Opinion

Opinion

IT security

• Security Think Tank: IAM can improve security and cut costs

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• Security Think Tank: Pseudonimity key to extending IAM reach

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• PSN makes changes to reduce risk

  Director and head of compliance, PSNGB, Adele Parker, talks about how PSN will transport the bulk of government information  Continue Reading

• Security Think Tank: Extending IAM to third parties is not about IT alone

  What is the best way to expand identity and access management to third-party service providers to ensure data security?  Continue Reading

• How to make IT governance work

  Governance is undoubtedly an important subject for any organisation, but what does it really involve?  Continue Reading

• Security Think Tank: Design and build in security and resilience from the start

  How can organisations build cyber security resilience?  Continue Reading

• Security Think Tank: Cyber security resilience: Prepare, Share, Test

  How can organisations build cyber security resilience?  Continue Reading

• Security Think Tank: How to build a resilient defence against cyber attacks

  How to build a resilient case against cyber attacks  Continue Reading

• Security Think Tank: For cyber resilience, assume the worst

  How can organisations build cyber security resilience?  Continue Reading

• How to source cyber threat intelligence

  Some pointers on how to select the best sources of cyber threat intelligence  Continue Reading

• Resilience is both a technical and a business responsibility

  How can organisations build cyber security resilience?  Continue Reading

• Security Think Tank: Resilience is about understanding the real threat

  How can organisations build cyber security resilience?  Continue Reading

• The legal considerations of the internet of things

  As with many new technologies, there are a number of tricky legal challenges to consider as part of widespread IoT adoption  Continue Reading

• When consumer grade doesn't make the grade

  For Doug Miles, director of market intelligence at AIIM, new data proves the importance of providing safe data-sharing options  Continue Reading

• Security Think Tank: What should be in an incident response plan

  What does a good information security incident response plan look like?  Continue Reading

• Security Think Tank: Minor failings can trigger major data breaches

  It’s not just the big data breach risks that matter – ignore the near misses and the minor policy infractions and you will end up with a major incident  Continue Reading

• Security Think Tank: Key elements of an incident response plan

  What does a good information security incident response plan look like?  Continue Reading

• Security Think Tank: Ready for your data breach moment?

  Sooner or later, you will have to deal with a data breach. Do you have an incident response plan ready that will limit the repercussions?  Continue Reading

• Security Think Tank: Three steps to effective incident response

  What does a good information security incident response plan look like?  Continue Reading

• Security Think Tank: Incident response – prepare, test, and test again

  What does a good information security incident response plan look like?  Continue Reading

• Security Think Tank: Planning key to incident response

  What does a good information security incident response plan look like?  Continue Reading

• Cyber risk and the UK’s Cyber Essentials Scheme

  Cyber risk is on the radar as a threat to business and private life, and it is also grabbing the attention of governments  Continue Reading

• It’s time to add cyber insurance to your cyber security strategy

  Insurance policies for cyber crime have become more credible and viable  Continue Reading

• Four defensive steps to a successful World Cup

  Four cyber security defensive steps to mitigate the threat of scoring an inadvertent own goal this summer  Continue Reading

• Security Think Tank: Automated security testing is not for all

  What is the best approach to automating information security?  Continue Reading

• Security Think Tank: Humans still at the heart of information security

  What is the best approach to automating information security?  Continue Reading

• Security Think Tank: Automation is good, assumptions are bad

  What is the best approach to automating information security?  Continue Reading

• Security Think Tank: Automation requires management, monitoring, governance

  What is the best approach to automating information security?  Continue Reading

• Security: the oft-forgotten dimension

  Companies are investing in sophisticated devices to protect the security of their computer systems but they are forgetting about one critical element - the employee.  Continue Reading

• Information security as a business enabler

  It is good to see industry recognising that a shift has taken place in information security, understanding that it has become a vital enabler within any business  Continue Reading

• Making the case for network modernisation

  It's time to break out of reactive investment mode, says Dale Vile, research director at analyst group Freeform Dynamics  Continue Reading

• Security Think Tank: Do not trust the network to ensure secure collaboration

  What is the best approach to increasing collaboration without reducing security in an enterprise?  Continue Reading

• Security Think Tank: How to share data securely

  What is the best approach to increasing collaboration without reducing security in an enterprise?  Continue Reading

• Security Think Tank: Secure collaboration not just about technology

  What is the best approach to increasing collaboration without reducing security in an enterprise?  Continue Reading

• Security Think Tank: Secure and seamless collaboration key for business

  What is the best approach to increasing collaboration without reducing security in an enterprise?  Continue Reading

• Security Think Tank: Enable collaboration by putting data at the heart of security

  What is the best approach to increasing collaboration without reducing security in an enterprise?  Continue Reading

