The recording industry continues to lose billions of dollars each year, along with tens of thousands of jobs, all thanks to illegally downloaded files. Lauren Moraski examines what is being done to combat the drain on this sector 10 March 2010
Browsers are the hacker’s window into your PC – but how are they compromised, and what are vendors doing to harden them? Danny Bradbury examines the techniques vendors are employing, and looks at why user education is one of the primary solutions for increased security 08 March 2010
IT security trade shows are an important part of the industry, but taking time off from your regular duties and travelling to the event can be an expensive and time-consuming job in itself. Veteran show-goer Steve Gold explains how it’s done 25 February 2010
Managing the security of the 2010 Olympic Games in Vancouver is no mean feat. Danny Bradbury went behind the scenes at the Olympic site to talk to the people who are tasked with ensuring the event goes smoothly 24 February 2010
Ajay Kumar Gupta of AirTight Networks reviews some of the most common reasons why corporate Wi-Fi users connect to unauthorized networks and what can be done to combat the problem. 17 February 2010
Using reputation in the security field makes users safer. Danny Bradbury takes a look at file reputation technology, and finds that if carefully managed and skillfully honed, it can be a useful addition to a security suite 04 February 2010
Morey Haber of eEye Digital Security believes that information security is a horizontal issue that we regulate vertically. Here he examines why this tactic is putting us all at risk. 02 February 2010
Senior IT security veteran Michael Oberlaender explains why availability, integrity, and confidentiality of information are all vital to an organization’s goals and reputation. He also examines the balancing act of security, costs, and functionality that must be evaluated by any IT security professional. 22 January 2010
People have long been accused of being the ‘weakest link’ in information security, but what if lack of usability and security training is actually at the heart of the matter? Wendy M. Grossman investigates 27 November 2009
Multinational companies in North America face a raft of red tape in terms of compliance and regulatory issues, as well as the uphill task of dealing with the complexities of international IT systems and resources. Steve Mansfield-Devine asks how companies can stay within the regulatory confines of relevant information security legislation without compromising profitability 19 November 2009
Information security has become an unavoidable issue for banking and other financial services organizations globally, and recently many of these organizations have turned to compliance, regulations and industry standards to secure their data and information infrastructure. John P. Pironti reports 13 November 2009
What makes a good digital forensics specialist? Steve Gold looks at some of the latest applications and investigates how the IT forensic investigator’s role has evolved in order to comply with changing customer priorities 06 November 2009
Ethical hacking seems to be a contradiction in terms, but what better way of making enterprises pay attention to their security flaws, than by acting like criminals? William Knight investigates 30 October 2009
As mobile working proliferates, boardroom staff is hitting the road with their laptops. Largely unconcerned with backing up their all important data, IT managers back in the office need to automate and secure this process. Steve Gold looks at how to secure a very mobile Board 26 October 2009
The proliferation of information security qualifications, standards and membership associations has reached a level whereby a degree of confusion is understandable. Peter Drabwell introduces some of the qualifications and associations out there 15 October 2009
Back in the day, telecommunication companies focused purely on voice calls. Then, data services and broadband access became common. The latest generation of services focuses on managed security, says John Sterlicchi – and it could revolutionize the industry 25 September 2009
As the Conficker worm proved when it first appeared in October 2008, there’s more to a piece of malware code than meets the eye, especially when it is self-updating. But can self-updating also mean self-modifying? Steve Gold investigates whether an IT security manager’s nightmare has become a programming reality 18 September 2009
There appears to be no such thing as a ‘typical’ IT or information security career, and the discipline is accustomed to benefitting from transferable skills that newcomers bring from past experience and careers. Peter Berlich looks at why the information security industry is attracting a high number of qualified individuals from fields like IT, engineering and sciences 10 September 2009
Today’s CISO needs a range of skills in order to market the security effort effectively to the rest of the business. The (ISC)2 US government advisory board executive writers bureau explores some strategies that can help ensure support from the rest of the organization 04 September 2009
As the popularity of social networking sites continues to mount, it becomes increasingly important to consider the information security risks posed in the context of a wider data loss prevention and reputation management strategy. Cath Everett reports 20 August 2009
Protecting intellectual property (IP) is imperative for any business. Providing a unique business model will encourage revenue, and keeping selected information from ambitious soon to be ex-employees should help to stave off the competition. Add a recession to the mix, complete with unscrupulous tactics, legal grey areas and an increase in redundancies, and the brewing threats might just boil over. Rob Stringer looks into the not-so-secret formula for keeping intellectual property secure 07 August 2009
As we stand on the cusp of a massive healthcare modernization program, we face increasing challenges over healthcare data privacy. Danny Bradbury explores what’s happening in the US from a technological perspective, and what it means for our sensitive data 03 August 2009
