More Security In Depth
Redirected Net searches, unexpected installs, rogue mouse pointers: Here's what to do when you've been 0wned
Four companies that have been at BYOD for a while talk about how their programs have changed with the times. One key takeaway: Don't expect to save bundles of money. Insider (registration required)
Implementing a security awareness program seems rather straightforward, until you actually start to implement one - factoring in things like resources and the people (users) to be trained. At that point, it can seem complicated, costly, and unnecessary. However, the process doesn't have to be a logistical and expensive nightmare, and it's certainly worth it in the long run.
Few security executives at global enterprises--or even at smaller organizations--have not had to deal with issues related to social media, mobile technology, big data/analytics, or cloud computing.
Yes, users sometimes do stupid things. Some always will. But developers need to do more to save users from themselves.
Getting employees to take security seriously can be a game that everyone wins.
Most of us would love a break on our health insurance. We would generally appreciate the convenience of seeing ads for things we're actually interested in buying, instead of irrelevant "clutter." A lot of us would like someone, or something, else keeping track of how effective our workouts are.
Companies including MITRE are looking at privileged access and how to better lock it down -- without stopping employees from doing their jobs.
Doors just stop working when one old PC in a storage closet dies.
Facebook has grown and evolved in recent years. In addition to connecting people online, it bombards users with unnecessary ads and useless sponsored stories. And it runs experiments on its users. Columnist Alex Burinskiy is not amused.
Goldman Sachs is taking Google to court to force the cloud vendor to delete an email accidentally sent to a Gmail user. The consequences of a ruling for Goldman would be devastating.
With a number of high-profile security breaches making headlines of late, organizations are increasingly realizing they must beef up their security teams or risk catastrophe. Matt Comyns, global co-head of the Cybersecurity practice at Russell Reynolds Associates, an executive leadership and search firm, sat down with CIO.com to discuss the changing role of the Chief Information Security Officer (CISO), the global cybersecurity landscape and why finding and retaining elite security talent is critical.
No enterprise is an island. In a connected world, a business cannot function without multiple relationships with third parties -- outside vendors, contractors, affiliates, partners and others.
The typical organization loses 5% of its revenues to fraud by its own employees each year, with most thefts committed by trusted employees in executive management, operations, accounting, sales, customer service or purchasing, according to the Association of Certified Fraud Examiners (ACFE). This type of malicious behavior by "privileged users" who have been given broad access to the company's computer assets has captured the attention of CIOs across the country.
Yo is a flash in the pan of an app that lets you say 'Yo' to your followers. That's it. Is it curmudgeonly to wonder how that could draw $1.2 million in funding?
Canadian airline company WestJet is one of the earliest customers of VMware's NSX network virtualization tools, which initially reached for the tech to address a security issue. Network World Editor in Chief John Dix recently sat down with WestJet technologist Richard Sillito to learn what the company is learning about network virtualization and its broader NSX plans.
Catbird Networks Director of Product Management, Malcolm Reike, talks about how virtualization changes the security game with Network World Editor in Chief John Dix.
The problem with Security Awareness programs is that it is hard to prove their successes. As with all security countermeasures, success is usually that nothing happens. Ideally, success also means that there is a report of the attempted attack, however that is rarely the case. With technical countermeasures however, logs are usually maintained that allow people to point to all of the prevented attacks.
DevOps is all about collaboration between operations teams and development teams. And the increase in collaboration should help enterprises to become more agile, eliminate waste, and automate, while also creating a more reliable infrastructure. It's about rapidly iterating, continuously improving, and being more competitive.
Kenneth van Wyk: If you want developers to give a hoot about security, take a lesson from the squirrels
The problem with all too many software developers, from a security professional's point of view, is they lack a healthy sense of mistrust.
Amazon and its Fire phone are capable of the most comprehensive and aggressive personal data harvesting ever offered in any product. The company needs to be far more transparent about what the phone actually does, and how Amazon protects all this data.
Thanks to high-profile computer security scares such as the Heartbleed vulnerability and the Target data breach , and to the allegations leveled at the government and cloud providers by Edward Snowden, more of us Internet users are wising up about the security of our information. One of the smarter moves we can make to protect ourselves is to use a password manager. It's one of the easiest too.
A data breach like the one recently reported by AT&T demonstrates that security policies alone are only a paper tiger without the technological teeth to make sure they are enforced, experts say.
The pace of change for Information Technology is challenging established notions of "What is IT?" and "What is Information Security in the modern age?" For one example, the "new" data center technologies such as virtualization, Software-Defined Networking (SDN), service-oriented delivery models, and cloud computing have radically changed the typical IT infrastructure from a defined set of assets owned and controlled by the organization to a constantly fluctuating roster of resources that can come and go from IT department visibility and control.
Cost has kept U.S. businesses from adopting fraud-resistant credit cards, but consumer concerns about privacy could make adoption a key differentiator.
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Enable secure remote access to 3D data without sacrificing visual perfomance
- Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics
- "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop
- Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges
- Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- 5 Ways Dropbox for Business Keeps Your Data Protected
- Protecting your data isn't a feature on a checklist, something to be tacked on as an afterthought. Download here to find out how... All Security White Papers
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your...
- Virtual Desktop Must-haves: Cost-effectiveness, Scalability and Security Employees today expect to take their work anywhere and on any device. This BYOD mindset poses a dilemma for organizations that want to...
- What are the desktop virtualization market trends and how can you successfully deploy your solution? You've probably heard about desktop virtualization -- and some of its benefits -- things like tighter security, streamlined management and lower costs. But...
- All Security Webcasts