Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Security » Opinions »

  • Mergers & acquisitions: The first 100 days

    It is day one of the acquisition and executive reputations are on the line. Are you prepared? Have you revised your current organisation commitments and reviewed organisational priorities with colleagues?

    Written by Evan Thomas06 Feb. 12 13:15

  • Opinion: Is Google evil? The jury is out

    Much outrage has been expressed about Google's new privacy policy. People are acting as if they are shocked that Google would consolidate the personal information it gathers from its customers through all of its varied services. What is shocking to me is that none of these people, including members of Congress, seemed to see it coming.

    Written by Ira Winkler02 Feb. 12 01:30

  • Used IPv4 addresses need a ‘vehicle history check’

    Before buying a used car, prospective buyers can review vehicle histories in most states of Australia through a service such as the NSW Roads & Traffic Authority’s Vehicle History Check. The histories include information about how many owners the vehicle has had, whether it has been written off or stolen and other information that helps consumers understand the risks of purchasing the car. Now that new IPv4 addresses are history, there is a developing market for acquiring ‘used’ IPv4 addresses. And like used cars, there are risks involved in acquiring these used addresses. So, where is the Vehicle History Check for IPv4 addresses?

    Written by Qing Li10 June 11 10:08

  • Smartphones, security and the enterprise

    Smartphones are among the most important technological developments of our time. Since the advent of the first smartphones in the 1990s, these once cumbersome devices have become immensely powerful and sophisticated tools – not just individual communications devices, but whole computing platforms, capable of running a vast array of personal and business applications.

    Written by Richard Ting20 May 11 09:40

  • Social media - part 3

    We like our risk management, don’t we? It allows us to identify risks, and take action to mitigate them. Risk Management can and should be applied to social media usage. It makes good sense to manage the risk by having a very clear social media policy.

    Written by Breed Lewis12 March 11 10:00

  • Social media - part 1

    At three major IT service management conferences that I attended in 2010, social media played a big role in communicating the content, the mood and the social aspects of the conference. At two of these conferences, I witnessed and participated in lively discussions on whether companies should block social media in the workplace. Whether the presentation topic was on social media or not, there was obviously a desire to get this on the table for discussion. And it was heated – every time! Many people have strong views on this topic, so this paper will look at the current industry commentary, and discuss the benefits and the risks of allowing staff to use social media in the workplace.

    Written by Breed Lewis10 March 11 14:20

  • IT trends and their legal disruptors

    If nothing else will cause CIOs insomnia in 2011 it will be the potential disruptive effects of legal issues that walk hand in hand with this year's IT trends. Most of the lists of trends look the same and there are those that will be proved to be over hyped. One thing that is certain after Wikileaks, Facebook privacy issues and an ever growing cloud on the horizon, it will be a busy year in the courts.

    Written by Robert Todd16 Feb. 11 16:53

  • Prevent credit card fraud with PCI DSS

    Organised e-crime is on the rise and has grown increasingly sophisticated. The thriving business of buying and selling zero day vulnerabilities has been well documented, as well as the investment in paying developers to develop the malicious code. Although this level of sophistication in compromising systems has increased dramatically, it’s the same fundamental personal data that the perpetrators of these crimes are after; online banking details, personally identifiable information and credit card details.

    Written by Tim Smith01 Feb. 11 16:20

  • Lifting rocks and seeing what dangers lurk beneath

    I'm still getting acquainted with my new company. As a security manager, that means I'm seeking out all the risks that are lurking in various functional areas.

    Written by Mathias Thurman25 Jan. 11 03:43

  • Top seven firewall capabilities for effective application control

    IT administrators try to deliver critical corporate solutions efficiently, but also have to deal with employees using wasteful and often dangerous applications. In order to increase network and user productivity, IT needs to prioritise critical application bandwidth and throttle—or completely block—social media and gaming applications.

    Written by Dean Redman21 Oct. 10 14:51

  • Smart grid security: Critical success factors

    Threats to the smart grid can be classified into three broad groups: system level threats that attempt to take down the grid; attempts to steal electrical service; and attempts to compromise the confidentiality of data on the system.

    Written by Shoaib Yousuf01 Oct. 10 14:40

  • Sticks and stones: Picking on users AND security pros

    I took my share of name-calling as a kid. I did my share of name-calling, too. We're taught that nothing good comes of such behavior. I've been thinking a lot about that since writing an article two weeks ago called "Security blunders 'dumber than dog snot'" during the 2010 USENIX Security Symposium.

    Written by Bill Brenner26 Aug. 10 02:08
  • 1

    Email security: Pedigree versus hybrid

    Ten years ago, preceding the dot com bomb, only a handful of organisations had bought email security software. The overwhelming business driver was the growing number of incidents of workers being sacked for using company email to send pornographic material on the corporate email system and highly embarrassing public email gaffes like the infamous Claire Swire case.

    Written by Charles Heunemann11 Aug. 10 16:55

  • How to sack your IT supplier

    Clients often come to us asking how they can get rid of their IT supplier. Their reasons are many, and vary from performance-related concerns to wanting to reduce costs by deferring or going without the services. This has especially been the case during the recent economic downturn.

    Written by David Downie01 July 10 11:32

  • iPhones, iPads in the enterprise: 5 security views

    When it comes to mobile devices, IT security practitioners prefer employees use a BlackBerry because it's easier to control the data users share on them than, say, an Android or iPhone. But as consumer-based devices like the Apple brands get more sophisticated with each release, it's getting harder to keep them out of the workplace. Proliferation of the iPad has only heightened enterprise hunger.

    Written by Bill Brenner24 June 10 03:07

  • Mobile Security: Why I still want my iPad, iPhone

    Everything I've learned about mobile security tells me it's bad to use the consumer-based technology for work. That's where all the bad stuff comes from. That includes devices like the iPhone and iPad.

    Written by Bill Brenner17 June 10 05:38
  • 1

    Security Manager's Journal: Without patch management, you are nothing.

    Does it all come down to patch management? As a security manager, I pursue many initiatives, striving to protect the company on many fronts. But patch management is a key metric of our risk exposure, since there is a direct correlation between security incidents and patch compliance. So, in a way, it does all come down to something as basic as patch management, because if we fail there, we can't be secure.

    Written by Mathias Thurman08 June 10 01:19

  • Quit Facebook Day was a success even as it flopped

    Quit Facebook Day may have flopped when it comes to creating a mass exodus of Facebook users, but those who care about privacy owe a debt of gratitude to the failed movement.

    Written by Tom Spring02 June 10 02:06

  • 4 things Facebook doesn't tell you about privacy, security

    Let us be perfectly clear: While Facebook has received a lot of criticism lately about its new privacy policies and Open Graph concept, which allows them to partner with other sites which will also have access to some Facebook user data, Facebook isn't explicitly keeping secrets from you. But some security professionals and users continually knock the site for what they say are less-than-clear explanations about where your data is going, and how secure the site really is.

    Written by Joan Goodchild13 May 10 04:10
  • 3

    Are passwords a waste of time?

    I apologize up front for jumping into this debate, but I couldn't resist. Not a week goes by, or so it seems, without some newspaper, magazine or TV show (apologies to my media brethren) lambasting security and IT professionals because they force unnecessary security controls on the poor, downtrodden consumer or worker. It's as if your security requirements are designed to make everyone's life miserable with little or no benefit. You evil CSOs! My heart bleeds for the poor peasants whom you oppress.

    Written by Bob Bragdon06 May 10 03:57
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments

HP and IDG news, product videos and resources