Opinion

Opinion

IT security

• Security Think Tank: Checklists are dead, long live risk-driven security

  What is the best way to balance business need for network and application access with security and regulatory requirements?  Continue Reading

• How to build a website security programme

  Follow this step-by-step strategy for building a website security programme that yields results  Continue Reading

• Security Think Tank: Avoid disruption and build on the context

  What is the best way to balance business need for network and application access with security and regulatory requirements?  Continue Reading

• Security Think Tank: Understanding risk key to security balance

  What is the best way to balance business need for network and application access with security and regulatory requirements?  Continue Reading

• Security Think Tank: Four ways to balance access and security

  What is the best way to balance business need for network and application access with security and regulatory requirements?  Continue Reading

• Information security: From “bored” to “board”

  As the threat landscape is changing, the real question lies in what information security professionals can do to get board-level backing  Continue Reading

• How to manage big data and reap the benefits

  IT security group Isaca examines the benefits of managing big data and offers seven tips for staying in control  Continue Reading

• Security Think Tank: Cloud, BYOD and security – lock your doors

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• Security Think Tank: Management is key to secure BYOD

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• Security Think Tank: MDM just one way to lower the risk of BYOD

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• Security Think Tank: BYOD – a challenge and an opportunity

  With the growth of BYOD, what security measures can IT take to ensure security of enterprise data – and does MDM have a role?  Continue Reading

• Security Think Tank: BYOD means the map is no longer the territory

  With the growth of BYOD and personal cloud at work, how can IT ensure the security of corporate data and does MDM have a role?  Continue Reading

• Security Think Tank: BYOD – key tenets and best practices

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• Will proposed changes to European data protection law prove unworkable?

  Data protection law in Europe is set to change, but it remains unclear if all proposals are workable  Continue Reading

• Is antivirus worth the investment?

  Antivirus is at best a sticking plaster – we need a better approach to dealing with malware.  Continue Reading

• What IT managers need to know about risky file-sharing

  Business professionals must share files regularly to be collaborative, but there are issues that IT managers should be aware of.  Continue Reading

• Security Think Tank: MDM is no BYOD silver bullet

  With BYOD and personal cloud at work, what measures can IT take to ensure security of enterprise data and does MDM really have a role?  Continue Reading

• Security Think Tank: BYOD security: policy, control, containment, and management

  With the growth of BYOD, what security measures can IT take to ensure security of enterprise data – and does MDM have a role?  Continue Reading

• Security Think Tank: Embrace BYOD, but be wary of the risks

  With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?  Continue Reading

• Why IT contracts are bound to fail

  Traditional IT contracts are ill-suited for today’s dynamic and consumer-driven business environment  Continue Reading

• First BYOD, now BYON poses security challenge

  Like BYOD before it, the march of BYON is happening silently, stealthily and almost completely outside of management control  Continue Reading

• Why the cloud is not a security nightmare

  A well-governed cloud initiative can deliver significant value to an enterprise, writes News International CISO Amar Singh  Continue Reading

• How to negotiate and assure cloud services

  This guide provides the top tips to negotiating and assuring cloud services  Continue Reading

• Going digital: No simple solutions for information security professionals

  Technology evolution is proving itself to be something of a double-edged sword  Continue Reading

• Stop service providers becoming data security Achilles heel

  Minimising cyber security risks through third-party suppliers is a challenge facing many organisations.  Continue Reading

• Securing the hypervisor: expert tips

  There are many potential security issues with the various components of a virtualised infrastructure, and nowhere is this more of a concern than with the hypervisor platforms that host virtual systems and application instances  Continue Reading

• Security Think Tank: Context-aware security saves time

  How should businesses approach context-aware security technologies and what will be the business benefit?  Continue Reading

• How to ensure information security is at the heart of the business

  If infosec professionals want to be accepted as crucial around the decision-making table, they must embrace change and review their approach  Continue Reading

• Embrace BYOD and manage the risks

  BYOD might sound like an invitation (bring), but it is actually more of a rebellion (I’m bringing). Firms must get ready  Continue Reading

• Security Think Tank: High levels of control require detailed security intelligence

  How should business approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Security Think Tank: Context-aware tech does not eliminate human touch

  How should business approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Security Think Tank: Context, the 5 Ws and H of security

  How should business approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Selling online? A guide to complying with the PCI

  PCI-DSS compliance can leave retailers confused about how best to approach this daunting task. What is it they actually need to do?  Continue Reading

• Security Think Tank: context-aware security is business-aware security

  How should business approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Cyber security – the best weapon remains good information security hygiene

