security awareness
GitHub accounts hacked in ongoing brute force attack
GitHub users should consider changing their account password to a more complex one and setting up 2-factor authentication in order to protect themselves from automated brute …
Most organizations unafraid of phishing
ThreatSim released its 2013 State of the Phish Awareness Index, gauging phishing training, awareness and readiness among 300 IT executives, administrators and professionals in …
Microsoft details risks of running unsupported software
Microsoft published their Security Intelligence Report (SIR) volume 15, which analyzes threat intelligence from more than 1 billion systems worldwide to provide in-depth …
Building an information security awareness program from scratch
Most security awareness programs suck. They involve canned video presentations or someone from HR explaining computer use policies. Others are extremely expensive and beyond …
Survey highlights ignorant IT behavior in the workplace
You receive a strange email. It looks shady. You’re probably being phished – a hacker is attempting to gain access to your enterprise. They must want to hijack …
RSA advises customers to stop using NSA-influenced encryption algorithm
In the wake of the disclosure that the NSA has influenced NIST to adopt an encryption standard that includes one random bit generator with a weakness known only to the …
Mobile data security remains weak
Coalfire surveyed 400 individuals working in a variety of industries across North America who are not affiliated with their company’s IT department. Survey findings show …
Executives, IT officers most concerned about malicious insiders
An international survey polling 260 respondents from a wide variety of industry sectors has revealed that over half of them are more worried about their own employees turning …
Employees biggest IT threat to businesses
Despite British small and medium sized enterprises (SMEs) providing training in IT and security, employees fail to prevent breaches and data leaks, according to McAfee. Even …
Human sensors: How encouraging user reporting strengthens security
Despite the pervasiveness of cyber-attacks threatening the enterprise security today, many organizations are still not taking advantage of their most widely deployed security …
Academic institutions urged to improve network and DNS configurations
The Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) has issued an alert to IT security staff, and network and DNS administrators urging …
The CSO perspective on risk management
Candy Alexander is the CSO at Long Term Care Partners and volunteers as a member of the International Board of Directors for ISSA. In the past, she was invited to the White …