Many business leaders lack a clear understanding of the value of identity and access management. CISO Christopher Paidhrin offers a scenario for how to make the case for an IAM investment.
Termination of an employee after a breach should be reserved for repeat offenders, individuals who show a total disregard for the rules, those who seek to harm another or the most egregious incidents, security expert Mac McMillan contends.
While user education is valuable, needed and helpful, there is one problem with this approach - it only partially works, and partially working is simply not good enough, security expert George Tubin contends.
Here's an argument for why recent indictments linked to what's been called the largest-ever card fraud scam won't deter fraud - and why improved security is a better deterrent.
Improving collaboration among employees is the goal of Yahoo CEO Marissa Mayer's decision to ban telecommuting, but her edict means better information security as well, writes veteran CISO Patricia Titus.
The OWASP Top Ten list of security risks was created more than a decade ago to be the start of an industry standard that could bootstrap the legal system into encouraging more secure software. Here are the 2013 updates.
While adoption of cybersecurity defenses will serve to protect personal data, privacy lawyer Harriet Pearson says some of the defense techniques may require the monitoring or collection of personal information.
The FTC puts the onus on application developers to protect their organization's sensitive data by mandating the use of "reasonable" data security practices. What does this mandate mean in practice?
Using technology to prevent breaches is insufficient. Security leaders also must address the human factor, making sure staff members receive appropriate training on clear-cut policies - before it's too late.
In the rush to allow personal devices to be used for work, we in application security neglected to examine thoroughly the new risks external applications may introduce to our organizations.
The longtime chief information security officer at the CIA understands the appeal of hacking hackers, but Robert Bigman cautions that such revenge might not be so sweet.
Smaller nation-states have been upping the ante of cyber-attacks for years, and now one has shown us exactly the kind of cyberdestruction that extremist elements are willing and able to conduct, former-U.S. National Intelligence Director Mike McConnell writes.
How do we provide mobile applications to our users that fulfill their need for immediate access, but also provide them with assurance that their information is safe? Here are four fundamentals.
Recent events such as Superstorm Sandy have brought new attention to the business continuity discipline. As business continuity grows in significance, so does the desire to measure its effectiveness.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.