Stories by Joan Goodchild

The clean desk test

Ten ways a messy desk puts confidential information at risk.

Written by Joan Goodchild23 Jan. 19 03:27

Why I did it: Former hacker Mitchell Frost explains his motivation

In 2006, Mitchell Frost, then a 19-year-old college student at the University of Akron, used the school's computer network to control the botnets he had created. Authorities say between August 2006 and March 2007, Frost launched a series of denial of service (DDOS) attacks against several conservative web sites, including Billoreilly.com, Anncoulter.com and Rudy Giuliani's campaign site, Joinrudy2008.com. He is accused of taking down the O'Reilly site five times, as well as disrupting the University of Akron's network during a DDOS attack Frost allegedly launched on a gaming server hosted by the university.

Written by Joan Goodchild22 Jan. 14 18:02

State of the CSO 2012: Ready for anything

The saying goes that in every crisis, there is an opportunity. Compliance requirements, data and privacy demands, and the threat landscape are constantly evolving, forcing companies to realize the importance of security and invest accordingly. As security concerns expand, so does the role of the security leader.

Written by Joan Goodchild01 Oct. 12 15:57

Security managers split on BYOD, sceptical of Android devices

CSOs, CISOs and other security managers are not embracing the bring-your-own-device movement set into motion by demanding employees, but they aren't refusing to allow user-owned smartphones and tablets into the work place either.

Written by Joan Goodchild12 March 12 22:00

Most fraud is an inside job, says survey

Fraud cost organizations 2.1 percent of earnings in the past 12 months, which is equivalent to a week of revenues over the course of a year, according to the Kroll Annual Global Fraud Report, a recent survey that polled more than 1,200 senior executives worldwide.

Written by Joan Goodchild10 Nov. 11 11:37

Confessions of a professional bank robber

Jim Stickley got his first computer at age 12, and he was chatting with other computer "nerds" on bulletin board sites by the time he was 16. A wannabe hacker, Stickley said his first foray into playing the system was with free codes - codes that would exclude his phone and computer time from racking up charges that would incur the wrath of his parents.

Written by Joan Goodchild25 Oct. 11 22:00

New social engineering poll reveals which scam works better

Which tactic works best for a <a href="http://www.csoonline.com/article/596512/social-engineering-techniques-4-ways-criminal-outsiders-get-inside">scamming social engineer</a>? Acting like an authority figure and requiring a victim to answer questions and give up sensitive information? Or acting like a nice, trustworthy person who strikes up a friendly conversation and just needs the victim to tell them a few things to help them out?

Written by Joan Goodchild18 Oct. 11 05:35

New employees the most susceptible to social engineering

Social engineering attacks are widespread, frequent and cost organisations thousands of dollars annually according to new research from security firm Check Point Software Technologies.

Written by Joan Goodchild24 Sept. 11 22:00

Facebook tool takes profile info, helps social engineers

A group of security researchers based in Egypt have created a tool that will make social engineering easier because it automates the collection of hidden Facebook profile data that is otherwise only accessible to friends in a user's network.

Written by Joan Goodchild14 Sept. 11 22:00

Using remote access securely

A data-breach-investigations <a href="http://www.csoonline.com/article/679874/verizon-advanced-persistant-threat-is-overblown">report issued by Verizon</a> earlier this year found 71 percent of all <a href="http://www.csoonline.com/article/677537/industry-searches-for-lessons-after-rsa-breach">hacking attacks</a> on business take place using remote access or desktop service.

Written by Joan Goodchild13 Sept. 11 06:17

Mobile device security

While 69 percent of organisations have employees using personal devices to connect to their corporate network, more than one-fifth, or 21 percent, currently have no policy in place to govern the use of personal mobile devices on their network. These new figures, released recently from security-products firm Courion, suggest many security leaders are still ignoring the need to address mobile-device management among their employees.

Written by Joan Goodchild03 Aug. 11 22:00

Dissecting the three mobile malware techniques

Social engineers have been using various dirty tricks to fool people for centuries. Social engineering, the art of gaining access to buildings, systems or data by exploiting human psychology, rather than by breaking in or using technical hacking techniques, is as old as crime itself and has been used in many ways for decades.

Written by Joan Goodchild31 July 11 22:00

Social engineering: 3 mobile malware techniques

Social engineers have been using various <a href="http://www.csoonline.com/article/480589/9-dirty-tricks-social-engineers-favorite-pick-up-lines">dirty tricks</a> to fool people for centuries. <a href="http://www.csoonline.com/article/596512/social-engineering-techniques-4-ways-criminal-outsiders-get-inside">Social engineering</a>, the art of <a href="http://www.csoonline.com/article/494464/social-engineering-5-security-holes-at-the-office-includes-video-">gaining access to buildings</a>, systems or data by exploiting <a href="http://www.csoonline.com/article/663329/social-engineering-3-examples-of-human-hacking">human psychology</a>, rather than by breaking in or using technical hacking techniques, is as old as crime itself and has been used in many ways for decades.

Written by Joan Goodchild26 July 11 03:48

Tips to use Facebook to conduct background checks

As more people create Facebook profiles (500 million and growing), and sign on to the many social media sites available today, hiring managers are finding they have new opportunities to get background information on job candidates.

Written by Joan Goodchild19 June 11 22:00