• Job description: Infosec Ranger at Pwnie Express

    When I learned that well-known hacker and conference speaker Jayson Street decided to join the Pwnie Express team, I knew this was the perfect time for an interview.

  • Enabling secure file sharing in the enterprise

    As enterprise mobility meets collaboration, the workplace as we know it is transforming. Gone are the days when employees stopped working after leaving the office or disseminated photocopied reports for discussion in a group meeting. Today, information workers are increasingly using mobile devices as portable desktops to support what is fast becoming a 24x7, “work wherever, whenever” preference. While this flexibility boosts productivity, it also leads to increased security risks.

  • The most unpopular person in the room

    That’s me. At least I was the week I wrote this. I had the wonderful opportunity to speak at a number of conferences that were not solely related to security. Firstly it was absolutely fascinating to learn about how organizations are innovating within the Internet of Things. From the deployment of billions of connected sensors into our everyday life, to connected wigs, and mining onto comets, our future looks exciting.

  • Shaping mobile security

    Most of us are familiar with the ‘triangle’ project management model, which highlights the constraints on delivering results in projects. The three corners of the triangle are fast, good and cheap, showing that in any given project, all three attributes cannot be optimized: one will inevitably be compromised to maximize the other two. You can have a good project delivered quickly, but not cheaply, and so on.

  • Infosec industry: Time to put up or shut up

    The information security industry is one of the most exciting industries to be involved in. It offers many opportunities to exercise one’s passion and curiosity about technology and address the challenges of keeping that technology secure. The endless technological innovations and the rapid adoption of technology by business, consumers, and society makes our daily lives increasingly dependent on technology. This means that we, as an industry, need to rapidly address the challenges this technology revolution brings, and make sure that these new solutions are as secure as possible.

  • Vigilance and the Enterprise of Things

    Most enterprises allow BYOD in their environment, with varying levels of supervision. Typically, these are tablets and smartphones but the number of other Internet of Things devices being brought into the enterprise is on the rise. I like to refer to this as the Enterprise of Things.

    Many of the organizations I work with are just beginning to grapple with the implications of this shift, and I think a number of aspects need to be considered as we deal with this new reality. Here is a quick run-down of some of the items to consider.

  • A holistic approach to protecting intellectual property

    Protecting intellectual property (IP) is high priority for security professionals, but IP can be a vague term. What exactly is included under the umbrella of IP? And what’s the best way to protect IP within an organization?

  • Aligning risk analysis and IT security spending

    IT security spending should be aligned with risk analysis results. Too frequently, though, this is not the case.

    Thought leaders in information security have been describing a shift in security control effectiveness over time from network-based, to application-based, and ultimately to data-centric security.

  • Overcoming Big Data security obstacles

    When it comes to security, Big Data can be the cause of many obstacles. As Big Data often contains enormous quantities of personally identifiable information, privacy becomes a very real and primary concern.

    The consequences of a security breach affecting Big Data can be more devastating than the consequences of other breaches as it will affect a significantly larger group of people. As a result, not only will the damage be reputational, but there will also be significant legal ramifications that an organization then has to deal with.

  • Enterprises must prepare for attacks on supply chain and POS in 2015

    One thing is certain – there is plenty of job security in the business of protecting data. Attackers keep upping their game therefore, so must we. 2014 can be characterized in a number of ways: the year of (another) mega breach, the year of supply chain attacks, the year POS systems lost their credibility.

    For these reasons and many, many others, the infosec industry must step up. Likewise, businesses of all shapes and sizes must prioritize information security discussions similar to sales and supply planning. In 2015, I believe we will see advances from both the bad guys and, because I’m an optimist, in enterprise response. Here are my top 5 predictions for what we see in 2015.

Videos      Podcasts


Leveraging network intelligence and deep packet inspection

Posted on 26 November 2014.  |  Tomer Saban, CEO of WireX Systems, talks about how deep packet inspection helps with identifying emerging threats, the role of network intelligence, and more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Nov 28th