OWASP top 10 web application risks for 2013
Since 2003, application security researchers and experts from all over the world at the Open Web Application Security Project (OWASP) have carefully monitored the state of web …
Brown University CISO on education, BYOD and emerging threats
David Sherry is the CISO at Brown University. He leads the Information Security Group, charged with the development and maintenance of Brown’s information security …
Becoming a computer forensic examiner
Since the advent of affordable personal computers, digital devices, and later the Internet, these technologies have been used for both legal and illegal purposes, and in order …
ISACA releases guide for performing business-relevant assessments
Establishing confidence in IT processes and controls is important, but audit and assurance processes often represent a pain point for business partners. Their perception is …
DNS anomaly detection: Defend against sophisticated malware
Not so long ago, the standard way of looking for a malware infection was to simply monitor web traffic. By looking, for example, for HTTP requests to google.com/webhp – …
Is it time to professionalize information security?
The issue of whether or not information security professionals should be licensed to practice has already been the topic of many a passionate debate. I think it is time to …
Experts highlight top data breach vulnerabilities
Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker. …
CISOs need to engage with the board
Cyberspace has placed information risk firmly on the boardroom agenda, and CISOs need to engage with their boards to ensure their organizations understand and manage …
The CSO perspective on healthcare security and compliance
Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a …
A look into the EC Council hack
Update: Wednesday, 22 May 2013 – Tal Be’ery: “We had analyzed a screenshot of what we had thought at the time the current EC council site hack. Later we had …
IT security jobs: What’s in demand and how to meet it
The information security job market continues to expand. In fact, according to a report by Burning Glass Technologies, over the past five years demand for cybersecurity …
Tips for validating DDoS defenses
Prolexic has issued a number of recommendations that organizations can use to validate their DDoS defenses, as well as protection services they receive from mitigation …