Security Management Strategies for the CIO-
Internet Explorer 8 XSS filter: Setting the bar for cross-site scripting prevention
The Internet Explorer 8 XSS filter can assist in cross-site scripting prevention. Michael Cobb explains how it works in this expert response.30 Sep 2011
-
How to avoid VoIP security risks: Forrester’s six-step process
If left unprotected, VoIP security risks pose a threat to corporate data. Learn how to secure VoIP systems with Forrester’s six-step process.30 Sep 2011
-
Malware on a Mac: How to implement a Mac antimalware program
Learn how to create a Mac security program at your enterprise, before the amount of Apple platform malware reaches critical mass.30 Sep 2011
-
Symmetric key encryption algorithms and hash function cryptography united
Can a secure symmetric key encryption algorithm be used in hash function cryptography? Learn more about these data encryption techniques.29 Sep 2011
-
Verizon PCI report finds firms struggling to maintain compliance
Many businesses struggle to maintain PCI DSS compliance, suggesting meeting the standard is a goal rather than an ongoing initiative, according to a new report from Verizon Business.28 Sep 2011
-
Vulnerability management program has unexpected benefits
Security 7 Award winner, Brian Wishnousky of Rogers Communications explains how to get the best actionable data from a vulnerability management program to fill patching gaps and uncover rogue devices.28 Sep 2011
-
Emergency tabletop exercises enable effective crisis planning
Emergency tabletop exercises with real-world scenarios enable effective crisis planning, incident response and disaster recovery. Security 7 Award winner, Matthew Todd of Financial Engines explores...28 Sep 2011
-
Security awareness programs require engagement and attentiveness
Security 7 Award winner, Christopher Paidhrin of Southwest Washington Medical Center explains why a security awareness training program can’t be successful without the engagement of employees.28 Sep 2011
-
National cybersecurity requires improved communication
Better information sharing between the government and private industry will be a foundation for improved national cybersecurity efforts. Rep. Jim Langevin (D-RI) explains the role government needs ...28 Sep 2011
-
Computer security education shouldn't be limited to tech pros
Security 7 Award winner, Douglas Jacobson of Iowa State University explains why tackling today’s threats requires computer security education for the general public.28 Sep 2011
-
Secure online payment system requires end-to-end encryption
The online payment ecosystem is a prime target for cybercriminals. Security 7 Award winner, Steven Elefant, formerly of Heartland Payment Systems, explains why end-to-end encryption is needed to ma...28 Sep 2011
-
Oracle-owned MySQL.com hacked, serves malware to visitors
Visitors to MySQL.com were treated to theBlackHole exploit kit which quietly served malware to Windows users.27 Sep 2011
-
Cigital BSIMM 3 study provides software security metrics data
The third iteration of the widely acclaimed Building Security in Maturity Model documents software security initiatives at 42 enterprises.27 Sep 2011
-
Security B-Sides conferences: Hub of collaboration
Security B-Sides conferences have expanded the confines of traditional security conferences. From unique venues to the insistence that attendees participate, founders Mike Dahn, Jack Daniel and Chr...27 Sep 2011
-
2011 Security 7 Award winners
Information Security magazine announces the winners of the seventh annual Security 7 Awards.27 Sep 2011
-
Remediating IT vulnerabilities: Quick hits for risk prioritization
There's no way to eradicate all IT vulnerabilities, but spotting the most critical ones is essential. Read these quick hits for risk prioritization.26 Sep 2011
-
How to prevent phishing attacks: User awareness and training
In this expert tip, David Sherry describes how a combination of technical controls and user awareness training can help put a dent in phishers’ attempts at spear phishing.26 Sep 2011
-
Quiz: Monitoring your trusted insiders
How much have you learned about monitoring your privileged insiders? Test your knowledge in this short quiz.26 Sep 2011
-
Realigning your data protection priorities
In this Security School lesson, expert David Sherry explains how your organization should react to the shift of organized online criminals from coveting credit card numbers to identity information ...26 Sep 2011
-
Antimalware product suites: Understanding capabilities and limitations
Traditional antivirus tools have matured into multi-featured antimalware suites. Here’s what you should know when shopping for endpoint protection.23 Sep 2011
-
News
-
Latest Headlines
-
Featured
-
Information Security Magazine
The information security pro’s resource for keeping corporate data, applications and devices secure
Download Now!
-
-
-
Premium
Editorial-
E-Books
-
E-Zines
-
E-Handbooks
-
- Multimedia
-
Security
Topics-
Topics
- Enterprise Data Protection
- Application and Platform Security
- Enterprise Identity and Access Management
- Government IT Security Management
- Information Security Threats
- Information Security Careers, Training and Certifications
- Security Audit, Compliance and Standards
- Security for the Channel
- Enterprise Network Security
- Information Security Management
-
Hot Topics
-
-
Tutorials
-
Advice & Tutorials
-
Technology Dictionary
-
-
Expert
Advice-
Tips
-
Answers
-
Ask a Question
-
-
White
Papers-
Research Library
-
Product Demos
-
Resource Centers
-
- Blogs
-
Certification
Central