Security & Risk
Beware executives bearing gifts...
If you’re a security and risk leader, it’s either the best of times or the worst of times. Today, it feels as if not a week goes by without yet another revelation of a large scale cyberattack targeting a trusted corporate brand.
December 02, 2014 9:15:00 AM Read Full Post
Are you in tune with your customers' attitudes?
We are in a golden age of data breaches - just this week, the United States Post Office was the latest casualty - and consumer attitudes about data security and privacy are evolving accordingly. If your data security and privacy programs exist just to ensure you meet compliance, you’re going to be in trouble.
November 13, 2014 9:52:00 AM Read Full Post
Getting a grip on adversary research
Mandiant's APT1 report changed the threat intelligence marketing game, and you would be hard pressed to find a cybersecurity company that doesn't have a research/intelligence team that produces threat actor reports.
November 10, 2014 8:59:00 AM Read Full Post
Key questions to ask
As we predicted in May 2012, user directories are moving into the cloud. Cloud workloads require that users who are authorized to access them are stored near the cloud workload and not just on-premise.
October 23, 2014 9:06:00 AM Read Full Post
The terminology minimises the struggle involved in ensuring end point security
During the past 18 months or so, we have seen the emergence of innovative endpoint security solutions. The list is long; it is hard to keep track of all the solutions in the space. In no particular order, here is a sampling: Bromium, Invincea,...
August 14, 2014 9:41:22 AM Read Full Post
Rampant Government Surveillance and Increased Regulation Around The Globe
Corporations spend a lot of time and money to ensure their employee- and customer-facing technologies are compliant with all local and regional data privacy laws. However, this task is made challenging by the patchwork of data privacy...
August 13, 2014 9:44:53 AM Read Full Post
Balancing the excitment of innovation with a security pro's natural caution
The Internet of Things (IoT) is a hot phrase right now, and every vendor is talking about the huge potential of continual connectivity and interaction with smart devices to optimize the asset and transform the customer experience. The potential...
June 02, 2014 8:45:55 PM Read Full Post
Tools and services are necessary but changing culture is essential
It takes a lot more than a static analysis tool, a web scanning service, and a few paid hackers to make your mobile development lifecycle, team, and eventually, your applications secure. Finding flaws in an individual mobile application is easy...
May 08, 2014 9:15:57 AM Read Full Post
Marketers Need Help Managing Risk
Everyone makes mistakes, but for social media teams, one wrong click can mean catastrophe. @USAirways experienced this week when it responded to a customer complaint on Twitter with a pornographic image, quickly escalating into every social media...
April 16, 2014 11:17:17 AM Read Full Post
But ignoring the usability vulnerabilities
Security and risk professionals know what to do with security vulnerabilities: we mitigate the risk directly as best we can, and put in place compensating controls when we can't change the underlying dynamic. But in the age of the customer,...
March 25, 2014 12:23:24 PM Read Full Post