How-Tos 

Using Microsoft Tools for Policy-driven Security

Here is how to use Microsoft tools, including Group Policy ADMX and Group Policy Preferences, to assure policy-driven compliance and security.

Better Security through Benchmarks

Security by the Numbers aims to offer comparative benchmarks that help companies understand how their security postures stack up against their peers.

3 Things the Kentucky Derby Teaches Us about Security Analytics

What can handicapping and betting on horse racing teach infosec pros about security analytics?

National Security Letters and Gag Orders: 5 Tips to Reduce Risk

To reduce your government surveillance 'attack surface' and protect customers' data privacy from U.S. government agencies, follow these five tips.

How to Conduct Internal Penetration Testing

Automated penetration testing tools and open source tools, especially those in Linux security distributions, are invaluable aids for internal pentests.

5 Steps to a Better Incident Response Plan

Incident response plans have never been more important, given the growth in cyber attacks. These steps will ensure yours is ready for action.

How to Find the Right Penetration Testing Company

A penetration test is only as good as the company conducting it. Here is everything you need to know to find the right penetration testing company.

How to Get Identity Authentication Right

Identity authentication is especially important for high-value transactions, so it is important to get it right.

6 Ways to Make IAM Work for Third-Party Organizations

Identity and access management (IAM) for third-party organizations is a tough security challenge. Gartner's Felix Gaehtgens offers tips that will help.

IoT Security: It's All About the Process

With IoT security, complicated dependencies demand complementary processes.

6 Tips for CISOs Selling Security to the Board

Some CISOs may dread presenting to the board of directors. These tips will help ensure it goes well.

3 Ways to Defeat 'Microsoft' and 'Dell' Phone Scams

Scam phone calls from 'Microsoft' and 'Dell' can trip up even security-conscious folks. How can you fight such phone scams?

How Mature is Your Vulnerability Coordination?

VIDEO: Katie Moussouris, chief policy officer at HackerOne, discusses the Vulnerability Coordination Maturity Model.

How to Hire Security Pros Like a Hacker: RSA

Digital Shadows takes a look at how hackers recruit and finds some lessons learned for enterprises.

5 Best Practices for Reducing Third-Party Security Risks

Vendors and other third-party partners have caused some big data breaches. Here is how to keep it from happening to you.

5 Security Tips for Moving SharePoint to Cloud

Switching from on-premises SharePoint to SharePoint Online can be tricky from a security standpoint.

How to Fight Advanced Persistent Threats

Improving security policies, procedures and configurations is the first, and most important, step in defeating advanced persistent threats (APTs).

How to Set up a Successful Bug Bounty Program [VIDEO]

What does it take to run a successful bug bounty program?

5 Ways to Fight Nation-State Attacks

State-sponsored cyber-attacks are tough to stop. Remaining vigilant is the key.

Procuring Security Tech a Hassle? These 9 Tips Will Help

Procuring enterprise security technology can be tricky. A government CISO offers nine tips that will help the procurement process go smoothly.

BSIMM's Data-driven Approach to Software Security

The Building Security in Maturity Model's sixth edition features recommendations gleaned from software security practices of more than 100 companies.

How to Secure Corporate Data in Post-Perimeter World

Four simple steps can help organizations secure business data outside the firewall.

TrueCrypt Travails Continue

Two serious bugs later, almost no one thinks it is a good idea to use TrueCrypt. But what are your options?

Unlocking Smartphones: PINs, Patterns or Fingerprints?

PINs, patterns and fingerprints are all options for unlocking mobile devices. But which option is most secure?

Europe's Data Protection Regs: What You Need to Know

Europe's data protection rules are about to get more strict, under legislation being drafted by the European Commission. Several rules relate to cloud data.