Opinion News, Features, and Interviews


Asset Management - The importance of your company's assets

By Paul Angus | 18 August, 2014 14:47

I have been reading about the upcoming retirement of support for the Microsoft Server 2003 operating system (OS). One author felt that organisations will probably mismanage the retirement of the OS, like many did with the retirement of Windows XP.

Cutting through the noise of false positives: Time to take back control

By Matt Walmsley | 30 July, 2014 15:06

The recent mega-breach experienced by US retail brand Target was devastating to the company and its customers. Executives, including the CIO and the CEO, got the sack because of it.

Hacked - The perfect attack

By Dr Claudia Johnson | 26 June, 2014 08:05

Think of the perfect attack like the perfect murder. It must be planned carefully and meticulously then executed systematically and flawlessly. Remember all the small detail in Hitchcock’s “The Rear Window”? No-one would have noticed anything or even missed the victim if it weren’t for Jimmy Stewart, who, with a broken leg had nothing better to do all day than to gaze out his rear window.

How to stay protected for Heartbleed and other OpenSSL flaws

By Anthony Caruana | 24 June, 2014 09:21

Heartbleed wasn't just an interesting Internet security story. It was a sign that one of the most fundamental building blocks relied on by many large companies was significantly flawed. Even more staggering was the revelation that the OpenSSL open source code library, that is responsible for SSL communications between systems, had another flaw that went undetected for over a decade.

Cyber threats makes it to number 4 on the Global WEF Agenda

By Gordon Makryllos | 20 June, 2014 15:52

A recent report released by the World Economic Forum (WEF) focused on the Global Agenda for 2014 and the top 10 trends facing the world. As one might expect, topping the list were globally pertinent and vital topics like; growing societal tensions in the Middle East and North Africa; income disparity around the world; and ongoing unemployment.


Why your information security stinks & what to do

By Bill Brenner | 22 April, 2010 03:19

Amit Yoran was the Department of Homeland Security's first director of the National Cyber Security Division of the Information Analysis and Infrastructure Protection office. But by September 2004 he was frustrated by what he saw as a lack of concern and commitment to Internet security. So he quit his post.

IT Advocate: The privacy minefield

By Emma Weedon | 15 September, 2009 08:05

There are significant differences between state and federal privacy legislation. CIOs who deal with government agencies or other public sector organisations must determine the privacy laws applicable to them – and how best to accommodate them.

Survey: Despite Risks, Employees Still Holiday Shop at Work

By Joan Goodchild | 27 November, 2008 10:02

As Cyber Monday approaches, research suggests a majority of workers will use their work computer to shop this holiday season. But despite the continued growth in online shopping, employees and business still don't understand the risk.

Myth or truism? Security experts judge

By Ellen Messmer | 11 November, 2008 09:11

They are etched into the conventional wisdom of IT security, but are these 12 articles of faith (to some) actually wise, or are they essentially myths? We've assembled a panel of experts to offer their judgments.

Five mistakes security pros would make again

By Bill Brenner | 30 September, 2008 10:18

Ten years ago, Michael Riva was network administrator for a top-five American consultancy. Employees were downloading graphic pictures and videos onto the network. Riva told his boss a proxy server with content filtering might be in order; his boss laughed and suggested they put in a bigger file server instead.


Disruptive thinking

By Gordon Makryllos | 04 August, 2014 16:32

Traditional ways of doing business have changed. Or, to be rather brutally accurate, they have been disrupted.

Know your cyber-attacker: profiling the enemy

By Matt Miller | 30 July, 2014 14:26

I remember the days when hacking was something that people did because they could. It wasn’t quite done for fun, but people wanted to show off their computer skills. More often than not, hacking was harmless, someone broke into a system and left a little calling card, but beyond that there was very little damage done. It was for the thrill as much as anything.

IT security isn’t one size fits all

By Matt Miller | 30 July, 2014 14:07

The security landscape today is highly complex, which can largely be attributed to the increasingly sophisticated nature of cyber attacks, particularly from an execution perspective. DDoS attacks, for example, are now reaching speeds of up to 400Gbps, targeting both the network and application layer.

Once upon a information security

By Matt Hackling | 21 July, 2014 14:29

Once there were mainframes that were standalone systems, fed by punch cards and teletypewriters. They had tight roles, based on access control models, often externalised to the operating system and application.

Hacking humans

By Matt Tett | 04 July, 2014 15:49

Human factors have always been the bane of security professionals, and social engineering is also high on the list of factors requiring mitigation measures and controls. Yet their very nature makes them highly variable – humans will always work out circumvention to a control if it makes their lives easier.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory


RSA offers a wide range of strong two-factor authentication solutions to help organizations assure user identities and meet compliance requirements.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.