How-Tos 

Mobile Payment Fraud a Growing Problem: LexisNexis

Mobile commerce is a prime target for payment fraud, thanks to its novelty and complexity, according to a recent LexisNexis report.

6 Tips for Developing Secure IoT Apps

Most IoT systems contain security vulnerabilities that can be exploited by hackers, a recent study found, highlighting the importance of developing secure IoT apps.

3 Questions Every CISO Should Answer

FireEye's Kevin Mandia has a few key questions for CISOs.

Risk Assessments: What You Need to Know

Why are information security risk assessments so important, and how can you make sure you get an effective assessment?

5 Lessons Learned from Anthem Data Breach

Anthem's recent data breach reveals some things Anthem did right – and some it did wrong. Other enterprises can learn from its actions.

Email Is Not Forever: Advice on Archiving

In the wake of the Sony scandal, companies may wonder how long to retain email. Hint: The answer is not "forever."

Enterprise Wearables: Mitigate Security Risks

Enterprises are finding business use cases for wearable technology, which means security teams must protect data on wearables and educate users about risks and best practices.

It's Not Easy to Determine Costs of Data Breach

Determining costs of a data breach is a complicated, but important, exercise. It may help convince executives to increase security spending.

10 Tips for Secure Business Travel

Business travelers are an attractive target for hackers. Here's how to protect yourself when you are on the road.

Intrusion Detection Systems: a Primer

Intrusion detection systems can be a key tool in protecting data. This primer can help you determine which kind of IDS is right for you.

Building a Better Security Budget

The key to smart security spending is assessing your current environment and looking for opportunities for centralization, consolidation and standardization.

PCI Compliance: Preparing for Version 3.0

When version 3.0 of the Payment Card Industry Data Security Standards becomes mandatory next month, merchants may need to make some changes.

The Trouble with Tor

Confidence that Tor can reliably provide users with anonymity on the Internet has been shattered, thanks to recent revelations. Tor alternatives do exist, however.

Dridex and Email: A Nasty Social Engineering Team

Recent social engineering attacks involving Dridex malware illustrate the importance of paying attention to older and infrequently used attack vectors.

Dealing with a Data Breach: Tips from the Trenches

Thorough documentation and clear communication can make dealing with a data breach a little less painful.

IAM Best Practices: Involve HR, Use Single Sign-on

While identity and access management is a challenge for all organizations, especially global ones, panelists at the SC Congress event offered tips that can help.

5 Tips for Fighting Email Security Threats

Email is one of a hacker's favorite tools, so companies must be smart about thwarting email-generated cyber attacks.

Today's Top 5 Malware Threats

To fight malware, security teams must understand it. Here are five especially nasty forms of malware.

The Internet of Things: 3 Security Requirements

As the Internet of Things proliferates, so too do IoT-based vulnerabilities and attacks. These three tips will help secure your IoT-enabled network.

Is Shellshock a Feature, not a Bug?

The Shellshock flaw highlights a major security issue. Software created before mass adoption of the Internet is highly susceptible to today's security risks.

7 Cyber Defense Best Practices for SMBs

With cyber criminals increasingly choosing to target smaller companies, SMBs need to up their security game.

No Easy Fix for Point-of-Sale Security

Why is securing point-of-sale systems so hard, and what can retailers do to improve their PoS security postures?

Enforcing Password Complexity without Alienating Users

Protecting passwords from compromise is a challenge for IT managers, who must deal with attacks that aim to compromise systems while giving users the simplicity they want.

Want to Beat Social Engineering? Training Is Key

Social engineering is an insidious – and highly successful – method of data theft. Training users to spot it is the key to beating it.

An Open Source Solution to Shellshock

An open source tool can mitigate risks associated with Bash shell attack.