- Tools 10 Information Security Mistakes: A False Sense of Security
Ten practices that create false security: capturing logs without sufficient detail, policies no one follows, vulnerability scans without remediation processes, pen tests excluding workstations,...
- Training Make Security Policies Harder to Read to Improve Retention?
- Malware Low Price as a Differentiator for Information Security Products
Low price can be a security product differentiator in several ways: strengthening an ecosystem (Microsoft's free Security Essentials), as loss leaders bundled with other products, as freemium...
- Cloud Cloud Risks and the Security Community
Most cloud security risks apply to IT in general and either have mitigations or have been accepted. InfoSec's role should be active participation in technical innovation, balancing risk with cost—not...
- Social Networking Learning to Live with Social Networks: Risks and Rewards
Social networking changed how organizations interact with customers and individuals communicate. Understanding user motivations is essential—it's hard to discuss securing social network interactions...
- Cloud Top 10 Cloud Security Risks
Ten cloud-specific risks: lack of risk management framework, infrastructure sharing compromises, inconsistent controls in changing environments, loss of direct control, hypervisor exploitation,...