• 60-minute security makeover: Prevent your own 'epic hack'

    Posted August 23, 2012 - 8:44 pm

    Here are some ways to beef up security on your digital life -- before someone seeking to duplicate the hack that seized control of a Wired reporter's Apple, Amazon and Google accounts finds similar vulnerabilities in yours.
  • GRC: trying to take the bite out of risk

    Posted August 23, 2012 - 3:18 pm

    These days, organizations are facing increasingly sophisticated information security attacks from multiple sources. At the same time, they're struggling to comply with a growing number of government and industry regulations, and they're facing pressure to put in place better corporate controls.
  • China's decade-old cyberwar against the West

    Posted April 22, 2011 - 9:53 am

    Cyber espionage attacks from China are nothing new, but public awareness of the attacks is growing.
  • Smartphone security threats overdramatized, experts say

    Posted February 22, 2011 - 2:16 pm

    I was sitting in the middle of one of the most security conscious crowds you'd ever come across--about 200 computer security professionals listening to a high-powered panel on mobile security threats at the RSA Conference in San Francisco last week.
  • Forrester's 2011 security strategy recommendations

    Posted January 25, 2011 - 5:21 pm

    Every New Year brings an opportunity to review existing security plans and adjust strategies for the next year. And, as I participate in these conversations for 2011, a lot of similar themes have popped up. Most CISOs are struggling with the same issues, ranging from dealing with the changing threat landscape to properly supporting the rising adoption of social technologies, employee-owned mobile devices, and cloud services. In fact, Forrester's research shows that a majority of challenges for security professionals all relate to business orientation and alignment. For example, many senior business and IT leaders are asking CISOs to better support and align with the business and IT objectives, requesting regular interactions and updates from security teams.
  • Six password security tips to learn from the Gawker hack

    Posted December 20, 2010 - 5:47 pm

    The Germans have a word for it: Schadenfreude, taking pleasure in someone else's misfortune. And I have to admit, I did a feel a twinge of satisfaction when Gawker, one of the snarkiest and most self-satisfied collection of sites on the Web, was hacked. But I do worry about the 1.2 million people whose passwords were stolen and posted on the Web for any moderately skilled bad guy to crack and use.
  • Penetration tests: 10 tips for a successful program

    Posted November 15, 2010 - 6:05 pm

    Why are you performing penetration tests? Whether you're using an internal team, outside experts or a combination of the two, are you simply satisfying regulatory or audit requirements, or do you actually expect to improve enterprise security?
  • 11 things executives should ask about their organization's crisis plan

    Posted May 22, 2009 - 1:45 pm

    CDW Corp., a supplier of information technology to business, government, and education, offers the following checklist of topics and questions for non-technology executives and administrators to review with their management teams and (IT) departments to prepare for significant facility shutdowns – regardless of the cause:
  • SOHO businesses beware of 419 scam

    Posted January 27, 2009 - 11:01 am

    Spam comes in all shapes and sizes. Besides the traditional email spam, spammers target forums, blogs, and now, for the first time I’ve seen them targeting Web 2.0 B2B sites with a variation of the old Nigerian 419 scam, this one involving advanced fee fraud. Small businesses and one-man shops should take note and beware of this activity.
  • Psychic predictions for tech in 2009

    Posted December 31, 2008 - 6:23 pm

    We turned to two self-proclaimed psychics to get their takes on what's ahead for some of tech's biggest newsmakers in the new year. We received readings from Silicon Valley's surname-shunning Celia and L.A.'s "psychic angel," Shaun Moore.
  • Patch those computers, the boogeyman is coming!

    Posted December 11, 2008 - 10:54 am

    Security companies like to make shocking claims so that we will be convinced to use their products. And while part of that is just marketing, the fact is, we do need to be shocked out of our complacency every now and then. We need to be told that the boogeyman is out there and he’s going to get our computer one day.
  • Don’t Pass It On!

    Posted December 4, 2008 - 11:39 am

    Around the holiday, I always see more chain emails coming through from well-intended friends and relatives, and so it’s time for an annual warning. Some of these chain emails just have interesting pictures, some make outrageous claims. A large majority of the latter are hoaxes.
  • Microsoft Plans a More Trusted Internet

    Posted November 14, 2008 - 5:52 am

    According to Scott Charney, Corporate Vice President, Trustworthy Computing, Microsoft Corp., the Internet has had a positive impact on many, many aspects of our society, but greater global connectivity combined with the increasingly valuable information stored online has resulted in a new array of threats and an increase in cybercrime.
  • How to Protect Your Private Key

    Posted November 13, 2008 - 5:37 am

    In the world of Certificate Authorities and digital signatures there still exist questions about who gave the authority to the CA’s to authorize the certificates? And although a certificate has been granted, how should we treat a private key that is suspected as having not come from the authorized owner?
  • Trojan Compromises Over 300,000 Accounts

    Posted November 5, 2008 - 10:02 am

    Over the past three years a powerful Trojan maintained by a cybercrime organization has been responsible for stealing the usernames and passwords of nearly half a million bank accounts and nearly as many credit card numbers.
  • Fake Greeting Card Emails Resurface

    Posted November 5, 2008 - 9:57 am

    According to security expert Bill Mullins, in the last year, email inboxes have being swamped with similar scamming emails from fraudulent sites like, and, amongst others.

  • I’ve Got a Secret - Key, That Is

    Posted November 4, 2008 - 8:52 am

    How many of you use VPN?
  • How can scammers obtain your passwords?

    Posted October 28, 2008 - 4:35 am

    Pass the Password Crackers Please Say that ten times! Ouch – someone pass the chapstick! I thought I’d devote some time to how people break into your systems. I’ll give you some information and methods that you can use to test the security of your own systems and passwords.
  • Pass the Password Crackers Please

    Posted October 27, 2008 - 6:56 am

    Pass the Password Crackers Please Say that ten times! Ouch – someone pass the chapstick! I thought I’d devote some time to how people break into your systems. I’ll give you some information and methods that you can use yourself to test the security of your own systems and passwords.
  • Ought Thumb Drives Be Given the Thumbs Down?

    Posted October 24, 2008 - 9:49 am

    Today’s small, portable USB thumb drives can store significant amounts of data and be easily slipped into a pocket without anyone noticing. This makes it possible for someone to copy data from a network, walk out the company door, and transfer the same data onto another PC.
  • The state of information security

    Posted October 23, 2008 - 4:12 am

    CSO’s annual “Global State of Information Security” survey brings to light a few of the failures of how people approach information security, and in particular, focuses on the current economic crisis and the impact that it is having on security technology.
  • What to do about email when traveling?

    Posted October 16, 2008 - 6:03 am

    Most of us take our laptops with us when we travel, and we use them to check and send email while on the road. Of course, it’s a risk. Besides outright theft of the device, there could be Wi-Fi data thieves sitting across from us at the airport looking through our files, compromised networks, and all manner of threats.
  • Legal Considerations of Implementing Honeypots

    Posted October 14, 2008 - 5:04 am

    An increasingly popular technique for detecting would-be intruders, a honeypot is a type of hacker mouse trap. It’s a system that sits on an organization’s network for no other purpose than to be hacked.
  • Virtual vs. Physical Appliances: 4 Compelling Reasons for Change

    Posted October 10, 2008 - 12:26 pm

    Virtual v’s Physical Appliances – 4 compelling reasons for change Executive Summary
  • Confusion over cyber-security

    Posted October 10, 2008 - 5:31 am

    The National Cyber Security Alliance (NCSA) has announced their annual campaign for cyber-security awareness.

Join today!

See more content
Ask a Question