• Innovation must not come at the price of security

    As a plethora of start-up app companies compete for our attention and business and consumer boundaries for Internet of Things (IoT) technologies become harder to define, security on these kinds of devices is no longer a “nice to have,” but a must-have. We can no longer assume these systems are secure. In the not-too-distant future, such systems could yield attacks that have a very personal impact on each of us.

  • The coming shift in security

    How does an organization apply the right mix of dollars, staff and strategy to the problem of finding attackers who are accessing systems using stolen, valid credentials?

  • Top 3 reasons businesses should prioritize web security

    A top priority for businesses will be securing their data in 2015. The bad news? Hackers won’t stop just because it’s the new year: recent hacks are representative of the digital age we live in, and accessibility comes at a price. The good news, though, is that security standards are also evolving to combat these hacks.

  • The one compliance lesson you need to learn

    When asked to give one piece of advice about how companies should improve their privacy and data protection programs in 2015, I suggest that we begin to think about privacy and security protections in a new context – that of “Crime and Punishment”.

  • Four cyber security risks not to be taken for granted

    It's pretty difficult to make information security predictions, and even more difficult to verify them afterwards: we can only judge the effectiveness of information security by the number of public security incidents that were uncovered, while the majority of data breaches remain undetected.

    However, we can try to make some web security predictions based on common sense profitability (profit/cost ratio) for hackers.

  • Identity theft for dummies

    Identity theft continues to grow, and while significant awareness activities are undertaken to ensure people are aware of the attempts to gather information through digital means, an application form, hotel promotion, or even simply checking in ups the level of risk.

  • Infosec: More than reindeer games

    As CEO of XMAS Inc., the leading manufacturing and shipping enterprise, you face extraordinary pressure to deliver joy on Christmas morning to billions of kids around the world. In fact, it’s hard to think of any other top business leader who is responsible for so many children’s dreams each year—and whose executive compensation package consists entirely of cookies and milk. With only a single workshop located in a hostile climate, a limited number of legacy employees, one used vehicle, no financing and an extraordinary supply of sugar you’ve been able to accomplish more than what any of your competitors—all with far greater resources—will achieve over the course of their entire careers.

  • 5 working days left until the deadline for compliance with PCI DSS 3.0 kicks in

    Maintaining credit and debit card information on behalf of financial services clients demands the highest levels of security and customer confidence, and adhering to standards like PCI DSS plays a crucial role in this. Unfortunately, given the fact the financial sector remains a key target for cyber-criminals – pummeled by both nation state hackers trying to harm enemies’ core financial structure and criminals out to steal money – the time has come to put protections in place around that data itself.

  • Will 2015 be the year of risk-based security?

    As 2014 comes to a close, many of us are beginning to look ahead at the expected trends for the coming year. For those of us in cybersecurity who are at the forefront of protecting organizations from an increasingly dynamic threat landscape and the harsh realities of cybercrime, placing big bets and declaring predictions regarding what we will see in 2015 has become both sport and tradition.

  • Your email, your data, your control

    In the U.S., we are willing to trade our privacy and security in exchange for convenience. Think about the last time you stored your password on a website, kept a credit card on file with a service provider or hosted your email free in the cloud. All of these actions raise security concerns, but many of us accept those risks as the price of convenience. The dramatic increase in applications is only exacerbating the problem of increased avenues for sharing – and potentially exposing – personally identifiable information (PII).

Videos      Podcasts


Infosec management strategies and the modern CTO

Posted on 21 January 2015.  |  Brandon Hoffman, Lumeta's CTO, talks about the management strategies that are essential in the information security industry. He also offers advice to those stepping into the CTO role for the first time, and talks about the evolution of network situational awareness.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Jan 23rd