December 2014

• December 15, 2014 15 Dec'14

  How can e-commerce website security be ensured?

  While the fundamentals of securing an e-commerce website haven't changed in a few years, there are new threat vectors and security risks to be aware of. Expert Michael Cobb explains.  Continue Reading

• December 15, 2014 15 Dec'14

  Using secure network tiers to bolster network security rules

  If your enterprise struggles to manage network security rules effectively, expert Eric Cole explains why a tiered network may simplify rules management and protect sensitive assets.  Continue Reading

• December 12, 2014 12 Dec'14

  Can encrypted calling apps boost BYOD security?

  There are apps available that encrypt voice communications on smartphones and BYO devices, but are they really worth the investment? Expert Michael Cobb discusses.  Continue Reading

• December 12, 2014 12 Dec'14

  Sony Pictures hacking back: The ethics of obfuscation

  News roundup: Amid a devastating breach incident Sony Pictures is fighting back, raising legal and ethical questions. Plus: A big week in security acquisitions; Comcast sued over open Wi-Fi; and Yahoo announces vulnerability disclosure policy.  Continue Reading

• December 12, 2014 12 Dec'14

  How can forged certificates from trusted vendors be stopped?

  Unauthorized certificates from trusted vendors have become a big Internet security concern. Expert Michael Cobb discusses how to stay protected against this threat.  Continue Reading

• December 12, 2014 12 Dec'14

  The transformation of wireless network security

  Wi-Fi has revolutionized the enterprise by not only extending network coverage in a particular building or campus, but also by enabling on-the-go working, be it from a coffee shop or a hotel room. Yet, while these improvements reduce employee ...  Continue Reading

• December 12, 2014 12 Dec'14

  Insider threat prevention may demand more spending

  Video: Randy Trzeciak of Carnegie Mellon University suggests preventing insider threats may require more spending because they pose a greater risk than most external threats.  Continue Reading

• December 11, 2014 11 Dec'14

  four-factor authentication (4FA)

  Four-factor authentication (4FA) is the use of four types of identity-confirming credentials, typically categorized as knowledge, possession, inherence and location factors.  Continue Reading

• December 11, 2014 11 Dec'14

  three-factor authentication (3FA)

  Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors – typically, the knowledge, possession and inherence categories.  Continue Reading

• December 11, 2014 11 Dec'14

  one-time password token (OTP token)

  A one-time password token (OTP token) is a security hardware device or software program that is capable of producing a single-use password or PIN passcode.  Continue Reading

• December 11, 2014 11 Dec'14

  Malware defense: How to detect and mitigate advanced evasion techniques

  Expert Nick Lewis explores a number of techniques used by advanced malware to evade detection and explains how to detect and mitigate the threats.  Continue Reading

• December 10, 2014 10 Dec'14

  Sony data breach update: Executives received extortion emails

  Among the new details uncovered this week, Sony executives received extortion emails just days before troves of the company's data were released online as part of a massive breach.  Continue Reading

• December 10, 2014 10 Dec'14

  biometric authentication

  Biometric authentication is a security process that relies on the unique biological characteristics of an individual to verify that he is who is says he is. Biometric authentication systems compare a biometric data capture to stored, confirmed ...  Continue Reading

• December 09, 2014 09 Dec'14

  December 2014 Patch Tuesday features three critical fixes

  Capping a busy year of software updates, Microsoft's December 2014 Patch Tuesday release delivers three critical bulletins; separately Adobe offers a pair of critical fixes.  Continue Reading

• December 09, 2014 09 Dec'14

  Many SMBs still lack controls to limit sensitive data exposure

  Trustwave says one out of every five organizations has no controls in place to prevent sensitive data exposure, despite growing criminal interest.  Continue Reading

• December 09, 2014 09 Dec'14

  Software-defined security: The future of network security?

  Software-defined security is becoming an IT buzzword, but does it live up to the hype? Expert Kevin Beaver takes a look at the benefits and pitfalls of the technology in the enterprise.  Continue Reading

• December 09, 2014 09 Dec'14

  FIDO Alliance releases 1.0 specifications for passwordless authentication

  Amid growing fears of stolen credentials and data breaches, the FIDO Alliance released its long-awaited 1.0 specifications for passwordless and multifactor authentication systems.  Continue Reading

• December 09, 2014 09 Dec'14

  Is your information security spending in line with the risks?

  IT security spending requires 75% of the budget be spent on risk planning. Expert Joseph Granneman explains how to realign a security budget.  Continue Reading

• December 08, 2014 08 Dec'14

  How can enterprises improve security hiring?

  Security hiring is tough and hiring a CISO is tougher. Expert Joseph Granneman reviews how CIOs can attract talented CISOs to an organization.  Continue Reading

• December 08, 2014 08 Dec'14

  Find the SIEM platform that fulfills your SIEM requirements

  After deciding what your enterprise needs from a security information and event management system, it must find the SIEM platform that best suits these needs.  Continue Reading