Opinion

Opinion

IT security

• Information security in the cloud: Time to switch to panic mode?

  Some people already argue that there is no longer any security in the cloud at all. Is it time to switch to panic mode?  Continue Reading

• Is it time to move from data protection to information management?

  Data can be the most valuable asset of a business, and most organisations take steps to protect it – but unfortunately with variable success  Continue Reading

• Privacy concerns in the digital world

  Considering the full spectrum of privacy, people need to ask themselves if they are comfortable with all their characteristics in the public domain  Continue Reading

• Security Think Tank: Consumer cloud is fine for business, if....

  How can businesses use free or low-cost cloud storage services aimed at consumers, but ensure their data is safe and secure?  Continue Reading

• Security Think Tank: Firms must take responsibility for security in the cloud

  How can businesses make use of free or low-cost cloud storage services aimed at consumers, but ensure that their data is safe and secure?  Continue Reading

• Risk assessment for APTs

  The prevalence and continued success of so-called advanced persistent threats (APTs) often represents a failure of risk management calculations  Continue Reading

• Security Think Tank: Four steps to using public cloud storage

  How can businesses make use of free or low-cost cloud storage services aimed at consumers, but ensure that their data is safe and secure?  Continue Reading

• Operational security: The headache of IT security health checks

  When starting an enterprise project, state that the testing will take three months, that it will be staggered around the go-live date, and not everything will be completely fixed before go-live  Continue Reading

• Security Think Tank: In the cloud, low or no cost means little or no control

  How can businesses use free or low-cost cloud storage services aimed at consumers, but ensure that their data is safe and secure?  Continue Reading

• Security Think Tank: How to keep data secure when resident or used by cloud applications

  How can businesses make use of free or low cost cloud storage services and ensure data is safe and secure?  Continue Reading

• Google, privacy and data protection: One step beyond (the law)?

  A hearing in the High Court has seen Google challenge the applicability of English Law to its operations in the UK, which run off servers based in California  Continue Reading

• IT security: could you be the key?

  Traditional strong authentication methods are useful to business, but must start thinking about how we can extend this to users  Continue Reading

• Is the smart meter programme really doomed? Don’t panic...

  The UK's £11bn smart meter roll-out has been heavily criticised - but is it really the disaster in the making that it has been portrayed?  Continue Reading

• Security Think Tank: Physical security should be replicated in cyber world

  The rapid rise in cyber espionage highlights the need to rethink data security strategies to improve protection of intellectual property. But what is the best way of doing that?  Continue Reading

• Security Think Tank: Five steps to protect IP from cyber espionage

  The rapid rise in cyber espionage highlights the need to rethink data security strategies to improve protection of intellectual property. But what is the best way of doing that?  Continue Reading

• Security Think Tank: IP protection is as weak as the weakest link – fix the supply chain security

  The rapid rise in cyber espionage highlights the need to rethink data security strategies to improve protection of intellectual property. But what is the best way of doing that?  Continue Reading

• Security Think Tank: Follow an information-led, risk-based process to protect IP

  The rapid rise in cyber espionage highlights the need to rethink data security strategies to improve protection of intellectual property. But what is the best way of doing that?  Continue Reading

• Security Think Tank: Identify and protect the crown jewels

  The rapid rise in cyber espionage highlights the need to rethink data security strategies to improve protection of intellectual property. But what is the best way of doing that?  Continue Reading

• Four key questions in disaster recovery planning

  The answers to four key questions will tell you if your organisation’s disaster recovery planning is up to the job  Continue Reading

• Security Think Tank: Your sensitive information is at risk

  The rapid rise in cyber espionage highlights the need to rethink data security strategies to improve protection of intellectual property. But what is the best way of doing that?  Continue Reading

• The Death Of Cloud Has Been Greatly Exaggerated

  Revelations about the extent of US and UK government surveillance on the internet will not mean the death of cloud computing, but companies will change their approach.  Continue Reading

• How to appoint a new outsourcing supplier

  Outsourcing can come with its own security risks if not managed appropriately, making due diligence and clear contractual arrangements key  Continue Reading

• The dangers of internet cafés

  Businesses need clear computer use policies and need to ensure staff are properly trained in data protection, writes Garry Mackay  Continue Reading

• The data fragmentation challenge

  Few organisations have policies to guide where data should and should not be stored. The result: data fragmentation  Continue Reading

• The ideology of hacking

  Business leaders need to be educated on the true threats their firms face and IT security professionals have to arm their executives with that information  Continue Reading

• Understand your security risks

  Information is at risk – and organisations have to adequately protect their corporate information, especially the “crown jewels”  Continue Reading

• How to assess the security of a cloud service provider

  As businesses continue to put more information online, understanding cloud suppliers and agreements has never been more important  Continue Reading

