February 14, 2014 11:30 AM
The newest version of the payment card security standard doesn't do much to clarify its complex requirements.
January 16, 2014 13:46 PM
Information security professionals should take the time to teach their friends and neighbors about security best practices. The payoff is well worth it.
January 09, 2014 13:34 PM
The popular competition among information security enthusiasts has evolved into a mainstream endeavor critical for professional development.
December 30, 2013 11:49 AM
2013 was another rough year for information security pros. Let's resolve to make some changes to improve security in 2014, starting with increased data encryption.
December 19, 2013 11:50 AM
Humans are the weak link in security, but blaming them for clicking on links or opening phishing emails overlooks basic human nature.
December 12, 2013 11:35 AM
The biggest threats to an organization aren't evil outsiders, but much more routine risks involving poor planning, bad design, shoddy oversight, and lack of communication.
December 04, 2013 12:58 PM
Wireless controllers provide centralized management, but can introduce performance bottlenecks. WLAN architecture has evolved to include distributed models with increased flexibility and hybrid models, blending the best of both worlds.
November 27, 2013 13:13 PM
Spending a lot on security technology hasn't made organizations any more secure. We need to focus on proper security design.
November 21, 2013 14:53 PM
With increased compliance requirements and complex threats, security incident response has become much more complicated. Organizations should consider calling in outside experts.
November 14, 2013 13:04 PM
Do we need anti-harassment policies to protect women and other minorities in IT? Unfortunately, yes. But the most successful STEM women are those who ignore their detractors and risk being labeled a "bitch," confronting challenges head-on.
November 08, 2013 12:44 PM
Specialization has been rampant in the IT profession, but virtualization, cloud computing and SDN defy organizational divisions and may usher in a new generation of IT generalists.
October 29, 2013 19:29 PM
The information security field is awash in regulations and requirements, but National Institute of Standards and Technology standards provide a strong foundation for an information security program.
October 21, 2013 12:13 PM
Network and security engineers will be sidelined if they don't understand where network virtualization is going, and why they need to go with it.
October 17, 2013 11:06 AM
Security analysts can become insular and disengaged because of job pressures and organizational isolation. Here's how to lead your security team out of the wilderness.
September 11, 2013 16:45 PM
Traditional security systems aren't doing much to help us manage risk, but we keep buying them. Is it the vendors' fault or ours? And are there better ideas we should explore?
July 30, 2013 11:52 AM
IT security conferences can offer enriching experiences, but also might be draining and irritating without proper planning. Here are some tips for making sure you make the most of your conference experience.
July 15, 2013 15:32 PM
Trying to find an email encryption system that's just right for both users and security pros? Good luck.
June 18, 2013 08:26 AM
Restrictive BYOD policies will fail because humans have a compulsive attachment to mobile devices.