  By understanding the threats they face, organisations can mobilise IT systems and staff to defeat all but the most expert and determined adversary  Continue Reading

• Security Think Tank: New tech trends fuel need for context-based security

  How should firms approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Security Think Tank: Begin switch to context-aware security now, says Gartner

  How should business approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Security Think Tank: Context-aware security is about more than buying technology

  How should business approach context-aware security technologies and what will be the business benefit?  Continue Reading

• Security Think Tank: Three key security questions on web-based apps

  What are the security pitfalls of web-based applications and how are they best avoided?  Continue Reading

• Security Think Tank: Web-based app security needs data-centric, risk-based approach

  What are the security pitfalls of web-based applications and how are they best avoided?  Continue Reading

• Security Zone: A three-dimensional approach to BYOD (part 2)

  Employees are the first line of defence and crucial to BYOD success, but process and technology are equally important  Continue Reading

• Tips for reducing security risks in 2013

  What security threats will your business face in 2013?  Continue Reading

• Security Zone: A three-dimensional approach to BYOD

  Minimise the security threat of BYOD by taking a three-dimensional approach involving people, process and technology  Continue Reading

• How to build a business continuity and recovery plan

  Practical tips on how to build a comprehensive business continuity and recovery plan for your business  Continue Reading

• Tips for better governance and compliance

  What is the relationship between regulation, governance and IT, and how can they contribute in ways that support the business?  Continue Reading

• Security Think Tank: Infosec and the business – the symbiotic relationship

  How can information security make business sense?  Continue Reading

• Security Think Tank: Basic engagement principles can boost IT security’s profile

  How can information security make business sense?  Continue Reading

• Security Think Tank: Evaluate IT security investments

  How can information security make business sense?  Continue Reading

• Security Think Tank: Four steps to show value of IT security

  How can information security make business sense?  Continue Reading

• Security Think Tank: Infosec professionals need to communicate value to business

  How can information security make business sense?  Continue Reading

• Security Think Tank: A risk-based approach to security is key to business alignment

  How can information security make business sense?  Continue Reading

• Security Think Tank: Information security is not optional

  How can information security make business sense?  Continue Reading

• Security Think Tank: People and risk key to aligning security and business

  How can information security make business sense?  Continue Reading

• Five steps to climbing the IT security ladder

  Five steps to help stay ahead of the pack in IT security  Continue Reading

• Forrester: The impact of cloud on outsourcing contracts

  Although still in its early stages, the transition of outsourcing engagements toward cloud-based models has begun  Continue Reading

• Don’t get spiked by a spear phisher

  How to avoid the latest hacking techniques: the telltale signs that a spear phishing attack is in action; how to deflect it; and how to contain damage  Continue Reading

• Security Think Tank: Ask the right data security questions in M&As

  What role do IT security professionals play in mergers and acquisitions?  Continue Reading

• Outsourcing reference data management

  Andy Efstathiou assesses the case for outsourcing reference data management  Continue Reading

• BYOD: Bring your own device – or demise?

  Nitin Bhas from Juniper research discusses the impact bring your own device (BYOD) polices are making on the enterprise  Continue Reading

• Security Think Tank: In M&As, watch the exits

  What is the role of IT security professionals in mergers and acquisitions?  Continue Reading

• Security Think Tank: Added burden for information systems professionals in M&As

  What role do IT security professionals play in mergers and acquisitions?  Continue Reading

• European Commission should keep its hands out of the cloud

  Would you be surprised that the European Commission believes the way to promote the growth of cloud computing is to regulate it?  Continue Reading

• Trusted computing for industrial control systems and infrastructure

  The Trusted Computing Group’s open standards now include specifications for securing industrial control systems and infrastructure  Continue Reading

• Security Think Tank: Infosec needs to be part of all M&A processes

  What is the role of IT security professionals in mergers and acquisitions?  Continue Reading

• Security Think Tank: Use M&As to reinvigorate security policy

  What role do IT security professionals play in mergers and acquisitions?  Continue Reading

• Security Think Tank: Security often overlooked in M&As

  What role do IT security professionals play in mergers and acquisitions?  Continue Reading

• Get serious about people risk to reduce cyber crime

  Organisations can become blinded by compliance to the point where they have a false sense of assurance about managing people-related risk.  Continue Reading

• Security Zone: Do you need a CISO?

