CSOONLINE.com - In Depth

The 4 Security Rules Employees Love to Break

Joan Goodchild — Tue, 06 Jan 2009 05:00:00 GMT

Cisco CSO John Stewart gives his take on four security rules employees bend a lot, and what you can do to set them straight.

The Seven Deadly Sins of Network Security

Bill Brenner — Wed, 10 Dec 2008 05:00:00 GMT

Companies that suffer serious security breaches have almost always committed one (or all) of 7 deadly security sins. Is your company guilty?

Penetration Testing: Dead in 2009

Bill Brenner — Mon, 08 Dec 2008 05:00:00 GMT

Does penetration testing belong in the QA department? Fortify Co-Founder and Chief Scientist Brian Chess says 2009 will mark the end of pen tests as we know them. His theory is being met with resistance.

Mass. 201 CMR 17: The Darkness and the Light

Bill Brenner — Thu, 04 Dec 2008 05:00:00 GMT

Some security experts say Massachusetts' new data protection law (Mass. 201 CMR 17) is among the toughest they've seen. Three IT security practitioners who must deal with the law opine on whether it's too harsh or not tough enough. (Part 3 in a series)

5 Must-Do Cyber Security Steps for Obama

Bill Brenner — Wed, 03 Dec 2008 05:00:00 GMT

As President-Elect Obama focuses on two wars and a hemorrhaging economy, security experts are urging him to address five weak security links in America's cyber infrastructure that threaten the nation's defenses and financial institutions.

BC/DR Challenges in a Hurricane Zone

Joan Goodchild — Mon, 01 Dec 2008 05:00:00 GMT

Some business continuity demands are universal, but others vary depending on where you are. In the first part in an ongoing series, we take a look at what's at stake and what's in place for two companies faced with the worsening threats posed by hurricane zones.

Forrester: Why (and How) Security Must Drive Business Resiliency

Sun, 23 Nov 2008 05:00:00 GMT

Four reasons and eight practical steps for building a better business resiliency program.

International Challenges in PCI Security

Bill Brenner — Mon, 17 Nov 2008 05:00:00 GMT

Bruce Larson, CSO at American Water, and others discuss the challenges of maintaining PCI DSS compliance when the company has a global reach. (Third in a series)

Security Predictions: What Happens Next?

Mon, 10 Nov 2008 05:00:00 GMT

An ongoing index of predictions, projections and prognostication for 2009 and beyond. Marcus Ranum, Rich Mogull, Jeff Spivey, Whit Diffie, Richard Hollinger and many more.

Moving Money: Loomis Arms For Safety

Fri, 07 Nov 2008 05:00:00 GMT

Armored car company Loomis is banking on wireless IT applications to help safeguard the money it carries. (A case study from CIO.com.)

Social Engineering: Eight Common Tactics

Joan Goodchild — Thu, 06 Nov 2008 05:00:00 GMT

Stealing your company's 'hold' music, spoofing caller ID, pumping up penny stocks - social engineers blend old and new methods to grab passwords or profits. Being aware of their tricks is the first line of defense.

Security at the Point of Sale

Michael Fitzgerald — Mon, 03 Nov 2008 05:00:00 GMT

Cash, cards, inventory and customer data intersect at the point of sale. Here's how to keep your defenses up to date.

Hedge Your Bets: The Importance of IT Risk Management in M&A

Thu, 30 Oct 2008 04:00:00 GMT

Two experts break down critical considerations in merger and acquisition activity

The Security Metrics Collection

Mon, 27 Oct 2008 04:00:00 GMT

Numbers are the language of business. Fortunately, security metrics are growing ever more sophisticated. Knowing what to measure, how to measure it and how to communicate those metrics can help improve security's efficiency, effectiveness and standing in the business world.

A Tale of Two PCI Security Audits

Bill Brenner — Mon, 27 Oct 2008 04:00:00 GMT

Robert Duran of Time Inc. and Allan Kintigh of National Card Services share their PCI auditing experiences. Why one's experience was unpleasant and the other fared better.