Idappcom CEO Ray Bryant discusses how to step up your security defenses by measuring current effectiveness and enhancing your security solutions. 27 July 2010
Standards cover much of the field of information risk management, but there is an art to the rational understanding and mitigation of risk that is more about skill than knowledge. Brian McKenna uncovers how the discipline can be practiced with a cool head and a calm stomach 21 July 2010
Meridian’s Paul Johnson examines the differences between CSO and CISO and makes the case as to why small and medium-sized organizations must consider logical security training if they choose to employ an all-encompassing CSO, rather than separating logical security responsibilities out to a CISO. 19 July 2010
Legend has it that the late West Virgina Senator Robert Byrd carried a copy of the US constitution in his pocket at all times while on the floor of the Senate. Infosecurity's Drew Amorosi shares his opinions as to why Facebook's Mark Zuckerberg should do the same, or at the very least a current text on civil liberties. 29 June 2010
This past February, Microsoft, along with industry partners and academic researchers, spearheaded an effort to take the Waledec botnet offline. Drew Amorosi provides a detailed account of just how the cooperative endeavor was able to halt – at least temporarily – the notorious spam serving network. 08 June 2010
System logs haven’t really changed since the days of the IBM 360, but the need to manage them effectively for security purposes certainly has. Danny Bradbury finds out why log management is so important – and why we aren’t doing it properly 02 June 2010
How much do data breaches really damage organizations financially – and why don’t we want to hear about it? Danny Bradbury investigates 24 May 2010
The first PCI DSS compliance deadline is approaching in September, and with that comes the ever-growing concerns over protecting payment card information transmitted over wireless connections. Ajay Kumar Gupta of AirTight Networks discusses the various SaaS offerings that allow small and medium-sized business to achieve compliance while improving WiFi security. 24 May 2010
Bob Janssen of RES Software examines how secure desktop virtualization can be achieved using a context-centric approach 20 May 2010
Early in his term, President Obama promised to address the issue of cybersecurity by continuing and even expanding upon the efforts of the previous administration. Lauren Moraski surveys experts in the field, providing an assessment of the job the new president is doing so far to address this issue 13 May 2010
Great standards now exist for drafting security policies, but how do you make it real among corporate populations beset by recession, up for the outsourcing chop, and addicted to Facebook? Brian McKenna reports 10 May 2010
Electronic health records are supposed to improve the efficiency and accuracy of healthcare delivery. However, with electronic records come security headaches, and the potential for data breaches. John Sterlicchi examines what the industry is doing thus far to facilitate a secure transition toward electronic health records 05 May 2010
Have you ever wondered what your boss does all day long to earn that lucrative salary? For those of you who yearn for the top seat, Davey Winder reveals what it’s like to live a day in the life of an average CISO 26 April 2010
Infosecurity’s Drew Amorosi shares his opinions on the recent dismissal of Pennsylvania’s CISO and the role that open dialogue played in the decision 21 April 2010
Cheryl Klein of GRC Consulting believes that a focus on automation is the single best way to keep compliance costs manageable, especially for medium and smaller-sized businesses 07 April 2010
Simone Seth from the Information Security Forum asks if we are winning the fight against the cyber criminals 29 March 2010
The recording industry continues to lose billions of dollars each year, along with tens of thousands of jobs, all thanks to illegally downloaded files. Lauren Moraski examines what is being done to combat the drain on this sector 10 March 2010
Morey Haber of eEye Digital Security believes that information security is a horizontal issue that we regulate vertically. Here he examines why this tactic is putting us all at risk. 02 February 2010
Senior IT security veteran Michael Oberlaender explains why availability, integrity, and confidentiality of information are all vital to an organization’s goals and reputation. He also examines the balancing act of security, costs, and functionality that must be evaluated by any IT security professional. 22 January 2010
People have long been accused of being the ‘weakest link’ in information security, but what if lack of usability and security training is actually at the heart of the matter? Wendy M. Grossman investigates 27 November 2009
Multinational companies in North America face a raft of red tape in terms of compliance and regulatory issues, as well as the uphill task of dealing with the complexities of international IT systems and resources. Steve Mansfield-Devine asks how companies can stay within the regulatory confines of relevant information security legislation without compromising profitability 19 November 2009
Information security has become an unavoidable issue for banking and other financial services organizations globally, and recently many of these organizations have turned to compliance, regulations and industry standards to secure their data and information infrastructure. John P. Pironti reports 13 November 2009
Ethical hacking seems to be a contradiction in terms, but what better way of making enterprises pay attention to their security flaws, than by acting like criminals? William Knight investigates 30 October 2009
As mobile working proliferates, boardroom staff is hitting the road with their laptops. Largely unconcerned with backing up their all important data, IT managers back in the office need to automate and secure this process. Steve Gold looks at how to secure a very mobile Board 26 October 2009
The proliferation of information security qualifications, standards and membership associations has reached a level whereby a degree of confusion is understandable. Peter Drabwell introduces some of the qualifications and associations out there 15 October 2009
Today’s CISO needs a range of skills in order to market the security effort effectively to the rest of the business. The (ISC)2 US government advisory board executive writers bureau explores some strategies that can help ensure support from the rest of the organization 04 September 2009
Protecting intellectual property (IP) is imperative for any business. Providing a unique business model will encourage revenue, and keeping selected information from ambitious soon to be ex-employees should help to stave off the competition. Add a recession to the mix, complete with unscrupulous tactics, legal grey areas and an increase in redundancies, and the brewing threats might just boil over. Rob Stringer looks into the not-so-secret formula for keeping intellectual property secure 07 August 2009
As we stand on the cusp of a massive healthcare modernization program, we face increasing challenges over healthcare data privacy. Danny Bradbury explores what’s happening in the US from a technological perspective, and what it means for our sensitive data 03 August 2009
As the recession continues to chew into information security budgets, and cyber criminals see increased opportunity for looting, CIOs must ensure that defenses remain strong and affordable, even if this means a little bargaining. Stephen Pritchard looks at how organizations can negotiate the rough seas ahead. 06 July 2009
PCI DSS has been criticized as being both too prescriptive and too vague. The standard’s effectiveness has come under scrutiny once again as PCI compliant organizations have suffered huge data breaches in recent times. Danny Bradbury looks at the standard to find the root of the problem 26 June 2009
An absence of legislation and the presence of the laissez-faire attitude has resulted in Canada being rather lax when it comes to information security compliance. Robin Arnfield looks at how US standards are driving the Canadian information security marketplace 01 March 2009
Career loyalty is an endangered creature. Unlike our predecessors, today’s workforce is unlikely to stay committed to a job for five years, Career loyalty is an endangered creature. Unlike our predecessors, today’s workforce is unlikely to stay committed to a job for five years, let alone their entire lives. But with such a fluid stream of employees keeping human resources busy, and countless eyes being cast over company data, Rob Stringer investigates how sensitive information can stay faithful to its organization, even if its staff don’t... 01 January 2009
Cyberthreats are increasingly a national security issue, and evidence suggests that the US is not adequately prepared for attacks across the network. Obama’s promise to appoint a Federal CTO is promising, but what else needs to be done to ensure that cyber-enemies are kept at bay? Danny Bradbury reports 01 January 2009
Satisfying the regulatory frameworks associated with public sector defense projects is just one hurdle that the aerospace sector must overcome. Danny Bradbury looks at the sector’s challenges and finds that a single, cohesive security structure could be the answer 01 January 2009
Many manufacturers, ignorant to the value of their trade secrets, are leaving their intellectual property wide open to theft. John Sterlicchi reports. 01 August 2008
Email Address
Password
Forgotten login?