• Security Think Tank: Prism fallout could be worse than security risks

  Does the data collected by Prism put the US Government at risk from other state or non-state sponsored activists?  Continue Reading

• Security Think Tank: Prism is dangerous for everyone

  Does the data collected by Prism put the US Government at risk from other state or non-state sponsored activists?  Continue Reading

• Security Think Tank: Make security and compliance part of workflow to achieve balance

  What is the best way to balance business need for network and application access with security and regulatory requirements?  Continue Reading

• The challenges of information governance in our increasingly litigious age

  Formulating the right enterprise-wide information governance policies is essential in heading off potential legal and compliance costs  Continue Reading

• IT needs soldiers

  The government has recognised that its returning troops can bring value to Britain. Unfortunately it has backed the wrong profession.  Continue Reading

• Cloud security for SMEs: Seven key steps

  Seven steps which SMEs should follow when considering a cloud service, selecting a cloud provider and managing a cloud contract  Continue Reading

• Security Think Tank: Checklists are dead, long live risk-driven security

  What is the best way to balance business need for network and application access with security and regulatory requirements?  Continue Reading

• How to build a website security programme

  Follow this step-by-step strategy for building a website security programme that yields results  Continue Reading

• Security Think Tank: Avoid disruption and build on the context

  What is the best way to balance business need for network and application access with security and regulatory requirements?  Continue Reading

• Security Think Tank: Understanding risk key to security balance

  What is the best way to balance business need for network and application access with security and regulatory requirements?  Continue Reading

• Security Think Tank: Four ways to balance access and security

  What is the best way to balance business need for network and application access with security and regulatory requirements?  Continue Reading

• Information security: From “bored” to “board”

  As the threat landscape is changing, the real question lies in what information security professionals can do to get board-level backing  Continue Reading

• How to manage big data and reap the benefits

  IT security group Isaca examines the benefits of managing big data and offers seven tips for staying in control  Continue Reading

• Security Think Tank: Cloud, BYOD and security – lock your doors

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• Security Think Tank: Management is key to secure BYOD

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• Security Think Tank: MDM just one way to lower the risk of BYOD

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• Security Think Tank: BYOD – a challenge and an opportunity

  With the growth of BYOD, what security measures can IT take to ensure security of enterprise data – and does MDM have a role?  Continue Reading

• Security Think Tank: BYOD means the map is no longer the territory

  With the growth of BYOD and personal cloud at work, how can IT ensure the security of corporate data and does MDM have a role?  Continue Reading

• Security Think Tank: BYOD – key tenets and best practices

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• Will proposed changes to European data protection law prove unworkable?

  Data protection law in Europe is set to change, but it remains unclear if all proposals are workable  Continue Reading

• Is antivirus worth the investment?

  Antivirus is at best a sticking plaster – we need a better approach to dealing with malware.  Continue Reading

• What IT managers need to know about risky file-sharing

  Business professionals must share files regularly to be collaborative, but there are issues that IT managers should be aware of.  Continue Reading

• Security Think Tank: MDM is no BYOD silver bullet

  With BYOD and personal cloud at work, what measures can IT take to ensure security of enterprise data and does MDM really have a role?  Continue Reading

• Security Think Tank: BYOD security: policy, control, containment, and management

  With the growth of BYOD, what security measures can IT take to ensure security of enterprise data – and does MDM have a role?  Continue Reading

• Security Think Tank: Embrace BYOD, but be wary of the risks

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• Why IT contracts are bound to fail

  Traditional IT contracts are ill-suited for today’s dynamic and consumer-driven business environment  Continue Reading

• First BYOD, now BYON poses security challenge

  Like BYOD before it, the march of BYON is happening silently, stealthily and almost completely outside of management control  Continue Reading

• Why the cloud is not a security nightmare

  A well-governed cloud initiative can deliver significant value to an enterprise, writes News International CISO Amar Singh  Continue Reading

• How to negotiate and assure cloud services

  This guide provides the top tips to negotiating and assuring cloud services  Continue Reading

• Going digital: No simple solutions for information security professionals

  Technology evolution is proving itself to be something of a double-edged sword  Continue Reading

• Stop service providers becoming data security Achilles heel

  Minimising cyber security risks through third-party suppliers is a challenge facing many organisations.  Continue Reading

• Securing the hypervisor: expert tips

  There are many potential security issues with the various components of a virtualised infrastructure, and nowhere is this more of a concern than with the hypervisor platforms that host virtual systems and application instances  Continue Reading

• Security Think Tank: Context-aware security saves time

  How should businesses approach context-aware security technologies and what will be the business benefit?  Continue Reading

• How to ensure information security is at the heart of the business

  If infosec professionals want to be accepted as crucial around the decision-making table, they must embrace change and review their approach  Continue Reading

• Embrace BYOD and manage the risks

  BYOD might sound like an invitation (bring), but it is actually more of a rebellion (I’m bringing). Firms must get ready  Continue Reading

