Articles by Ann All 

Dridex and Email: A Nasty Social Engineering Team

Recent social engineering attacks involving Dridex malware illustrate the importance of paying attention to older and infrequently used attack vectors.

Programs Aim to Fill Cybersecurity Skills Gap

Symantec's Cyber Career Connection and the Air Force Association's CyberPatriot program both aim to address the cybersecurity skills gap.

Startup Spotlight: Security-as-a-Service Bitglass

While most cloud security startups focus on securing cloud infrastructure, Bitglass protects data traveling between corporate networks and SaaS applications.

Mobile Security's Budget Shortfall

Sixty-four percent of companies surveyed by the Ponemon Institute do not believe they have enough budget to adequately secure mobile devices.

Malvertising, Online Ad Networks a Dangerous Duo

Bad guys are using online advertising networks and popular sites like YouTube to serve malware to unsuspecting Internet users, finds new research from Bromium Networks.

Startup Spotlight: CloudPassage's Software-defined Security

As the software-defined data center becomes more common, enterprises are seeking security solutions that are abstracted from the underlying infrastructure.

Dude, How Secure Is My Connected Car?

With connected cars becoming more common, experts say vehicle manufacturers should adopt security best practices used by mobile device makers.

Hackers Target Browsers, Especially IE: Bromium Labs

Hackers targeted Microsoft's Internet Explorer with an emerging attack technique called action script spray in the first half of 2014, say Bromium Labs researchers.

User Education Key in Fighting Mobile Malware

Train users to read and heed mobile application permissions, says McAfee Labs.

Startup Spotlight: FortyCloud's Multi-layered Cloud Security

Israeli startup FortyCloud recently opened a U.S. office to grow its business, which focuses on helping companies secure data in the public cloud.

Retailers Partner on Cybersecurity Initiative

Retail Cyber Intelligence Sharing Center initiative will make it easy for retailers to share cybersecurity intelligence with each other and with government agencies.

Is Infosec Getting More Stressful?

Most IT professionals are stressed out at work, a recent survey suggests. Information security pros are especially stressed, thanks to growing levels of unpredictability.

Startup Spotlight: Cloud Security Specialist Armor5

Most mobile security solutions utilize a traditional endpoint management approach, but not the cloud security service provided by startup Armor5.

Are Companies Doing Enough for Cloud Security?

Bitglass found that few companies use single sign-on, which the security vendor calls ""the most basic security measure for SaaS adoption."

Cloud Requires Comprehensive Security: Report

Alert Logic's annual State of Cloud Security report shows a larger variety of attacks in the cloud, demonstrating the need for more comprehensive approaches to cloud security.

Heartbleed Especially Risky for SMBs

Enterprises with IT security staffs should find it easy to implement the patch for the Heartbleed vulnerability. But small companies may struggle to protect their websites and customers, experts say.

Infosec Salaries Among Highest in IT

While two reports find that infosec pay is among the best in IT, infosec pros also face some of the greatest on-the-job challenges.

Unwiped Mobile Devices a BYOD Risk

Just 16 percent of adults who use mobile devices for work wipe data from old devices when they get a new one. It's important to educate employees about the BYOD risks this creates.

Should All Sites Use HTTPS by Default?

While few e-commerce sites fail to protect sensitive data with the HTTPS protocol, many sites continue to use the less secure HTTP for some functions.

BYOD Should Begin with Business Case

Despite the risks of not making security policies central to enterprise BYOD and mobility programs, many organizations are ignoring this best practice.

Anonymous Protests Highlight Need for Cybersecurity

Hackers collectively known as Anonymous plan to participate in a protest called the Million Mask March. Do organizations need to revisit their security strategies?

BSIMM Advancing Software Security

The annual Building Security in Maturity Model (BSIMM) study adds new software security data every year. Nearly 70 companies contributed to version five, introduced this week.

How to Offer Security Awareness Training That Works

Want employees to pay attention to security awareness training? Make it accessible, pervasive and targeted to your audience.

Enterprise Mobility Management: Not Just Blacklisting Apps

Despite security concerns, a surprisingly small number of companies blacklist or whitelist applications on mobile devices.

Corporate Android Apps Not All Secure

Some mobile Android apps from Fortune 500 companies do not adhere to security best practices, finds a recent analysis by IT consulting firm RIIS.