• Trumping cybercriminals during tax season: Tips on how to stay safe

    Tax season is stressful for many reasons and April 15 equals a headache for many Americans. In addition to wading through taxes, tax season also opens up a new vector in which cybercriminals can attack. With consumers sending and receiving very personal information over email – one of the weakest links in the cyber security fence – cybercriminals are on high alert, looking for the most opportune moment to strike.

  • Why you shouldn't ignore change auditing

    Rupesh Kumar is the Director of Lepide Software. In this interview, he discusses the benefits of change auditing.

  • Signature antivirus' dirty little secret

    If you rely only on traditional, signature-based antivirus, you are going to get infected—and probably a lot! Antivirus was, and still is, a valuable addition to your layered security strategy, but only if you understand its limitations, which have become more and more prominent over time.

  • Do your attackers know your network better than you?

    This article examines the processes that companies should put in place to track the flow of sensitive data throughout the organization, and explores what organizations should do to get a better handle on what “normal” behavior of data is, as well as the importance of conducting regular sweeps to identify anomalous behavior. This means that organizations will have a clearer picture when something out of the ordinary happens, instead of sifting through thousands of security alerts.

  • Why senior managers need to be involved in data security

    The networking environment has changed radically in recent times. In today's world of increasing wireless use, widespread BYOD, more home working, more remote access, more consumer devices and the huge popularity of social media, the network is becoming ever more distributed. In this situation, security breaches are inevitable, as is evidenced by the regular reporting of breaches at major organizations.

  • The evolution of vendor risk management in financial institutions

    Shifting from a model mainly focused on questionnaires and assessments, many institutions and regulators are moving away from these more subjective, trust based practices and looking for solutions that will allow organizations to monitor and verify the controls that are in place to guarantee security and privacy requirements are being met. Responsibility for vendor management has also moved from the domain of procurement and sourcing teams into the realm of IT and Risk Managers, in order to better integrate vendor risk management with broader enterprise risk management strategies.

  • Information security innovation and research

    Sin-Yaw Wang is the Vice President of Engineering at WatchGuard Technologies. In this interview he talks about the the main challenges for delivering innovative information security technologies as well as long-term investments in security R&D.

  • Preventing fraud through enterprise password management

    A few simple steps can go a long way to making things much more difficult for individuals to commit fraud. The first step is a strong password policy. For example, make sure passwords meet the strictest security requirements. This is possible by using passwords with a minimum number of characters – say, seven -- setting maximum password validity of between 30 and 90 days, and requiring random using special characters, capitals, small letters and digits.

  • When it comes to patient data privacy, compliance and security differ

    Why healthcare organizations – from hospitals, physician groups, pharmacies and others that process healthcare data – haven’t done more on the security front?

  • Protecting healthcare records from cyber attacks is a game of cat and mouse

    The never-ending battle between healthcare organisations and cyber attackers has always been like a game of cat and mouse. The hacker plays the role of the mouse, constantly trying to sneak past the company’s cat that is guarding information. For years, the cat not only consistently beat the mouse, he would help his fellow cats identify new mice and keep them out of their cupboards too. But as the successful data breaches over the past year demonstrate, including one earlier this year that made headlines after millions of health insurance records were compromised, the mice are now kicking the cats in their tails.

Videos      Podcasts


10 practical security tips for DevOps

By working with the DevOps team, you can ensure that the production environment is more predictable, auditable and more secure than before. The key is to integrate your security requirements into the DevOps pipeline.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Mar 31st