• Security Think Tank: High levels of control require detailed security intelligence

  How should business approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Security Think Tank: Context-aware tech does not eliminate human touch

  How should business approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Security Think Tank: Context, the 5 Ws and H of security

  How should business approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Selling online? A guide to complying with the PCI

  PCI-DSS compliance can leave retailers confused about how best to approach this daunting task. What is it they actually need to do?  Continue Reading

• Security Think Tank: context-aware security is business-aware security

  How should business approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Cyber security – the best weapon remains good information security hygiene

  By understanding the threats they face, organisations can mobilise IT systems and staff to defeat all but the most expert and determined adversary  Continue Reading

• Security Think Tank: New tech trends fuel need for context-based security

  How should firms approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Security Think Tank: Begin switch to context-aware security now, says Gartner

  How should business approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Security Think Tank: Context-aware security is about more than buying technology

  How should business approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Security Think Tank: Three key security questions on web-based apps

  What are the security pitfalls of web-based applications and how are they best avoided?  Continue Reading

• Security Think Tank: Web-based app security needs data-centric, risk-based approach

  What are the security pitfalls of web-based applications and how are they best avoided?  Continue Reading

• Security Zone: A three-dimensional approach to BYOD (part 2)

  Employees are the first line of defence and crucial to BYOD success, but process and technology are equally important  Continue Reading

• Tips for reducing security risks in 2013

  What security threats will your business face in 2013?  Continue Reading

• Security Zone: A three-dimensional approach to BYOD

  Minimise the security threat of BYOD by taking a three-dimensional approach involving people, process and technology  Continue Reading

• How to build a business continuity and recovery plan

  Practical tips on how to build a comprehensive business continuity and recovery plan for your business  Continue Reading

• Tips for better governance and compliance

  What is the relationship between regulation, governance and IT, and how can they contribute in ways that support the business?  Continue Reading

• Security Think Tank: Infosec and the business – the symbiotic relationship

  How can information security make business sense?  Continue Reading

• Security Think Tank: Basic engagement principles can boost IT security’s profile

  How can information security make business sense?  Continue Reading

• Security Think Tank: Evaluate IT security investments

  How can information security make business sense?  Continue Reading

• Security Think Tank: Four steps to show value of IT security

  How can information security make business sense?  Continue Reading

• Security Think Tank: Infosec professionals need to communicate value to business

  How can information security make business sense?  Continue Reading

• Security Think Tank: A risk-based approach to security is key to business alignment

  How can information security make business sense?  Continue Reading

• Security Think Tank: Information security is not optional

  How can information security make business sense?  Continue Reading

• Security Think Tank: People and risk key to aligning security and business

  How can information security make business sense?  Continue Reading

• Five steps to climbing the IT security ladder

  Five steps to help stay ahead of the pack in IT security  Continue Reading

• Forrester: The impact of cloud on outsourcing contracts

  Although still in its early stages, the transition of outsourcing engagements toward cloud-based models has begun  Continue Reading

• Don’t get spiked by a spear phisher

  How to avoid the latest hacking techniques: the telltale signs that a spear phishing attack is in action; how to deflect it; and how to contain damage  Continue Reading

• Security Think Tank: Ask the right data security questions in M&As

  What role do IT security professionals play in mergers and acquisitions?  Continue Reading

• Outsourcing reference data management

  Andy Efstathiou assesses the case for outsourcing reference data management  Continue Reading

• BYOD: Bring your own device – or demise?

  Nitin Bhas from Juniper research discusses the impact bring your own device (BYOD) polices are making on the enterprise  Continue Reading

• Security Think Tank: In M&As, watch the exits

  What is the role of IT security professionals in mergers and acquisitions?  Continue Reading

• Security Think Tank: Added burden for information systems professionals in M&As

  What role do IT security professionals play in mergers and acquisitions?  Continue Reading

• European Commission should keep its hands out of the cloud

  Would you be surprised that the European Commission believes the way to promote the growth of cloud computing is to regulate it?  Continue Reading

• Trusted computing for industrial control systems and infrastructure

  The Trusted Computing Group’s open standards now include specifications for securing industrial control systems and infrastructure  Continue Reading

• Security Think Tank: Infosec needs to be part of all M&A processes

  What is the role of IT security professionals in mergers and acquisitions?  Continue Reading

• Security Think Tank: Use M&As to reinvigorate security policy

  What role do IT security professionals play in mergers and acquisitions?  Continue Reading

• Security Think Tank: Security often overlooked in M&As

  What role do IT security professionals play in mergers and acquisitions?  Continue Reading

• Get serious about people risk to reduce cyber crime

  Organisations can become blinded by compliance to the point where they have a false sense of assurance about managing people-related risk.  Continue Reading