Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Security » Opinions »

  • Rating the payment options

    Several electronic and mobile payment options have become available, but most of us in the U.S. are still using plain-vanilla credit and debit cards with magnetic stripes. They use technology that dates to the first Nixon administration. That's not a problem in itself; I have no problem with time-tested security measures that work effectively. But just look around: Data breaches are everywhere, and those magnetic-stripe cards are often implicated.

  • No one is too small to hack

    As the White House and Congress consider new cybersecurity legislation, some middle-market companies may still be questioning whether the cybersecurity crisis is a real threat for their businesses.

  • Patent trolls: Congress gets down to business

    White Castle might not be the first company that comes to mind when high tech is mentioned, but the restaurant chain found itself in the middle of the patent troll controversy when it started sending menu updates from its headquarters to digital screens in restaurants around the country.

  • The ‘sophisticated attack' myth

    Sometimes I wonder whether any company will ever fall victim to an unsophisticated cyberattack. Because after every attack that comes to light, we hear that same excuse: It was a sophisticated attack.

  • Protect yourself from hackers and the NSA

    The downside of email, chat, text and messaging apps is that they make you feel like you're communicating privately, with only the intended recipients. And that your messages are private. Until they're not.

  • Uber shows how not to do a privacy report

    The Uber privacy report released last week (Jan. 30) is the perfect example of how not to handle a privacy PR disaster -- or any privacy policy matters at all.

  • It's time for the chip-and-PIN'ing of America

    Thank goodness for that signature on the back of my credit card. If it weren't for that smudged scrawl, a thief might steal my card (or card number) and make fraudulent purchases. Or steal my identity. Right.

  • Can you trust Amazon's WorkMail?

    When Amazon unveiled its cloud-based corporate WorkMail email offering last week (Jan. 28), it stressed the high-level of encryption it would use and the fact that corporate users would control their own decryption keys. But Amazon neglected to mention that it will retain full access to those messages -- along with the ability to both analyze data for e-commerce marketing and to give data to law enforcement should subpoenas show up.

  • 7 smartphone rules changed this week

    Federal regulators have been throwing their weight around lately, and mostly to good effect for consumers and users of mobile technology.

  • 'Parks And Recreation,' Facebook and The New Privacy

    If you tuned into Parks And Recreation Tuesday night, you were treated to an episode where social media startup Gryzzl attempts to win over the hearts and minds of its  new neighbors in the fictional town of Pawnee with boxes full of gifts, delivered via Amazon-esque drones.

  • Be prepared for the breach that's headed your way

    January 2015 is already winding down, but it's not too late to think about the lessons of 2014. For anyone in information security, 2014 was a year marked by spectacular breaches. It ended with Sony Pictures Entertainment getting its clock cleaned by hackers, quite possibly from North Korea. Wouldn't it be great if 2015 doesn't include the same sort of clock cleaning at your company?

  • Facebook, take note!

    In the last few weeks it's possible some of your Facebook chums posted messages on their walls in which they tried to revoke permission for the social network to use and distribute content they post.

  • Let's not make patent trolls stronger

    As you can tell by the name we've given them, patent trolls aren't popular critters. The game these operators play is shady and sleazy, bordering on extortion -- though it's completely legal. What they do is to purchase patents, with no intention of using or selling them, but rather to shake down as many people as possible by accusing them of violating the patent, even if the patent troll has no reason to believe that.

  • Sony hack: Never underestimate the stupidity of criminals

    So who was really behind the Sony hack? And does it really matter?

  • Sony and Chase: Don't blame the CISO

    Over the last couple of weeks, I have read numerous news stories about the widely publicized security breaches at Sony and JPMorgan Chase. It seems as if everybody is a Monday-morning quarterback, with every other reporter voicing an opinion on how these breaches should have been prevented. In particular, I read two articles that specifically blamed the information security organizations at those companies for failing to properly stop the attackers. That's not fair.

  • Hold the phone, McDonald's

    Mobile payments are supposed to be fast, easy and convenient. I knew when I pulled up at a McDonald's drive-through window the other day that the fast food giant's implementation of Apple Pay challenged. I just didn't know challenged it would be.

  • We can learn from the Sony hack

    Well that stinks, doesn't it? Sony Pictures goes and scrubs the launch of a $44 million movie after being hacked, potentially by North Korea. Almost reads more like a James Bond plot than a news story, but there it is. And this time, it doesn't seem likely that Bond, James Bond, is going to show up at the eleventh hour to save the day.

  • Why <i>The Interview</i> won't play in Peoria -- for now

    Maybe I should be outraged by Sony's decision not to distribute the movie The Interview, but I am merely saddened by it. I am saddened that a hacking incident with all the hallmarks of a simple case of extortion has been distorted so it looks like a terrorist threat.

  • Getting real about information governance

    An enterprise information governance (IG) program is supposed to help organizations reduce costs and risk while improving access to valuable information, but most mature enterprises find the idea of implementing such a program to be daunting. It doesn't have to be. By understanding the true value to the enterprise of information assets, and by taking a simple, step-by-step approach to making the necessary changes, effective IG can become a reality.

  • Intelligence community must get its own house in order

    Earlier this month, Robert Hannigan, the director of GCHQ, a British intelligence agency, wrote an opinion piece in the Financial Times castigating tech companies for being "in denial" about abuses of their platforms by criminals and terrorists and calling on them to develop better arrangements for facilitating lawful government investigations. While there is certainly much room for improved cooperation between government and the private sector, the first step for reform should be for intelligence agencies like GCHQ to take a hard look in the mirror.

Computerworld
ARN
Techworld
CMO