The Wayback Machine - https://web.archive.org/web/20130426092137/http://blogs.computerworlduk.com/security-and-risk/

Security & Risk

RSSSubscribe to this blog
About Author

Forrester Research is a technology and market research company that provides pragmatic advice to global leaders in business and technology.

Contact Author

Email Forrester


Recent Posts

Observations on the 2013 Verizon Data Breach Investigations Report

we are all targets

by

I was very excited to finally get a copy of the much-anticipated 2013 Verizon Data Breach Investigations Report (DBIR.) I have found the report to be valuable year after year. This is the 6th iteration and this year’s report includes...

April 25, 2013 6:51 AM Read Full Post

Tags: apt, fireeye, forrester, information security, phishing, security, solera networks, verizon

How do S&R pros keep up with disruption?

A focus on business alignment can minimise the need to play catch-up

by

When I talk to security (S&R) leaders, they always tell me that in an ideal world, they would have enough advanced warning of impending business and technology disruptions in order to understand the security, privacy and overall risk implications and...

April 19, 2013 8:05 AM Read Full Post

Tags: cloud computing, disruptive technology, forrester, risk, risk management, security, security and risk

Two-step verification will end consensual impersonation

Learning from the school of hard knocks

by

I recently advocated killing your password policies and applying some other techniques instead to make existing use of passwords more effective (including my hobby horse: take the user-experience sting out of rotating ordinary static passwords by pushing them out to...

April 15, 2013 2:47 PM Read Full Post

Tags: apple, authentication, consumer behaviour, google, icloud, itunes, mobile authentication, oauth, password, password breach, strong authentication, two-factor authentication, world of warcraft

Avoid the social media binary

It can't be all or nothing with employees, Facebook and Twitter

by

Many organisations today get caught up in what I call the “social media binary,” where there are only two options to social media control: 1) Allow unrestricted access to social networks, and potentially expose the company to myriad security, regulatory,...

April 3, 2013 3:05 PM Read Full Post

Tags: forrester, risk and compliance, social media, social media risk management, social media security

RSA 2013: The age of security commercialism

Lots of noise, too few surprises and too little differentiation

by

Walking on the RSA 2013 show floor, it was a chaotic, noisy, and energetic place, pulsing with excitement. The industry has reasons to celebrate; the security space is white hot, with more VC money pouring into the space than ever...

March 8, 2013 12:42 PM Read Full Post

Tags: dell, fireeye, forrester, ibm, netwitness, rsa, security

Bit9's operational oversight is probably your operational reality

Be pragmatic, You can't protect everything

by

You are now no doubt aware that Boston-based security firm Bit9 suffered an alarming compromise, which resulted in attackers gaining access to code-signing certificates that were then used to sign malicious software. See Brian Kreb’s article for more details. (Symantec...

February 14, 2013 12:24 PM Read Full Post

Tags: client security, cybersecurity, endpoint security, forrester, forrester's security maturity model, incident response, malware, security, symantec

A 'BYO' too far?

How many of us truly enforce the contractual requirements that prohibit sub-contracting for service providers? Do we even include such terms in employee contacts?

by

Undoubtedly, most of you will have seen the amazing story about the developer who secretly outsourced his own role to China, investing 20 percent of his annual salary to free up almost all his work time. The rouse came to light...

January 21, 2013 5:00 PM Read Full Post

Tags: bob, china, forrester, outsourcing, securid, security, verizon, vpn

The Atlantic Ocean divides financial aspirations for CISOs in 2013

2013 could be a crucial time for security investment - while many firms have restricted spending for several years now, the threat has continued to escalate

by

As 2012 came to a close, we studied the financial position of many CISOs and asked about their expectations for 2013. Unsurprisingly, it was apparent that 2012 was another difficult year and that CISOs had been keeping their belts tight...

January 16, 2013 12:35 PM Read Full Post

Tags: cloud computing, forrester, it business, risk management, security

A 2012 security incident recap by the numbers

Before we get too far along into 2013, I’d like to take a moment to reflect back on the events of 2012

by

Before we get too far along into 2013, I’d like to take a moment to reflect back on the events of 2012. Thanks to our friends at CyberFactors*, this is what we saw:Overall1,468 (publicly reported) incidents. This includes everything from...

January 10, 2013 5:06 PM Read Full Post

Tags: cloud computing, forrester, public sector, security, social security number

Make a resolution: Kill your P@55W0rD policies

The password is not dead but...

by

It has finally become hip not just to predict the demise of passwords, but to call for their elimination. The recent Wired article makes an eloquent case about the vulnerabilities that even "strong" passwords are subject to, such as social...

January 2, 2013 8:41 AM Read Full Post

Tags: authentication, bit strength, forrester, multi-factor authentication, password breach, password cracking, passwords, security, two-factor authentication

[ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] ... [ 19 ] [ continued on page 2 >> ]

Powered by the Pagination plugin for Movable Type