What’s jeopardizing the safety of your datacenter?
Datacenters are fraught with hidden operational hazards, and because virtual infrastructure is extremely complex and dynamic, many vulnerabilities go undetected and can be …
IT is losing the battle on security in the cloud
A majority of IT organizations are kept in the dark when it comes to protecting corporate data in the cloud, putting confidential and sensitive information at risk. This is …
Fixing the broken windows of software security
Last month I discussed how we can fix software security issues only by making sure we use libraries and frameworks that don’t allow classes of vulnerability to exist. Of …
Automation is the key to successful policy implementation
Organizations today are facing increased pressure to collect and store massive amounts of data. Regulatory guidelines, storage costs, and the promise of Big Data have …
Explaining infosec magic to kids
Magic! It’s the basis for countless children’s stories filled with adventure and excitement. It’s also how many kids think cyberspace works. There’s …
Targeted attack protection via network topology alteration
When it comes to targeted attacks, attackers are not omniscient. They need to gather information in the early stages to know the target they may gather information from …
How security-wary retailers can prepare for the holiday season
Retailers are beside themselves with worry as the spate of data breaches among them continues. With Black Friday approaching, what can retailers still do to protect themselves …
Tips for mitigating the financial impact of identity theft
With a number of large retailers and banks reporting massive data security breaches in the last year, leaving hundreds of millions of consumers’ personal information …
Lessons learned developing Lynis, an open source security auditing tool
If you’ve been involved with information security for more than a decade, you’ve probably heard of Rootkit Hunter or rkhunter, a software whose primary goal is to …
Infographic: How to spot a phish
Since many cyber attacks originate with a phishing email, the best way for organizations and individuals to protect themselves online is to identify and avoid phishing emails. …
Infographic: 4 authentication definitions you should know
This infographic by Wave Systems addresses current authentication problems and illustrates how to ensure that only known users access corporate resources, devices and …
Identifying deceptive behavior in user-generated content
In this interview, JT Buser, Manager of Authenticity and Fraud at Bazaarvoice, talks about challenges involved in identifying deceptive behavior in user-generated content as …