted!" Every year, even more often than you'd hear "This will be the year of the Linux desktop!" someone would predict that the Internet was going to go to hell in a handbasket -- and nothing happened. This year it's my turn, but I fear I'm going to be proved right.

By Steven J. Vaughan-Nichols | 09 January, 2015 07:26

Tags: ddos, internet, sony

Sony and Chase: Don't blame the CISO

Over the last couple of weeks, I have read numerous news stories about the widely publicized security breaches at Sony and JPMorgan Chase. It seems as if everybody is a Monday-morning quarterback, with every other reporter voicing an opinion on how these breaches should have been prevented. In particular, I read two articles that specifically blamed the information security organizations at those companies for failing to properly stop the attackers. That's not fair.

By By J.F. Rice | 08 January, 2015 01:23

Tags: JPMorgan Chase, JP Morgan Chase, Microsoft, security, CISO, sony

We can learn from the Sony hack

Well that stinks, doesn't it? Sony Pictures goes and scrubs the launch of a $44 million movie after being hacked, potentially by North Korea. Almost reads more like a James Bond plot than a news story, but there it is. And this time, it doesn't seem likely that Bond, James Bond, is going to show up at the eleventh hour to save the day.

By By Kenneth van Wyk | 20 December, 2014 06:09

Tags: intrusion, Incidence Response, security, north korea, Sony Pictures, sony, Cybercrime & Hacking

Why <i>The Interview</i> won't play in Peoria -- for now

Maybe I should be outraged by Sony's decision not to distribute the movie The Interview, but I am merely saddened by it. I am saddened that a hacking incident with all the hallmarks of a simple case of extortion has been distorted so it looks like a terrorist threat.

By Ira Winkler | 20 December, 2014 05:58

Tags: cyber terror, security, north korea, Sony Pictures, sony, iland

Top Whitepapers

Twitter Feed

Featured Whitepapers