-
Positioning the ROI of information security
According to expert Joe Granneman, return on security investment is a misnomer. Here's a better way to view security expenditures.
-
Selling the CIO on secure software development
Selling the CIO and others on secure application development requires understanding how it will impact the development process.
-
IT security risk training for executives
Executives don’t have time for formalized security risk training, so the onus is on the security team to become involved with core business processes.
-
Making the most of SANS security awareness tools
Learn how to use tools from the SANS Securing the Human program to boost the effectiveness of an enterprise security awareness program.
-
How to manage Samsung Android kernel issues for BYOD
Expert Nick Lewis discusses the threat and significance of Android kernel vulnerabilities found in popular Samsung mobile devices.
-
How to manage Google Chrome clickjacking flaw
Expert Nick Lewis explains the Google Chrome clickjacking vulnerability, including why avoiding the issue isn't as simple as switching browsers.
-
How malware evasion techniques affect anti-malware
Learn about the evolving nature of malware evasion techniques. Security expert Nick Lewis determines whether anti-malware tools should detect them.
-
How much risk does the WordPress pingback flaw pose?
Security expert Nick Lewis details the WordPress pingback vulnerability and advises whether it is time to update custom WordPress implementations.
-
What lessons can be learned from Project Blitzkrieg?
Expert Nick Lewis offers security measures that enterprises, particularly financials, can utilize to fend off Project Blitzkrieg-style DDoS attacks.
-
Getting funds for your information security budget
Getting executive support to boost the information security budget is no easy task. Expert Joe Granneman offers tips for getting the funds you need.
-
When to opt for open source security tools
Open source security tools can help stretch your IT security budget further -- that is, if you use them strategically. Joseph Granneman explains how.
-
How a security technologist can become a CISO
Security technologists aspiring to become CISOs must develop a variety of business skills, as Joe Granneman explains in this Ask the Expert Q&A.
-
What are the basic requirements to join an ISAC?
Joe Granneman explains how ISACs enable cybersecurity information sharing and the basic requirements for joining an ISAC.
-
How to harden legacy applications with Microsoft's EMET
Expert Michael Cobb details how using EMET, a free tool from Microsoft, can harden Windows XP and other legacy applications.
-
Analysis: How BlackBerry 10's password blacklist works
Expert Michael Cobb reacts to the BlackBerry 10 password blacklist and determines whether enterprises could adopt it to further secure passwords.
-
Google Play Private Channel: Better than app stores?
Is the Google Private Channel a more secure option than building an internal enterprise app store? Expert Michael Cobb discusses.
-
How to mitigate Adobe Shockwave Player security issues
Expert Michael Cobb discusses Adobe Shockwave security issues highlighted by US-CERT, and details how a Web security gateway is one way to allay them.
-
Validating Web app security: Pen test or code review?
For Web application security testing, if cash is tight, should a penetration test top an application code review? Michael Cobb explains his choice.
-
Virtual security gateways: Hype or necessity?
Matthew Pascucci discusses virtual security gateway appliances and whether they are a virtual data center necessity or just an overhyped product.
-
Effects of the cloud on network security skills
Will the ongoing adoption of cloud technology affect the skills that network security engineers need in the future? Matt Pascucci discusses.
-
Submit your questions about infosec threats
Nick Lewis is standing by to give you free, unbiased advice on information security threats.
-
Submit your questions about IAM
Randall Gamby is standing by to give you free, unbiased advice on identity and access management.
-
Submit your questions about application security
Michael Cobb is standing by to give you free, unbiased advice on application security.
Security Management Strategies for the CIO