• 4 tips to make data protection everyone's business

    Most people wrongly assume that the burden of protecting workplace data across laptops, tablets and smartphones falls solely on your IT department. Without active observance of company protocols, however, any data security plan that IT puts in place falls flat, leaving your company’s data vulnerable. You don’t necessarily need to memorize a litany of IT mandates in order to reduce the risk of losing or compromising your work data.

    Thinking twice about the cloud-based apps you download and staying up-to-date on the latest password best practices are examples of simple, proactive measures you can take to support your organization’s data privacy efforts.

  • APTs: Minimizing losses with early detection

    Attackers try hard to mask their activities – but try as they might, in order to accomplish their goals, their behaviors are likely to be anomalous at some point in time. Quickly detecting these anomalies as they develop could make the difference between losing tens of millions of customer records and losing a few hundred – or none at all.

  • DMARC: The time is right for email authentication

    The DMARC specification has emerged in the last couple years to pull together all the threads of email authentication technology under one roof—to standardize the method in which email is authenticated, and the manner in which reporting and policy enforcement is implemented. The last two pieces are critical. Prior to DMARC there was no real way to determine how policies were implemented upon email receipt, and no way to determine who was doing what with those emails.

  • Infosec management strategies and the modern CTO

    Lumenta recently appointed Brandon Hoffman as their new CTO. We took this opportunity to get his perspective on the management strategies that are essential in the information security industry. He also offers advice to those stepping into the CTO role for the first time, and talks about the evolution of network situational awareness.

  • Bold reform needed to strengthen U.S cybersecurity

    Mr. President, the status quo in cybersecurity is failing the U.S. It is failing the commercial sector, which is being publicly breached on a weekly basis, and it is failing the government as well. It is time to take bold and decisive action to stop these dangerous and embarrassing hacks before they cause further damage and erode the confidence that is vital to the U.S. economy.

  • Has the time come to give up penetration testing?

    By carrying out ‘white hat’ attacks to identify potential entry points in the externally facing parts of an organization’s IT network, such as its firewalls, email-servers or web-servers, pen testing can bring to light any existing security weaknesses. These potentially vulnerable external facing aspects, however, are rapidly increasing in number.

  • How to prepare if you're selected for an OCR audit

    The forthcoming Office of Civil Rights (OCR) audits for HIPAA compliance have seen some delays this fall – but that doesn’t mean covered organizations can delay their audit preparations. In fact, it’s more important than ever that covered entities and business associates ready themselves, if they haven’t already.

    What should organizations do to prepare for the possibility of an audit? How can you demonstrate compliance efficiently and effectively? Let’s take a look at the essential steps.

  • What is the value of professional certification?

    Recognition for and therefore the value of professional certification is rising within the information security domain. In an increasing number of markets across Europe, chances are that if there is a job being advertised that requires someone to ensure information security of systems, data, software, or the company overall, they will be asked to demonstrate at least a baseline of practical knowledge by having earned a professional certification in the field.

  • Cost of breach vs. cost of deployment

    Security breaches are happening on a daily basis, with millions of usernames, passwords, and associated personally identifiable information being harvested. This information, while valuable in and of itself, is further used by threat actors to impersonate the affected individuals elsewhere, such as on shopping or banking sites. What are the preventive measures and controls that will make a company more resilient and effective in securing itself (and saving on clean-up costs)?

  • Don’t look back in anger

    At the end of the 2014, as at the end of many years before it, our mailboxes were filled with various vendors' security predictions for 2015. We saw them also in articles in industry magazines, and security gurus and experts presented their opinions on what they will be the biggest security trends for the new year in podcasts and webcasts.

Videos      Podcasts


(IN)SECURE Magazine issue 45 released

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Learn about personal data bankruptcy and the cost of privacy, security and compliance, delivering digital security to a mobile world, and much more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Mar 5th