Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Security » Opinions »

  • Three critical changes to PCI DSS 3.0 that every merchant should know

    This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

  • Restoring user freedom in the security-first enterprise

    This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

  • Why IT debt is mounting

    This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

  • In iOS 8, Medical ID could be a life-saver

    Of all the new features in iOS 8, one hasn't gotten a lot of attention -- and it's the one feature that all iOS 8 users should at least consider.

  • FTC Fines Tech Giants for Violating Kids' Privacy

    Privacy advocates and the FTC are putting pressure on a number of major tech companies, including Apple, Amazon and Yelp, for allowing children to register on their sites. What's the big deal? It's not about kiddie porn or fears that a child will hook up with a molester. It's something a lot less dramatic, but still very important.

  • How to Choose the Best Vulnerability Scanning Tool for Your Business

    A vulnerability scanner, as its name implies, scans your network or system (such as a computer, server or router) and identifies and reports back on open ports, active Internet Protocol (IP) addresses and log-ons, not to mention operating systems, software and services that are installed and running. The scanner software compares the information it finds against known vulnerabilities in its database or a third-party database such as CVE, OVAL, OSVDB or the SANS Institute/FBI Top 20.

  • ‘Can everyone hear me now?'

    Mobile threats have been with us for some time. Most organizations have done a fair job of protecting their important proprietary information, securing emails, encrypting on-board data and using mobile management tools to suppress data loss. All that has made a safer mobile world for many organizations, but certainly not foolproof.

  • Encrypted data in the cloud? Be sure to control your own keys

    This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe.

  • The Fappening: iCloud users, beware!

    The event dubbed by the internet as "the Fappening" is the largest celebrity nude photo leak in history. Although information is still emerging as to how, why and who is at fault, don't blame Apple for this latest security disaster. Celebrity nudes are not new; I am sure that everyone remembers the controversy surrounding Paris Hilton -- and Pamela Anderson before her. What makes this different is how these photos were taken. The celebrities involved were quick to respond to the news in a variety of intriguing ways, including the following tweet from Mary E. Winstead:

  • How to explain the cloud to your users

    Popular culture has exposed a fundamental knowledge gap in the ordinary consumer. Many people don't know where all their data is stored. They just know it's "in the cloud."

  • How to avoid 10 common Active Directory mistakes

    This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

  • Evan Schuman: Google eyes the preteen set

    Kids say the darndest things -- and Google wants to know about and memorize each and every one of them. And not just what they say, but the sites they visit, the things they buy, the things they don't buy, the browsers they use and anything else it can suck up relating to the kids' computers, phones, networks and geolocation. Google just loves kids -- especially the part about how much retailers will pay for all of that information.

  • The trouble with trolls (and how to beat them)

    A vulnerable person. A sociopath or two on social media tormenting that person without consequence. That's trolling in a nutshell.

  • Steven J. Vaughan-Nichols: Patent trolls under attack, but not dead yet

    The patent wars keep going and going and we keep paying and paying.

  • Security Manager's Journal: Peering behind the firewall

    The corporate firewall is like a dike keeping out a raging sea of malware. Where does it all come from?

  • OkCupid -- it's not me, its you

    Remember the controversy over Facebook's social experimentation, which showed how people's emotions could be toyed with by changing what they see online? Well, Facebook wasn't the only site playing with your heart. Dating site OkCupid has now acknowledged doing much the same thing. The mostly free dating service is being very open about how it manipulated members' online dating lives and offers a detailed explanation that amounts to a version of "Hey, everybody's doing it."

  • Career advice: A plan for battling organizational politics

    Premier 100 IT Leader Karen Sullivan also answers questions on the value of undergraduate degrees and MBAs.

  • Nothing Is Secure, Your Calls Aren't Private and Your Car Could Kill You

    BlackBerry remains the only mobile vendor that places enterprises first and doesn't rank them someplace after the casual game developers. At its enterprise security briefing in New York this week, BlackBerry brought out company experts as well as those from industries such as healthcare, banking and government.

  • Security Manager's Journal: A ransomware flop, thanks to security awareness

    People like to ask the security manager, "What keeps you up at night?" My usual answer: "Employees." And there's good reason. About 95% of the security incidents my department responds to are a result of an employee doing the wrong thing, whether it's clicking on an evil link within an email, installing a malicious program or sending a sensitive document outside the company.

  • We Are All Plank-Owners now

    In August 2012, SAIC, the $11B national security, engineering, and enterprise IT provider, announced that it would split in two: SAIC would deliver enterprise IT services to the government sector, and a new company, Leidos, would provide services in security, health and engineering.