RFID security may still be in its infancy, but, as Steve Gold discovers, the technology is rapidly becoming pervasive and an integral part of the everyday IT security landscape, despite significant teething problems 01 August 2009
The IT and information security industries need to pay more attention to the electricity grid in the near future as more and more smart grids are set up with two-way communication systems. Simon Perry, principal associate analyst at Quocirca, explains why 20 July 2009
The development of virtual servers and cloud computing has brought with it a new information security problem - artificially intelligent (AI) superbots. Steve Gold explains what can be done to defend against this totally new genre of information security threats 14 July 2009
As the recession continues to chew into information security budgets, and cyber criminals see increased opportunity for looting, CIOs must ensure that defenses remain strong and affordable, even if this means a little bargaining. Stephen Pritchard looks at how organizations can negotiate the rough seas ahead. 06 July 2009
PCI DSS has been criticized as being both too prescriptive and too vague. The standard’s effectiveness has come under scrutiny once again as PCI compliant organizations have suffered huge data breaches in recent times. Danny Bradbury looks at the standard to find the root of the problem 26 June 2009
The oil and gas industries are natural targets for cyber-criminals due to sensitive data and very deep pockets. With the introduction of newer IT technologies, such as wireless and even social networking, the jobs of the information security teams are not getting any easier. John Sterlicchi reports 24 June 2009
Green IT has gone mainstream. The last year has seen corporations such as Citigroup establishing their environmental credentials by opening green data centers. But how do the separate disciplines of green IT and information security come together? Robin Arnfield reports 15 June 2009
While the information security world has had its attention fixed on data loss prevention since the TJX breach in early 2007, it has failed to acknowledge the rising issue of data integrity attacks. Sarb Sembhi investigates a threat that he predicts will soon take the industry by storm. 08 June 2009
Virtualization is a welcome medicine for many of IT's irritating symptoms. But is there a risk that basic information security hygiene will suffer as a result? William Knight investigates 01 June 2009
Over the past two decades, outsourcing and offshoring have become central to the business strategy of many organizations. The ongoing race to cut costs has resulted in mass migrations of whole industry sectors from low-cost regions to lower- cost ones, benefitting one and often distressing another - and the information security industry is no exception. Krag Brotby reports. 22 May 2009
The financial system is considered part of the critical national infrastructure as far as the USA is concerned. Danny Bradbury asks what steps are being taken to protect the stock market, and the companies that use it? 18 May 2009
An absence of legislation and the presence of the laissez-faire attitude has resulted in Canada being rather lax when it comes to information security compliance. Robin Arnfield looks at how US standards are driving the Canadian information security marketplace 01 March 2009
Critical national infrastructures such as the National Grid, water and other utility networks have SCADA technology at their heart, but how are these systems protected against hacker, malware and terrorist attacks? Steve Gold spoke to the major players in this important, but little-understood, side of the security industry 01 January 2009
Career loyalty is an endangered creature. Unlike our predecessors, today’s workforce is unlikely to stay committed to a job for five years, Career loyalty is an endangered creature. Unlike our predecessors, today’s workforce is unlikely to stay committed to a job for five years, let alone their entire lives. But with such a fluid stream of employees keeping human resources busy, and countless eyes being cast over company data, Rob Stringer investigates how sensitive information can stay faithful to its organization, even if its staff don’t... 01 January 2009
Cyberthreats are increasingly a national security issue, and evidence suggests that the US is not adequately prepared for attacks across the network. Obama’s promise to appoint a Federal CTO is promising, but what else needs to be done to ensure that cyber-enemies are kept at bay? Danny Bradbury reports 01 January 2009
Satisfying the regulatory frameworks associated with public sector defense projects is just one hurdle that the aerospace sector must overcome. Danny Bradbury looks at the sector’s challenges and finds that a single, cohesive security structure could be the answer 01 January 2009
Silicon Valley, home to some of the world’s most talented IT security professionals, and housing many of the IT security market’s biggest players, is a hub of innovation. But the Valley hasn’t always been famed for its offerings in IT technology, and with bio-tech sweeping the Valley as the next big thing, it may soon re-invent itself once more. Eleanor Dallaway visited the Bay Area to talk to the people that are witnessing this evolution first-hand… 01 November 2008
Many manufacturers, ignorant to the value of their trade secrets, are leaving their intellectual property wide open to theft. John Sterlicchi reports. 01 August 2008
Suzanne Hall, chief information officer of the Washington Nationals baseball team, talks to Greg Valero about the unique IT security challenges associated with opening a new ballpark in the nation’s capital 01 June 2008
VoIP is inevitable. Even if your organization has not yet adopted the system, you will be making VoIP calls in one way or another before very long. But should we be concerned? William Knight investigates 01 June 2008
Employee surveillance is near ubiquitous, but it may be damaging both staff performance and morale, say Adam Joinson and Monica Whitty... 01 February 2008
Securing IT means coping with Donald Rumsfeld’s ‘known unknowns’ – expected attacks whose nature is a surprise. Concepts from medicine, game theory and crowd sourcing may help, finds Danny Bradbury 01 February 2008
Email Address
Password
Forgotten login?