Expert analysis
Latest IE 0-day insight: Background, severity and solutions
This recently discovered Internet Explorer zero day vulnerability is bad. Users and administrators should take immediate action to mitigate the risk. Considering the timing, I …
What CISOs must learn from Bitcoin and a research team at Georgia Tech
It has been an eventful time in the mobile world with two recent breaking stories revealing vulnerabilities in the security infrastructure for Android and iOS respectively. …
Why the iPhone fingerprint reader is a good idea
Two new iPhones have been announced. According to Apple’s presentation, the most common way to secure a device is with a passcode and about half of smartphone users do …
Is BEAST still a threat?
Yesterday I changed the SSL Labs rating criteria to stop penalizing sites that do not implement server-side mitigations for the BEAST attack. That means that we now consider …
New gTLD security implications
The new gTLDs that are being implemented have a few security concerns already. One of the major concerns is Name Collision, which results from a single domain name being used …
Understanding and defending against Denial of Service attacks
Denial of Service (DoS) attacks continue to be on the rise, which is no surprise given our ever-growing dependency on Web-based services, coupled with the fact that these …
Smart building security: Threats, tips and tricks
Martin Lee is the Technical Lead, Threat Intelligence at Cisco. In this interview he discusses the critical security threats to smart buildings, the features of a robust and …
There are no winners in the blame game
Every time a major security breach makes the headlines, a common reaction happens. Even before the details of the breach are known, the infosec world gets into a frenzy of …
The erosion of privacy in the digital world
Yves Le Roux is the Technology Strategist at CA Technologies and Chair of ISACA’s Data Privacy Task Force. In this interview he discusses the evolution of the digital …
Lucrative business: cybercrime-as-a-service
With news of the struggling high street becoming a regular occurrence, it is not surprising that increasingly small businesses are seeking opportunities online. However …
Securing the modern web: Open sourcing the future of IAM
Every CIO needs a reliable identity and access management (IAM) system for protecting employee, customer, and partner data – and for years, they have relied on …
Dear CSO, do you know how to build security culture?
What do you really know about security culture? I am going out on a limb here and claim you know very little, if anything at all. Your day job is about security, and like most …