Multiple Perspectives on Security

Security Journal

Subscribe to Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Articles from Security Journal
The Domain Name Service (DNS) is one of the most important components in networking infrastructure, enabling users and services to access applications by translating URLs (names) into IP addresses (numbers). Because every icon and URL and all embedded content on a website requires a DN...
Ransomware is the latest example of the increasingly sophisticated and damaging inventions of hackers. Individuals and organizations of all sizes are finding that their data has been locked down or encrypted until a ransom is paid. One program, CryptoLocker, infected more than 300,000 ...
The cloud has hit the mainstream. Businesses in the United States currently spend more than $13 billion on cloud computing and managed hosting services, and Gartner projects that by 2015, end-user spending on cloud services could be more than $180 billion worldwide. It is estimated tha...
Despite all the news about hackers infiltrating major corporations, most businesses continue to leave themselves woefully unprotected. Some surveys estimate more than 70% of businesses perform vulnerability tests on less than 10% of their cloud, mobile and web applications. A majority ...
The threats facing network operators all over the world, spanning service providers, enterprises, cloud and hosting providers and mobile operators alike, are by no means stalling. While optimism is always the name of the game, we know all too well in security that trying to keep pace w...
Incident response involves addressing and managing the security events on a network and the execution of proper responses to those events. The end game is to limit the damage and reduce recovery time and costs. This is achieved with the implementation of an incident response plan tha...
The online world has become a dangerous place. According to a survey, 90 percent of all companies fell victim to a security breach in the last twelve months. Hacking and advanced persistent threats (APTs) have rendered the two-factor authentication token, now over 20 years old, essenti...
Ensuring a safe work environment can be accomplished when individuals work in either a government or private-sector office, but it becomes exponentially more complicated when employees are mobile, traveling from one job or worksite to another. While many organizations implement mobile ...
As we become more connected online, the old system of site-specific passwords and user identity are no longer equal to the task. We need to find new ways of providing identities and authorization.
Time compression, travel limits, and increasing complexity in every walk of professional life have driven web and video conferencing from new application to essential services – just like phone, FAX and email before it. This paper describes how OmniJoin™ cloud computing technology and ...
We’ve written before about some of the high-profile data breaches occurring in recent months – security breaches that cause some to question the safety of the cloud to store and/or process sensitive data. It seems these stories are reported with increased regularity (sometimes delayed,...
“As the move to the cloud started, we stayed ahead of that by providing security solutions to our enterprise customers, financial customers, and now a whole new range of customers, which are application developers," explained John Gunn, VP of Corporate Communications for VASCO Data Sec...
At the 2014 SDLC Acceleration Summit in San Francisco, industry experts gathered to discuss the future of the SDLC and share best practices for delivering better software faster. Throughout the event, attendees participated in real-time "SDLC Pulse" polls to share their opinions about ...
VASCO Data Security International, Inc., announced it has sold its 200 millionth DIGIPASS authenticator. The milestone follows the company's recent announcement of record order intake in Q1 of 2014. "Global criminal hacking organizations pose a growing threat to our banking and enterp...
Anyone who has been involved with security knows there is a balance to providing both security and privacy and performance at the same time. Security is often blamed for performance woes, particularly when cryptography is involved. SSL and TLS have long addressed this balance by lev...
In many industries, cloud computing is now vital to remaining competitive. The cloud typically offers superior flexibility, scalability, accessibility, and high availability, enabling businesses to grow more agile and responsive. Regulatory compliance concerns often make banks and othe...
Electronic signatures are an important component of any web application. They make it possible to keep business processes online even when a signature is required on a contract, form or application. If you are interested in learning how to quickly integrate e-signatures into your cloud...
We’ve distilled lessons learned from Snowden scandal and created 5 questions every CEO should be asking their CIO / CISO in order to avoid a catastrophic rogue insider event in the private sector both in using cloud as a vector of exfiltration as well as protecting their data stored in...
Distrix (formerly Spark Integration Technologies) has announced the latest version of its flagship network-virtualization software. Distrix 4.1, available now, extends the manageability of remote networks while also improving the programmability of software-defined networking (SDN) env...
Mr. George Romas is the Technical Director of the Cybersecurity Solutions Group at HP Enterprise Services, U.S. Public Sector. SecuritySolutionsWatch.com: Thank you for joining us again today, George. It's been roughly one year since our first meeting when we spoke about building sec...