• CSI IT: Forensic security skills for IT professionals

  TV shows such as CSI have popularised digital forensics, piquing the interest of a generation of graduates and career-movers  Continue Reading

• Why NSA spying is breaking UK law

  A former White House lawyer confirms Fisa corporations were under secret court orders to spy on their customers outside the US  Continue Reading

• Employee monitoring: How to avoid the legal pitfalls

  What is, and what is not acceptable in terms of employee monitoring?  Continue Reading

• Inside jobs – the security risks from the rise in temporary staff

  The growth in temporary workers is leaving companies vulnerable to a new kind of identity fraud - executive impersonation  Continue Reading

• Sketch: Don't panic, it's the hitchhiker's guide to the BCS AGM

  Kevin Cahill gives his (mostly harmless) take on the struggles facing the Chartered Institute for IT  Continue Reading

• Security Think Tank: Business context still missing from context-aware security

  Despite the hype around context-based security, has this technology evolved to the point where it is useful to the enterprise and is having a measurable effect?  Continue Reading

• Security Think Tank: New sandbox tech will help enable context-aware access

  Has context-based security evolved to the point where it is useful to the enterprise and is having a measurable effect?  Continue Reading

• Security Think Tank: Cloud, mobile deepen need for context-aware security

  Despite the hype around context-based security, has it evolved to the point where it is useful to the enterprise and having a measurable effect?  Continue Reading

• Security Think Tank: Enterprise adoption of context-based security slow

  Ignoring the hype around context-based security, has it evolved to the point where it is useful to the enterprise and exerting a measurable effect?  Continue Reading

• Security Think Tank: CISOs should be first stop on the way to cloud

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: UK firms still not entirely comfortable with cloud

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: Choose public or private cloud with a clear head

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Should you allow a bring your own device policy?

  Employers are realising there are challenges presented by BYOD which, if not dealt with, could have a serious impact on the business  Continue Reading

• Security Think Tank: Balancing cloud risk and reward

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: Striking the hybrid cloud balance

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: Before cloud, engage with asset owners

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Living with Google Glass – not quite useful enough to overcome the dork-factor

  Businesses will use Google Glass first, says Simon Dring after spending a few days living with the technology.  Continue Reading

• Where should a CISO look for cyber security answers – hardware, software or wetware?

  While users are often cited as the weakest link in cyber security, they could also be the answer to the problems faced by businesses today  Continue Reading

• Security Think Tank: A pragmatic and practical guide to secure hybrid clouds

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Security Think Tank: Cloud is not that different

  Hybrid cloud environments provide the most flexibility, but how can businesses decide when public or private cloud is more appropriate?  Continue Reading

• Why collaboration is the only way to combat cyber threats

  Cyber threats are the most effective way to attack an organisation and those with malicious intent are finding more sophisticated ways of carrying out their activities  Continue Reading

• The state of the VDI industry in 2014

  There were two major technological advancements last year that make virtual desktops much more attractive than in the past  Continue Reading

• Why Europe is wrong to kill Safe Harbour

  Suspending the EU-US Safe Harbour agreement on data protection will do nothing to address surveillance, says international policy analyst  Continue Reading

• Security Think Tank: Consider security training before high-end technology

  How should the Snowden revelations about the NSA and GCHQ be influencing future information security strategies in the UK?  Continue Reading

• Security Think Tank: Snowden leaks highlight a common business vulnerabilty

  How should the Snowden revelations about the NSA and GCHQ be influencing future information security strategies in the UK?  Continue Reading

• Security Think Tank: Snowden likely to prompt security reviews

  How should Edward Snowden's revelations about the NSA and GCHQ influence future information security strategies in the UK?  Continue Reading

• Security Think Tank: Never mind Snowden, think best practice

  How should the Edward Snowden revelations about the NSA and GCHQ be influencing future information security strategies in the UK?  Continue Reading

• Security Think Tank: Snowden proves technology is only part of security

  How should Edward Snowden's revelations about the NSA and GCHQ influence future information security strategies in the UK?  Continue Reading

• Dark data could halt big data’s path to success

  Dark data – data that lacks any control or classification, but is all too prevalent in many organisations – could halt big data's path to success  Continue Reading

• How to prepare the IT workforce for cloud and mobility    

  CompTIA is working to identify the key skills that staff responsible for cloud and mobility implementations need  Continue Reading

• User acceptance testing needs real training, not just a short course

  In spite of its importance, user acceptance testing (UAT) is often chaotic, problematic and ineffective  Continue Reading

• The security education dilemma

  Many employees, including executives, do not understand the implications of security. As a result, organisatons can lose focus  Continue Reading

• Security Think Tank: Targeted attacks drive investments in niche areas of security

  What are the top security issues businesses need to address going into 2014?  Continue Reading

