Stories by Stacy Collett

Stacy Collett's image

API security leaves apps vulnerable: 5 ways to plug the leaks

Many Starbucks customers got a jolt in May when cyberthieves were discovered stealing money from their credit cards and payment accounts by first tapping into their Starbucks mobile apps. The culprit was believed to be a hole in an application-programming interface (API), though perhaps not on Starbucks' site but on another app where overused passwords were stolen and reused, according to reports.

Stacy Collett | 08 Aug | Read more

Phishers target middle management

Phishing scammers have infiltrated the enterprise and they're finding easy prey, but it's not in the C-suite as previously thought. Attackers are exploiting the multitasking, often overloaded middle management ranks, according to research by security and compliance firm Proofpoint.

Stacy Collett | 24 Jun | Read more

5 tips for keeping your incident response team happy

A security manager might be turned off when a job candidate calls him "dude" several times during the course of an interview, but it was a minor infraction that Todd Borandi had to overlook. Like many security team leaders seeking highly sought-after technical skills for his incident response team, he had to let small transgressions slide.

Stacy Collett | 28 May | Read more

CSO50 2015

Each year, the CSO50 Awards honor individuals who demonstrate excellence, achievement and leadership in security and drive business value.

Stacy Collett | 05 Feb | Read more

CSO50 winners announced

Each year, the CSO50 awards honor 50 security projects and initiatives that have delivered groundbreaking business value through the innovative application of risk and security concepts and technologies. Here are the 2015 winners:

Stacy Collett | 04 Feb | Read more

CSO50 2015: Creating a Human Firewall

Human nature dictates that you can never expect 100% of the people to follow instructions 100% of the time. The same holds true when it comes to protecting information security. At safety science company UL LLC in Northbrook, Ill., Steve Wenc, senior vice president and chief risk officer, and Robert Jamieson, IT security officer, realized early on in their security education efforts that reducing risk would require more than just lectures and written instructions.

Stacy Collett | 04 Feb | Read more

Five new threats to your mobile device security

Attacks that proved successful on PCs are now being tested on unwitting mobile device users to see what works -- and with the number of mobile devices with poor protection soaring, there are plenty of easy targets. "Attackers are definitely searching after the weakest point in the chain," and then honing in on the most successful scams, says Lior Kohavi, CTO at CYREN, a cloud-based security solutions provider in McLean, Va.

Stacy Collett | 22 May | Read more

How security is using IAM to manage BYOD

What do smartphones and corporate credit cards have in common? Very soon, both will be monitored by employers in an effort to detect abnormal or otherwise suspicious patterns of activity. In the age of bring-your-own-device (BYOD) policies, companies are turning to techniques like these to manage access from smartphones and tablets to their internal systems and to confirm the identities of the people using them.

Stacy Collett | 11 Nov | Read more