By now you know that hackers calling themselves “Guardians of Peace” went through Sony Pictures Entertainment like a hot knife through butter. They collected everything–high-quality copies of unreleased films, employee passwords, emails, salary numbers, movie scripts, contracts, medical records, celebrity aliases, and Brad Pitt’s phone number–and released it all to the public. There were more […]
Lessons from the Sony Breach Read More »
Five steps for sustaining rigorous network security against constant cyberattacks Hackers are using sophisticated, automated tools to cast a wider net than ever before. Even small and medium-size community banks need to continually review their security procedures. This is especially true this year, with major breaches showing that nobody is safe. Here are five best
It’s called ATM cash-out fraud, and it’s a new data security threat where physical attacks and cyberattacks converge. Earlier this year, federal regulators warned financial institutions against criminal attacks on their ATM systems. But instead of breaking into the physical machines directly, some criminals are now aiming at the bank systems that control the machines.
New Cyberattacks Aim for ATM Management Systems Read More »
There’s a dramatic shortage of qualified information security professionals in the industry today. Globally, we’re a million people short, according to Cisco’s 2014 Annual Security Report. According to Ponemon’s 2014 IT Security Jobs Report, 36 percent of staff positions and 58 percent of senior staff positions in IT security went unfilled in 2013. The majority
5 non-traditional hiring tips for InfoSec Read More »
This summer, Facebook finalized its $2 billion purchase of Oculus VR, a virtual reality headset maker. The purchase promises to usher in a new era for virtual reality-more immersive, lower cost and simply more usable than ever before. In fact, even though the Oculus Rift and similar devices have not hit the market yet, companies
The Real Risks of Virtual Reality Read More »
Just because your community bank isn’t one of the giants of the financial industry doesn’t mean it’s off the target list of today’s proliferating cybercriminals. But that doesn’t mean that community banks with limited resources have to go out and start spending large sums of money on IT and data security, experts agree. “Focus on
Back to Basics: IT security routines that won’t break the budget Read More »
Multifactor authentication, the process of using more than one method or system to confirm the identities of consumers online, has been around for years. But recent regulatory guidelines, increasing criminal activity, lower costs and growing consumer acceptance have combined to bring the technology into the process for community banks more than ever before. “The fact
Multifactor Momentum Read More »
This year has been the best of times and the worst of times for open source code and security. On the one hand, the latest survey by Black Duck Software and North Bridge Venture Partners shows that 72 percent of industry professionals prefer open source software because it’s more secure than proprietary solutions. On the
Tools catch security holes in open source code Read More »
Women make up just 11 percent of information security professionals. Just increasing that number to 22 percent would solve the industry’s staffing shortage problem. Unfortunately, at most companies, the recruitment process is designed to attract the kind of people who already work there. Changing that requires conscious effort. Here are some tips that might help.
10 tips to attract women to infosec jobs Read More »
While there are plenty of standardized methods for penetration testing that we’re all familiar with, the bad guys aren’t sticking to traditional methods for their attacks anymore. So it’s time for the good guys to start thinking outside the box, too: here are a few creative methods to pen test your organization and see
How to get creative with your penetration testing Read More »
It’s hard to imagine a company these days that isn’t using open source software somewhere, whether it’s Linux running a company’s print and web servers, the Firefox browser on user desktops, or the Android operating system on mobile devices. In, fact, there are now more than a million different open source projects, according to Black
Open source pitfalls — and how to avoid them Read More »
Security professionals have long been running penetration tests against their firewalls and other security systems to find weaknesses that need to be addressed. The Common Vulnerability Scoring System is an industry standard, but has been around for a while. The bad guys, however, aren’t limiting themselves to the traditional perimeter attacks anymore. They’re using spear
You Need to Get Creative With Pen Testing. Here’s How to Do It. Read More »
Cover story These days, there’s no shortage of new business technologies and new threat vectors to the enterprise. But what many companies forget is that old technologies pose risks as well, and those risks aren’t going away. In fact, as your legacy systems continue to get more out-of-date while the world around them continues to
Forgotten risks hide in legacy systems Read More »
Even as women have made dramatic advances in medicine, law, and other fields, the proportion of women pursuing undergraduate degrees in the computer sciences has actually been dropping, from around 30 percent in 1990 to 18 percent in 2010, according to the latest data from the National Science Foundation. As a result, according to the
Info sec industry still struggles to attract women Read More »
Whether you receive a phishing email inviting you to click on a specific link, whether you see the link on your trusted social media sites, or whether you stumble upon it while Web surfing, here are 10 types of links you should never click on. See slideshow at Network World.
Don’t click on these links Read More »
