What keeps senior IT security pros up at night? It’s not what you think
In the security space, last year was one for the books. Edward Snowden made waves after leaking classified documents detailing government surveillance programs, which raised …
Top 4 strategies to mitigate cyber intrusions
In this podcast, recorded at Infosecurity Europe 2014, Wolfgang Kandek, CTO at Qualys, talks about the Top 4 Critical Security Controls to fend off attacks. The Council on …
It’s World Password Day: Change your passwords
Today (May 7) is World Password Day – a day dedicated to promoting the use of strong passwords and the creation of good habits when it comes to choosing passwords. …
Responding to data breaches and increasing security
In this podcast, recorded at Infosecurity Europe 2014, Josie Herbert interviews Craig Carpenter, the Chief Cybersecurity Strategist for AccessData. Carpenter tackles the …
EU Data Protection Regulation: Detection is the best prevention
The UK government recently published guidelines for companies covering the five basic controls that businesses must follow to ensure a minimum level of protection. The goal of …
Password management done right
David Sancho, senior threat researcher with Trend Micro, has recently written a short but good post in which he pointed out the reasons why despite their inherent insecurity, …
Tips for utilities to comply with new cybersecurity standards
When the North American Electric Reliability Corporation (NERC) signed Order 791 in January 2014, more than 400 utilities suddenly faced a tight timetable to plan for and …
How to learn information security
Learning is a skill. A skill that can be, well, learned. I am often approached by young people who ask me what does it take to move into the information security field, what …
Six infosec tips I learned from Game of Thrones
In Westeros—the land of dark knights, backstabbing royals, dragons, wildings, wargs, red witches, and White Walkers—even the youngest ones have to learn basic self-defense …
Passwords: Real-world issues, tips and alternatives
Per Thorsheim is an independent information security adviser based in Norway. He is the founder and main organizer of PasswordsCon, the first and only international conference …
Working to accomplish compliance and security
Organizations have until January 2015 to meet the new requirements of the PCI Data Security Standard version 3.0. Businesses need to ensure that compliance is cyclical and …
Learning from others
The old saying “one man’s misfortune is another man’s gain” is eminently applicable in the information security industry. When an organization becomes …