The Globalization of Security Testing: A World of Good (Standards)

Surely and not-so-slowly, the concept of “internationality” is disappearing — at least in terms of the free exchange of information — and the tiny, expensive devices in our pockets and purses are leading the charge. For end users, the benefits of global information access are as obvious as they are numerous, especially thanks to apps […]

The Security Programs Disconnect: Why Does Enterprise-Wide AppSec Lag Behind?

Enterprises are using more apps than ever, many of which are cloud-based. That’s according to a recent Forbes article, and — no surprise — this increased use comes with increased risk. Survey data found that 85 percent of all data uploaded went to apps that enabled file sharing, and, perhaps more worrisome, 81 percent of […]

Not Just a Buzzword: Achieving Security Awareness Across an Organization

There’s a reason digital security and privacy concerns are more prevalent in the minds of end users than they’ve ever been. When your entire life is stored on a pocket-sized device designed to access other devices and networks, the thought of a stranger gaining access is horrifying. Personal photographs, bank accounts, private correspondences with friends […]

Security Assessment, Speed — and the Death of Mutual Exclusivity

Maintaining focus is important, but priorities shift. Those seven words sum up a conflict as old as time in the world of software development, where sharpening focus in one area inevitably causes a need for improvement in another. If anything, it’s a testament to the cyclical nature of development as a whole: Any change, from […]

Facebook: The Importance of Paying for Defense

Facebook’s $50,000 award for research on static code analysis puts the focus on the importance of defensive technology – and that’s a welcome change. We may have over-learned the lesson about the limits of cyber defense. However, Facebook’s surprise award of $50,000 to two researchers for their work on a new method for discovering vulnerabilities […]

Supply Chain Security: When Breaches Go Global

It’s tempting to imagine your supply chain as one unbroken line where each link is directly fastened to the next, making it easy to uncover weak spots or add new processes. In truth, this chain more closely resembles a tangled web with lines and links that branch out, interconnect and then split. The recent Target […]

Collaborate to Innovate

Supply chain management may conjure thoughts of enterprises driving business relationships with an iron hand – think of Walmart’s legendary purchasing power driving innovation into its suppliers. But some supply chain transformations occur through collaboration between the supplier and the enterprise in support of meeting the enterprise’s goal. In green supply chain transformations, there are […]

Application Security: Why Skipping the Audit Can Risk Your Investment

It’s all over the news lately: new, flashy apps make it out of the oven, get great press coverage—and are hacked days later. Even the satirically simple app Yo, which sends a “Yo” message to a user’s friends, was a victim. In many cases, app developers could have easily avoided massive blows to their reputations […]

How to Develop an Enterprise-Wide Security Vulnerability Assessment Solution

It’s becoming evident that modern enterprise executives understand the importance of application security (AppSec). Despite this, however, only a very small percentage of applications undergo a true security vulnerability assessment, leaving the majority wide open to attack. Enterprise executives who understand the importance of AppSec must learn how to secure both new and existing apps, […]

Why (Cyber) Insurance Is Sexy

Nothing says ‘yawn’ like the topic of insurance. One notable exception may be the mushrooming marketplace for cyber risk insurance. But do insurers really know what they’re underwriting? Nothing says ‘yawn’ quite like insurance – and I say this as the son of one insurance salesman, and the brother of one more. After all: the […]

1 2 3 71