Articles by Diana Kelley 

What the Heck is DNSSEC?

DNS Security Extensions (DNSSEC) can improve the overall security of DNS, but note that there are some criticisms and caveats before you going running off and planning for full implementation of DNSSEC.

Getting Ready for PCI 2.0 Compliance

If your work for an entity that stores, processes, or transmits credit card data in electronic form, you’d better be ready to comply with PCI DSS v2.0, which took effect on January 1, 2011.

Communicating Complex Security Concepts

Regardless of what kind of thinker and learner you are, it’s critical to present complex security concepts clearly to ensure maximum communication effectiveness with your audience.

Navigating Smartphone Liability: Corporate Liable v. Individual Liable

Personally owned, individual liable converged mobile devices are becoming commonplace in corporate environments and pose unique data protection threats.

Rethinking Privacy and Cloud Computing

A predominantly cloud-based architecture is the future for most enterprises. The question is how to best balance privacy and security with cost and business risk.

Four Key IT Security Trends for 2011

What the 2010 security acquisition spree by major players, including Symantec, HP, IBM, CA and VeriSign, could mean to IT security professionals.

Why SCADA Security Matters--And What You Should Know About It

Worst case scenarios of distributed SCADA attacks include bringing down the power grid to a major metropolitan city, yet most SCADA experts are not security experts--and vice versa.

How to Choose the Right Web Application Firewall (WAF)

An exhaustive look at all the ins and outs of shopping for a WAF. Doing the RFP work up-front will help to ensure that your organization gets the right tool for the job. Our expert tells you how.

Three Things the Oil Spill Can Teach Us About Disaster Recovery

The BP oil spill is a cautionary tale for businesses that are functioning without proper business continuity and disaster recovery processes and procedures in place.

Buying Guide for Cloud-based E-mail

We outline the key considerations for companies looking to make informed, risk-sensitive, purchasing decisions when selecting a cloud-based e-mail solution.

Measuring Software Security: BSIMM2 and Beyond

The new BSIMM2 provides the data-driven measurements that allow organizations to objectively assess their software security maturity level against their peers and themselves.

How To Set Social Networking Policies for Employees

Establishing a clear set of social networking policies is important to both the security of your business and of your employees.

How to "Green" Security Compliance

Security consultant Diana Kelley outlines several key areas where enterprises can “green” their security compliance programs.

Security Vendors Show Innovation at RSA

At the RSA Conference this week in San Francisco, some small vendors stood out for their innovative security solutions.

Cloud Computing Takes Center Stage at RSA 2010

At RSA, most heads are in the cloud with everyone from Symantec to IBM delivering new cloud-based security solutions.

Do Geotagging and Presence Put Your Enterprise at Risk?

Sometimes knowing who, what, where, and when is not such a good thing. Security consultant Diana Kelley explores the dangers of geo-location to your business's information security.