Kacy Zurkus

Writer

Want to Join?
Opinions expressed by ICN authors are their own.

Kacy Zurkus is a freelance writer for CSO and has contributed to several other publications including The Parallax, Meetmindful.com and K12 Tech Decisions. She covers a variety of security and risk topics as well as technology in education, privacy and dating. She has also self-published a memoir, Finding My Way Home: A Memoir about Life, Love, and Family under the pseudonym "C.K. O'Neil."

Zurkus has nearly 20 years experience as a high school teacher on English and holds an MFA in Creative Writing from Lesley University (2011). She earned a Master's in Education from University of Massachusetts (1999) and a BA in English from Regis College (1996). Recently, The University of Southern California invited Zurkus to give a guest lecture on social engineering.

The opinions expressed in this blog are those of Kacy Zurkus and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

What company execs can learn from Trump’s tweeting

What company execs can learn from Trump’s tweeting

Being judicious about social media use and staying away from WiFi protects executives and the enterprise.

Are Apple-specific threats on the rise?

Are Apple-specific threats on the rise?

Macs are really no more secure than a PC, but for many years there just weren’t as many out there because of the expense of the hardware and other issues. They've historically been a much less popular choice among both consumers,...

Machine behaviors that threaten enterprise security

Machine behaviors that threaten enterprise security

Machine learning has moved enterprise security forward, allowing for visibility inside the network in order to better understand user behavior. However, malicious actors are using what is done with machine learning on the inside in...

Bringing boards up to cyber speed

Bringing boards up to cyber speed

The exponential growth of cyber risk has impacted roles for the CISO and the CEO, among others, but it has also left board members a little in the dark when it comes to understanding the risks associated with cybersecurity.

Dangerous assumptions that put enterprises at risk

Dangerous assumptions that put enterprises at risk

Trusting that the solutions won't fail and users won't click could lead to a breach

Playing cyber defense is not enough to win

Playing cyber defense is not enough to win

Where to draw the line when it comes to offensive cyber attacks

Who has the most impact in driving security advancement?

Who has the most impact in driving security advancement?

Advancing security in the enterprise doesn't happen without the right people getting on board

Best tools for red and blue teams are methodology, experience

Best tools for red and blue teams are methodology, experience

Since the tools vary based on environment, it's the skills and know-how that red/blue teams need most

What to think about when moving to the cloud

What to think about when moving to the cloud

Thinking about making the idea of cloud a reality for today's enterprise

Is your security awareness training program working?

Is your security awareness training program working?

The metrics to use to determine where to make improvements in security awareness training

Fall security conferences you don't want to miss

Fall security conferences you don't want to miss

Check out these nine cybersecurity conferences to learn about all things from network architecture to incident response and available jobs.

Myth versus fact: Open source projects and federal agencies

Myth versus fact: Open source projects and federal agencies

The increasing demand for open source technologies among government agencies offers a cost benefit, but if not properly monitored, the code poses security risks

Detection and response, where to begin

Detection and response, where to begin

Diverse group of security experts weigh in on strategies and best practices for making security everybody's job at MASSTLC

Do no harm: an oath for health IT developers

Do no harm: an oath for health IT developers

Should health IT programmers working on biobanks and similar projects be held to the same ethical standards as doctors and other medical professionals?

Why you shouldn't pay the ransomware fee

Why you shouldn't pay the ransomware fee

While most of the decision makers would likely prefer to hear a simple yes or no when asking if they should pay, nothing in security is simple. By and large, the position of many leaders in the industry is that the ideal situation is...

Security blindspots: websites, network architects, and third-party code

Security blindspots: websites, network architects, and third-party code

How much do network architects take security into account when building websites, and does testing extend out to third-party code?

Hospitals hacks put patient health at risk

Hospitals hacks put patient health at risk

A report that highlights the vulnerabilities in medical devices and the risks they pose to patient health issued by Independent Security Evaluators comes at an opportune time as the past month has shown that hospitals are becoming...

Defense in depth: Stop spending, start consolidating

Defense in depth: Stop spending, start consolidating

When it comes to layered defense and security tools, less is often more just as more can sometimes be less. The average enterprise uses 75 security products to secure their network. That's a lot of noise and a lot of monitoring and...

Hard-coded passwords remain a key security flaw

Hard-coded passwords remain a key security flaw

Many vendors still allow hard-coded passwords to ship out with their products

Current p2p trends threatening enterprise security

Current p2p trends threatening enterprise security

Security threats from peer to peer communication are nothing new, but they're becoming more sophisticated, and if professionals aren’t looking for these threats, they may go undetected.

Load More