A global asset management company needed to accelerate testing for parallel and Agile development. Learn how service virtualization and API test automation resulted in a 20X reduction in testing time. Ignis Asset Management is a global asset management company, headquartered in London...
With large security breaches constantly in the news, businesses are rightly concerned about security. Thankfully, big data and machine learning can work together to help. They read like a list of horror stories for businesses big and small alike. Sony’s PlayStation Network is hacked t...
It's a great time to be in the business of delivering software. Today, every business needs to leverage software to differentiate its products or services. So, like it or not, every business is in the software business. This theme resonated at the SDLC Acceleration Summit that occurre...
Until this week the biggest anxiety when dealing with eBay has likely been fretting over a negative rating, concerns about slow shipping or a delayed refund. Then suddenly yesterday the media jumped all over the story that eBay had been hacked and users need to change their passwords. ...
Over the last months organizations' employees have embraced the BYOD practices, CIOs are concerned about security issues, lawyers have given their advice, and MDM vendors have taken their message to the companies. But while CIOs try to come up with the best solution to police this prac...
The MAS guidelines for Internet Banking and Technology Risk Management (TRM), issued in June 2013, identify security and risk management issues in a comprehensive manner, covering everything from identity assurance and access controls to accountability and audit. This white paper detai...
Risk-conscious enterprises across the globe have been reluctant to embrace the public cloud model. For many, compliance requirements are the source of the reluctance. For others, concerns about ceding control of their data to a cloud service provider, without the cloud service provider...
Reduce networking costs! Increase cyber security! Deploy applications faster! Add connectivity to our new office now! We’re under attack now – drop everything and jump on it now! How does IT management keep up with these demands? On top of that challenge, the promises of the Internet o...
For many SDN and DevOps enthusiasts, the natural outcome of this wave of technological change is a highly-automated network that is well-orchestrated with surrounding systems and applications. One of the prevailing thoughts is that this level of automation is a well-formed abstraction ...
Last month, the Information Security Forum released their annual prediction of the top 10 information security threats they foresee for the next two years – through 2016. While I found the entire list insightful, half of the list resonated strongly with me as someone who is working wit...
For Windows environments, it is critical that organizations can delegate administration and establish granular privileges quickly and efficiently to restrict administrators so they only access the servers and resources required to perform their job and only during the approved times to...
If you're not virtualizing, you're missing reduced equipment, management, and utilities costs, along with increased server utilization rates and the right path to cloud computing. But when you virtualize, backup becomes even more of an issue. Traditional agent-based backup and recovery...
Data ownership and privacy are two big issues that we all need to be thinking about these days. Mobile, telematics and IoT technologies have reached the point that it is very easy and cost effective to track the location of just about anything. What personal information are you willin...
Heartland, based in Princeton, New Jersey, has improved governance results in innovative ways across the organization, thanks to both security best practices and HP Fortify tools. Heartland Payment Systems has successfully leveraged software-assurance tools and best practices to driv...
There are two pieces of good news to come out of Heartbleed. First, we haven’t heard of any significant security breaches, which mean that the industry as a whole is getting better at fixing problems as they arise. The second is that, because Heartbleed presented every single cloud pr...
SYS-CON Events announced today that the International Association of Privacy Professionals will exhibit at SYS-CON's 14th International Cloud Expo®, which will take place on June 10–12, 2014, at the Javits Center in New York City, New York. The International Association of Privacy Pro...
Although much publicity around computer security points to hackers and other outside attacks, insider threats can be particularly insidious and dangerous, whether caused by malice or employee negligence. In its list of the eight most significant cybersecurity threats for 2013, Forbes c...
SYS-CON Events announced today that Silanis, the world’s leading electronic signature provider, will exhibit at SYS-CON's 14th International Cloud Expo®, which will take place on June 10–12, 2014, at the Javits Center in New York City, New York. Silanis is the world’s leading electron...
Online credit card payment fraud is an unfortunate facet of online commerce – and one that is likely permanent. For every safeguard put in place, there is someone willing to find a way to get around it. While the vast majority of online transactions are uneventful, the threat of fraud ...
File sync and share. Endpoint protection. Both are massive opportunities for today’s enterprise thanks to their business benefits and widespread user appeal. But one size does not fit all, especially user-adopted consumer technologies. Organizations must apply the right enterprise-read...