  Does an organisation really need a chief information security officer or chief information officer?  Continue Reading

• Security Think Tank: Make IP theft personal

  IP theft: who should be tackling it and how?  Continue Reading

• Security Think Tank: Blocking IP theft takes technology and trust

  IP theft: who should be tackling it and how?  Continue Reading

• Security Think Tank: SABSA will go a long way in preventing IP theft

  IP theft: who should be tackling it and how?  Continue Reading

• Security Think Tank: IP theft: Have you got all the bases covered?

  IP theft: who should be tackling it and how?  Continue Reading

• Security Think Tank: You can’t protect what you don’t know you’ve got

  IP theft: who should be tackling it and how?  Continue Reading

• Security Think Tank: Least privilege is key to blocking IP theft

  Intellectual property (IP) theft: Who should be tackling it and how?  Continue Reading

• Forrester: Five important guidelines for business technology governance

  Forrester believes that "good" IT governance is business technology governance – a conscious process by senior executives to establish strategies, structures, processes, and measurements for the management of technology to boost business results  Continue Reading

• Security Think Tank: Block IP theft with policy, process and controls

  IP theft affects almost all buinesses, observes no national boundaries and costs economies billions - so who should be tackling it and how?  Continue Reading

• Consumer capital: The new reality of 21st century data exchange

  Consumers are beginning a counter-offensive against the monopoly that industry has enjoyed over the spoils of big data  Continue Reading

• Security Zone: Passwords: Help users discover what is available!

  As company policy requires passwords to be stronger than ever, here are some tips to help employees cope  Continue Reading

• How history of security shows we have not learnt our lesson

  There is no security control more effective than a diligent system administrator  Continue Reading

• How IT security can drive business and enable innovation

  The most critical IT security challenge is to be able to see the whole picture, understand the business needs and find solutions  Continue Reading

• Does the EC's cloud strategy go far enough?

  The European Commission (EC) launched its cloud strategy last week. Legal experts put it under the spotlight to see if it goes far enough  Continue Reading

• Where does the ICO's new cloud guidance take you?

  It is not possible to follow the ICO's advice on cloud computing and still have a “cloud” solution  Continue Reading

• How to ensure you are getting the right cloud service

  How can an organisation use an indirect governance to assure trust in cloud services?  Continue Reading

• Security Think Tank: Several factors feed SQLi attacks

  Why does SQL injection remain a successful way of attacking web applications?  Continue Reading

• Security Zone: Scada exploit fans the Flame of data risk

  Analysis of the sophisticated and evidently well-resourced code behind the Flame malware exploit raises the stakes of data security exponentially  Continue Reading

• Security Think Tank: Best practice to target SQLi

  Why does SQL injection remain a successful way of attacking web applications?  Continue Reading

• How to secure a SharePoint environment

  Five lines of defence you need to secure your Microsoft SharePoint environment  Continue Reading

• Security Think Tank: No quick fix to SQLi attacks

  Why does SQL injection remain a successful way of attacking web applications?  Continue Reading

• Managing shadow IT

  Shadow IT is the use of IT systems within an organisation without the approval, or even the knowledge, of corporate IT. What should you do in response?  Continue Reading

• Security Think Tank: SQLi is basically a process problem

  Why does SQL injection remain a successful way of attacking web applications?  Continue Reading

• Security Think Tank: SQLi attacks fly under security testing radar

  Why is SQL injection still a successful way of attacking web applications and what should you do to eliminate this common vulnerability?  Continue Reading

• Security Think Tank: Quick time to market to blame for many SQLi attacks

  Why does SQL injection remain a successful way of attacking web applications?  Continue Reading

• Security Think Tank: Development and testing key to reducing SQLi attacks

  Why does SQL injection remain a successful way of attacking web applications?  Continue Reading

• Reducing your online risk exposure to cyber attacks

  Key steps for reducing your organisation’s exposure to risk and making it a less attractive target for hackers  Continue Reading

• How to survive a data breach

  Six practical tips on how to prepare for and survive a data breach  Continue Reading

• BYOD V.2 and spotting the next big trend

  An analytical look into how the BYOD trend began may help IT leaders to be more prepared to spot the next big trend  Continue Reading

• Security Think Tank: Six questions to ask about security and virtualisation

  How should information security professionals get started with securing virtual environments?  Continue Reading

• 440 million reasons to learn three IT risk lessons

  Companies can change their game to better prevent incidents, enable faster value creation, and avoid wasted time and money when managing risk  Continue Reading

• Security Think Tank: Virtualisation raises three main security issues

  How should information security professionals get started with securing virtual environments?  Continue Reading

• Security Think Tank: Configuration is key to virtual security

  How should information security professionals get started with securing virtual environments?  Continue Reading