- Risk Management Mutually-Assured Destruction as a Factor in Cyber Warfare
Since no practical defense exists against nation-state cyber intrusions, countries may need to compromise adversaries' IT assets to establish mutually-assured destruction as a deterrent. Nations with...
- Product Management What Does a Security Product Manager Do?
A security product manager defines product capabilities and drives adoption for cybersecurity solutions, working closely with customers, sales, and engineering teams. Unlike most security roles that...
- Social Engineering Allowing Gullible Victims to Self-Select in Online Attacks
Blatantly fraudulent scam emails may be intentional—by appearing obviously fake, they filter out savvy people who would waste the scammer's time, ensuring only the most gullible victims self-select....
- Risk Management The Endowment Effect in Information Security
The endowment effect—valuing items in your possession more highly—may cause security professionals to overestimate the value of data they protect. Business managers, more removed from the data, might...
- Communication Tips for Troubleshooting Human Communications
Effective communication requires empathy, acknowledging different perspectives, and phrasing arguments using the other person's terminology and objectives. Key tips cover email best practices,...
- Malware How Malicious Code Can Run in Microsoft Office Documents
Microsoft Office documents can execute malicious code through VBA macros (requiring social engineering to enable), exploit payloads targeting Office vulnerabilities, embedded Flash objects, or...