Articles on Risk Management

• Malware Enterprises Won't Adopt Adobe Reader X Any Time Soon
  Adobe Reader X's Protected Mode sandbox significantly improves security, yet 56% of enterprise installations ran vulnerable older versions. Organizations lack skills for large-scale non-Microsoft...
• Risk Management Why Computer Users Don't Install Security Patches
  Users focus on web and mobile applications, not OS internals—they won't remember to patch. Give up educating people to install patches manually; updates must be completely automated without user...
• Risk Management How Information Security Professionals Are Different
• Risk Management The Contagious Smell of Fear in Cybersecurity
  Security decisions are affected by factors beyond rational analysis—choice fatigue, sleep deprivation, and anxiety. Research shows fear can spread through scent; women who smelled "fearful sweat"...
• Encryption What Information Security Can Learn from NYC Restaurant Inspections
  NYC's restaurant letter grades publicly signal food safety compliance, motivating improvements—72% of initially failing restaurants improved to A or B on second inspection. InfoSec could benefit from...
• Malware Malvertising: How Malicious Ads Are Deployed
  Attackers deploy malvertisements by compromising ad network infrastructure or by impersonating agencies representing legitimate clients. They sound professional, pay for campaigns, and sometimes...