The emergence of the Internet – or more precisely – the World Wide Web into the mainstream over the last decade has meant the role of the high street travel agent has changed irrevocably. Most Internet-savvy people now routinely go to the Web or an app on their smartphone to check out hotel and car hire prices, as well as… Read more »
The pressure on CISOs is well-recognised – growing cyber threats, static IT budgets, staff who ignore the most basic advice (password 123456 anyone?) and board directors who still think it’s all just an IT problem. Yet on the other side of the scales, cyber security professional has to be one of the most coveted job titles around at present. First… Read more »
Are we wasting our time trying to raise security awareness among the general populace? Is it time to simply enforce security upon ordinary computer users? Cryptographer and security pundit Bruce Schneier seems to think that training aimed at raising the awareness of corporate employees “is generally a waste of time”. Some of the analogies Schneier makes don’t really stand up… Read more »
Pen testing has always been viewed by IT security and data governance professionals as something of an audit exercise, with the pen tester undertaking a series of proscribed and planned tests, then reporting back to the IT security manager – or client management professional – in a report format, complete with recommendations. Dr. Philip A. Polstra, Sr, a Professor in… Read more »
Perhaps it’s about time we stopped thinking of information security purely as a specialist, technical profession and instead embrace it as a fundamental office skill, applicable to anyone whose fingers touch a keyboard. Security awareness among ordinary office workers – even among that mythical tribe of employees known as ‘knowledge workers’ – is patchy to say the least. Where information… Read more »