As enterprises struggle to keep up with their internal demand for mobile apps, more are turning to more rapid development workflows. What does this mean for app security?
George V. Hulme | 13 Feb | Read more
When it comes to successfully managing cloud use within the enterprise, some security organizations try to establish and enforce firm lines between what is permissible and what is banned, while others try to learn what their employees are trying to achieve and help them do so more securely.
George V. Hulme | 10 Dec | Read more
It’s often repeated that board involvement is crucial for cybersecurity success, but is this true?
George V. Hulme | 12 Nov | Read more
CISOs have more attention of top business execs now than ever before; is it here to stay?
George V. Hulme | 04 Nov | Read more
To fight threats today, more enterprises are increasing their information security spending, collaborating more on threat intelligence efforts, and they also turning to cybersecurity insurance policies in larger numbers.
George V. Hulme | 07 Oct | Read more
Here’s what enterprises need to do in order to protect their development environments from attack.
George V. Hulme | 29 Sep | Read more
In the past few years, DevOps has moved from a niche approach to application development to an enterprise strategy that stands front and center in organizations today.
George V. Hulme | 22 Sep | Read more
There’s no shortage of arguments that cybersecurity needs to be aligned with the needs of the business, or that security is now a “boardroom issue.” And it seems that a new report or study is issued every day that states that boards of directors are more involved with their organizations’ cybersecurity efforts than ever before.
George V. Hulme | 01 Sep | Read more
In case there existed any previous questions regarding how Oracle's chief security officer, Mary Ann Davidson, felt about its customers uncovering software vulnerabilities in its applications, they were laid to rest yesterday in a strongly worded blog post, No, You Really Can't. The post, swiftly pulled by Oracle, apparently held nothing back when it came to her views that under no circumstances should customers, or their hired security researchers, evaluate Oracle source code for potential security flaws.
George V. Hulme | 14 Aug | Read more
Sure, enterprises are investing more in their cybersecurity efforts: but is that a good thing? It could be, depending on how it is being spent.
George V. Hulme | 07 Aug | Read more
The year of cybercrime since our most recent US State of Cybercrime Survey has been nothing less than stunning. There were the Home Depot and JP Morgan Chase data breaches, the Sony Pictures fiasco, and most recently the devastating breach at the US Office of Personnel Management (OPM) that appears to be worse than
George V. Hulme | 09 Jul | Read more
A lot has changed since the early years, when enterprises first began embracing the CISO position. Back then, the CISO role was primarily a technical one: control user access, secure the databases, find and patch vulnerabilities, keep the malware out, and eventually to help build secure websites and eCommerce platforms. In those days, most of the highly proprietary data resided within the local area network, the data center, or within PCs and notebooks.
George V. Hulme | 02 Jun | Read more
There is a firmly held concern in security circles that the automation associated with DevOps moves too swiftly, that security teams and their tests can't keep up, that too many of the metrics measured focus on production, availability, and compliance checkboxes, and as a result, security falls to the wayside.
George V. Hulme | 01 May | Read more
When the Cloud Security Alliance (CSA) launched in 2008, the questions around cloud computing centered around whether cloud was secure enough to be trusted, how it could be managed securely and in such a way as to keep regulators happy. There was also plenty of talk about whether cloud would fully displace traditional enterprise data centers.
George V. Hulme | 22 Apr | Read more
There is little doubt cybersecurity is a hot career path right now. According to labor analytics firm Burning Glass, cybersecurity job postings grew 74% from 2007 through 2013 – a rate of growth that was twice as rapid as all IT jobs combined. And demand for cyber information security positions certainly hasn't let up since.
George V. Hulme | 27 Mar | Read more