5 computer security facts that surprise most people
As a 30-year road warrior, I’ve learned some security truths that seem wrong, but must be accepted if you really want to understand the threats you face.
As a 30-year road warrior, I’ve learned some security truths that seem wrong, but must be accepted if you really want to understand the threats you face.
Many experts say that people are more important than process in the IT security world. That is politically correct, as opposed to actually correct.
No sophisticated SOC? You can still be pretty sure that you’re aware of anything potentially troublesome.
There are many reasons not to pay ransom to regain access to your data. Let’s opt for the selfish one.
In light of the tragedy in Belgium columnist Rob Enderle writes that it is more important than ever to rethink our security efforts. People seem to think security is someone else’s problem, but the reality is that security is something we all need to own.
Security professionals should look in the mirror, before declaring a user, “stupid”.
It had been custom for organizations to think of cyber security in terms of an information technology (IT) problem best left to IT people to address and fix. However, as more prolific breaches were publicized exposing a variety of sensitive personal, financial, and intellectual property-related data, it became clear that this was a rather myopic view in today’s increasingly interconnected world.
Columnist Rob Enderle says a recent data breach investigation report should have you rethinking your cybersecurity strategies. Here’s why you may want to buy a bunker.
A number of Dell customers claim to have been contacted by scammers who had access to specific customer information that should have only been available to Dell. The company claims it hasn't been hacked but won't offer an explanation for the seemingly stolen data.
Security industry prognosticators rely more on marketing, hype, and our own bad memories than any knowledge of security past, present or future.
With the advent of 2016, I was tempted to touch upon my thoughts on what the future of the cyber landscape will hold, prognosticating trends and shifts and what the next big threat would be. However, upon deeper reflection and further review of 2015, I’ve decided to focus on what we as cyber security executives have control of and can influence, as those have a direct and more profound impact on the organizations we steward. The “Five Sins” may seem hyperbolic but given the fact that organizations are continuing to make the same mistakes without trying to rectify them, I think it’s fitting particularly at the end of the year when we aspire to be better than we were yesterday, but not as good as we hope to be tomorrow.
There have been some major changes related to risk management in the last few years that have made many people take notice. Businesses and consumers alike are faced with new threats.
There is a bit of a name fight going on with a new class of security software. Traditionally, this has been called UBA, for User Based Analysis or Analytics. However, recently newer firms are coming to market arguing that the name should have more to do with the benefit the technology provides and reflect that the breadth of analysis goes well beyond users. Thus, you have ABD, or Active Breach Detection, and this could as easily be DBD, or Dynamic Breach Detection, or even SJIASSFYCAWCTYWTAAWTAS or Some Jerk Is Already Stealing Stuff From Your Company And We Can Tell You Who They Are And What They Are Stealing.
In today's global office, IT security leadership spends a great deal of time and resources creating a defense-in-depth approach to data security. This often includes layering on both logical and physical solutions as well as detailing out policies and procedures for accessing company data in a secure manner.
In the age of big data, bring-your-own-devices and internet-connected supply chains, cybercrime is big business; and cyber security has never been higher on the C-suite agenda. Here are three steps CIOs can take in this environment.
If someone with the proper motive and means (time, money, and resources) wants what you have badly enough, they are going to get it. Many companies fail to prepare for a breach until it's too late. Unfortunately, there is not a true, tested method for preventing and/or stopping a breach. How does one survive the inevitable?
The executive in charge of Comcast's support organization is having an interesting week.
According to a recent article in the Wall Street Journal, corporate boards are getting much more involved in cybersecurity. What's driving this behavior? While the Target breach probably influenced this behavior, corporate boards now realize that cybersecurity has become a pervasive risk that could have an adverse impact on all businesses.
Why have recent vulnerabilities gotten so much more attention than the ones that preceded them? It's hard to say, but the new awareness is a mixed blessing.
Launched in October 2001, today (really) marks the end of support for the Windows XP operating system. As the 12+ year run of Windows XP comes to an end, it holds some curious lessons.