A recent study shows that a new antifraud mechanism does little to help users identify phishing sites.
Extended Validation certificates are being touted by the CA/Browser Forum--an association of prominent certificate authorities and browser developers--as a means to help users identify fraudulent sites and thwart phishing. EV certificates require more stringent identification of a domain owner, and the presence of an EV certificate lets browsers provide visual clues to users, such as a green address bar in IE7.
But in a Stanford University study, EV certificates did not help users identify common phishing attacks. The only real information a user will get from an EV certificate is that a particular Web site ponied up extra cash to get one. --Mike Fratto, [email protected]
With the move to the cloud, CISOs must shift priorities from operating security programs to overseeing (monitoring and auditing) outsourced cybersecurity programs.
2022 was a boon year for IT salaries. 2023 came in like a beast with layoffs, raise freezes, and ChatGPT, but that beast has few teeth.
Age is only a number. Don't let a high number cancel your career.
