Skip the navigation

More Security In Depth

11 signs you've been hacked -- and how to fight back

Redirected Net searches, unexpected installs, rogue mouse pointers: Here's what to do when you've been 0wned

BYOD morphs from lockdown to true mobility

Four companies that have been at BYOD for a while talk about how their programs have changed with the times. One key takeaway: Don't expect to save bundles of money. Insider (registration required)

No money, no problem: Building a security awareness program on a shoestring budget

Implementing a security awareness program seems rather straightforward, until you actually start to implement one - factoring in things like resources and the people (users) to be trained. At that point, it can seem complicated, costly, and unnecessary. However, the process doesn't have to be a logistical and expensive nightmare, and it's certainly worth it in the long run.

Developing a smart approach to SMAC security

Few security executives at global enterprises--or even at smaller organizations--have not had to deal with issues related to social media, mobile technology, big data/analytics, or cloud computing.

Kenneth van Wyk: We can't just blame users

Yes, users sometimes do stupid things. Some always will. But developers need to do more to save users from themselves.

Boost your security training with gamification -- really!

Getting employees to take security seriously can be a game that everyone wins.

Wearables: Are we handing more tools to Big Brother?

Most of us would love a break on our health insurance. We would generally appreciate the convenience of seeing ads for things we're actually interested in buying, instead of irrelevant "clutter." A lot of us would like someone, or something, else keeping track of how effective our workouts are.

Revamping your insider threat program

Companies including MITRE are looking at privileged access and how to better lock it down -- without stopping employees from doing their jobs.

Security Manager's Journal: Trapped: Building access controls go kablooey

Doors just stop working when one old PC in a storage closet dies.

Facebook is a school yard bully that's going down

Facebook has grown and evolved in recent years. In addition to connecting people online, it bombards users with unnecessary ads and useless sponsored stories. And it runs experiments on its users. Columnist Alex Burinskiy is not amused.

Evan Schuman: What if you can't trust your inbox?

Goldman Sachs is taking Google to court to force the cloud vendor to delete an email accidentally sent to a Gmail user. The consequences of a ruling for Goldman would be devastating.

Inside the Changing Role of the CISO

With a number of high-profile security breaches making headlines of late, organizations are increasingly realizing they must beef up their security teams or risk catastrophe. Matt Comyns, global co-head of the Cybersecurity practice at Russell Reynolds Associates, an executive leadership and search firm, sat down with CIO.com to discuss the changing role of the Chief Information Security Officer (CISO), the global cybersecurity landscape and why finding and retaining elite security talent is critical.

How to achieve better third-party security: Let us count the ways

No enterprise is an island. In a connected world, a business cannot function without multiple relationships with third parties -- outside vendors, contractors, affiliates, partners and others.

How to protect yourself against privileged user abuse

The typical organization loses 5% of its revenues to fraud by its own employees each year, with most thefts committed by trusted employees in executive management, operations, accounting, sales, customer service or purchasing, according to the Association of Certified Fraud Examiners (ACFE). This type of malicious behavior by "privileged users" who have been given broad access to the company's computer assets has captured the attention of CIOs across the country.

Ron Miller: A curmudgeonly view of Yo

Yo is a flash in the pan of an app that lets you say 'Yo' to your followers. That's it. Is it curmudgeonly to wonder how that could draw $1.2 million in funding?

Early user of VMware NSX net virtualization tool extols fine grain controls

Canadian airline company WestJet is one of the earliest customers of VMware's NSX network virtualization tools, which initially reached for the tech to address a security issue. Network World Editor in Chief John Dix recently sat down with WestJet technologist Richard Sillito to learn what the company is learning about network virtualization and its broader NSX plans.

Securing the virtual world

Catbird Networks Director of Product Management, Malcolm Reike, talks about how virtualization changes the security game with Network World Editor in Chief John Dix.

A security awareness success story

The problem with Security Awareness programs is that it is hard to prove their successes. As with all security countermeasures, success is usually that nothing happens. Ideally, success also means that there is a report of the attempted attack, however that is rarely the case. With technical countermeasures however, logs are usually maintained that allow people to point to all of the prevented attacks.

Defending DevOps

DevOps is all about collaboration between operations teams and development teams. And the increase in collaboration should help enterprises to become more agile, eliminate waste, and automate, while also creating a more reliable infrastructure. It's about rapidly iterating, continuously improving, and being more competitive.

Kenneth van Wyk: If you want developers to give a hoot about security, take a lesson from the squirrels

The problem with all too many software developers, from a security professional's point of view, is they lack a healthy sense of mistrust.

Why you shouldn't buy the Amazon Fire phone

Amazon and its Fire phone are capable of the most comprehensive and aggressive personal data harvesting ever offered in any product. The company needs to be far more transparent about what the phone actually does, and how Amazon protects all this data.

The best password managers for PCs, Macs, and mobile devices

Thanks to high-profile computer security scares such as the Heartbleed vulnerability and the Target data breach , and to the allegations leveled at the government and cloud providers by Edward Snowden, more of us Internet users are wising up about the security of our information. One of the smarter moves we can make to protect ourselves is to use a password manager. It's one of the easiest too.

Six ways to prevent a breach like the one at AT&T

A data breach like the one recently reported by AT&T demonstrates that security policies alone are only a paper tiger without the technological teeth to make sure they are enforced, experts say.

Three strategies for the new era of enterprise cybersecurity

The pace of change for Information Technology is challenging established notions of "What is IT?" and "What is Information Security in the modern age?" For one example, the "new" data center technologies such as virtualization, Software-Defined Networking (SDN), service-oriented delivery models, and cloud computing have radically changed the typical IT infrastructure from a defined set of assets owned and controlled by the organization to a constantly fluctuating roster of resources that can come and go from IT department visibility and control.

Bart Perkins: Forget the expense -- more secure credit cards are an opportunity

Cost has kept U.S. businesses from adopting fraud-resistant credit cards, but consumer concerns about privacy could make adoption a key differentiator.

Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!