• Security Think Tank: New data sources are 2014 security challenge

  What are the top security issues businesses need to address going into 2014?  Continue Reading

• Security Think Tank: Old and new security challenges in 2014

  What are the top security issues businesses need to address going into 2014?  Continue Reading

• Security Think Tank: BYOD requires focus on security risk in 2014

  What are the top security issues must businesses address in 2014?  Continue Reading

• Security Think Tank: Lock up personal information in 2014, says ISSA-UK

  What are the top security issues businesses must address in 2014?  Continue Reading

• Security Think Tank: KuppingerCole’s security predictions for 2014

  What are the top security issues businesses must address in 2014?  Continue Reading

• Security Think Tank: ISF’s top security threats for 2014

  What are the top security issues businesses need to address going into 2014?  Continue Reading

• So when do employees start following security rules?

  As security needs are rapidly transformed, when do enterprises feel that they are getting on top of information security?  Continue Reading

• Big data, big legal trouble?

  Big data has a range of practical and commercial benefits to businesses but can be fraught with privacy and legal issues  Continue Reading

• C’mon guys – don’t bottle up the Public Services Network; release it

  There is a stark choice between a PSN that has a customer-centric approach to security or one with a locked-down security framework  Continue Reading

• Cyberattack: Top ten tips for working with the business and getting the glory

  Businesses are starting to realise that cyberattacks can pose a potential threat to everything they do  Continue Reading

• Why understanding context is the key to biometric success.

  Since Apple launched the double whammy of the iPhone 5S and 5C in September, internet chatter has focussed primarily on the merits and disadvantages of the new home button on the 5S and whether its biometric fingerprint scanner is ultimately secure ...  Continue Reading

• IT skills shortage still tops the technology agenda

  Many executives in the UK expect to increase investment in IT products and services, but there is an ongoing skills challenge  Continue Reading

• Security Think Tank: Risk of software procurement cannot be ignored

  How can security professionals ensure security testing becomes part of the procurement process for all business software?  Continue Reading

• Technology, society and morality: the implications for technology leaders

  Technology is evolving at a pace and scale that has never been experienced. Society is struggling to keep up with the social and moral implications  Continue Reading

• Security Think Tank: Security testing a vital part of software procurement

  How can security professionals ensure security testing becomes part of the procurement process for all business software?  Continue Reading

• Security Think Tank: Risk-based security will ease software testing challenge

  How can security professionals ensure security testing becomes part of the procurement process for all business software?  Continue Reading

• Security Think Tank: Beef up due diligence

  How can security professionals ensure security testing becomes part of the procurement process for all business software?  Continue Reading

• Security Think Tank: If cost is king, security suffers

  How can security professionals ensure security testing becomes part of the procurement process for all business software?  Continue Reading

• Security Think Tank: How to ensure vendors act efficiently

  How can security professionals ensure security testing becomes part of the procurement process for all business software?  Continue Reading

• Security Think Tank: Security pros need to be plugged into procurement

  How can security professionals ensure security testing becomes part of the procurement process for all business software?  Continue Reading

• Security Think Tank: Procurement and security are uneasy bedfellows

  How can security professionals ensure security testing becomes part of the procurement process for all business software?  Continue Reading

• EU Data Protection Regulation: fines up to €100m proposed

  The proposed EU Data Protection Regulation will require a significant review of existing security and data protection measures, policies and procedures  Continue Reading

• Has your project got stuck PCI syndrome?

  With version 3.0 of PCI-DSS set to be published on 7 November, here are some reasons why PCI projects get stuck and how to unstick them  Continue Reading

• Security Think Tank: Cyber insurance no substitute good security practices

  How can IT security best use the new financial and insurance products available to IT to improve data protection without increasing cost?  Continue Reading

• Security Think Tank: When cyber insurance is right and when it is not

  How can IT security best use the new financial and insurance products available to IT to improve data protection without increasing cost?  Continue Reading

• Outsourcing: The soft underbelly of cyber risks

  Controls imposed on suppliers that are not the same as those imposed internally is a soft underbelly that can expose a business to cyber risk  Continue Reading

• Who owns your LinkedIn account?

  It is common for employees to use personal social networking accounts for work, but who actually owns those accounts?  Continue Reading

• Security Think Tank: Data insurance will not fix broken systems

  How can IT security best use the new financial and insurance products available to IT to improve data protection without increasing cost?  Continue Reading

• Security Think Tank: Cyber insurance is a two-way street

  How can IT security best use the new financial and insurance products available to IT to improve data protection without increasing cost?  Continue Reading

• Security Think Tank: Cyber insurance – buyers beware

  How can IT security best use the new financial and insurance products available to IT to improve data protection without increasing cost?  Continue Reading

• BYOD: data protection and information security issues

  Allowing employees to use their own devices to access company data raises data protection issues that a business must answer  Continue Reading