Columnists 

Are TrueCrypt Users Screwed?

When developers of the TrueCrypt disk encryption program warned the open source project was insecure, it left users hanging. Fortunately, there are TrueCrypt alternatives.

Hackers Using DDoS to Distract Infosec Staff

Hackers are increasingly using DDoS attacks as a kind of 'smokescreen' that helps them carry out data breaches.

Data Breach Roundup: May 2014

Third-party vendors played a significant part in a handful of data breaches in May. This is why, experts say, companies must ensure vendors are careful with their data.

Are Anti-Malware's Days Numbered?

Anti-malware software can't spot all malicious code. Is  isolating end-user tasks through virtualization a better approach to security?

Managed Security Services' Role in Cloud Security

A managed security service provider (MSSP) is a good option for cloud security, say experts.

How to Protect PII

Personally identifiable information, or PII, is especially valuable to hackers. Here's how to make sure they don't get their hands on it.

How to Buy Static Analysis Tools

Static analysis tools can help software developers produce more secure applications. Here is what you need to know when evaluating such tools for your organization.

3 Tools for Enforcing Password Policies

User passwords are often a weak link in the corporate security chain. How can security pros make users adhere to strong password policies?

Top Apps for Boosting Mobile Security

Carriers of both iOS and Android mobile devices can improve their mobile security with apps that offer help with password management, encryption and other security best practices.

How to Fight Malvertising Threat

Even security-conscious enterprises like Yahoo can be compromised by attacks in which ad servers are used to deliver malware. How can you fight this 'malvertising' threat?

10 Bitcoin Security Tips

Bitcoins have the potential to revolutionize business payment transactions. But they also have some security shortcomings. Here are 10 tips for keeping Bitcoins secure.

6 Tips for Stronger Encryption

In the wake of revelations about NSA backdoors in encryption systems, organizations must do everything they can to ensure their encryption is as strong as possible.

December Data Breach Roundup: Theft Prevention, and More

Employee education can help prevent data breaches caused by the loss or theft of unencrypted devices, and employee monitoring is a key strategy for fighting insider theft.

How to Secure Digital Signatures

Hackers have found many ways to exploit digital certificates. What can you do to defend yourself against digital certificate risks?

7 Security Trends to Expect in 2014

From increasingly sophisticated DDoS attacks to stuxnets to insider threats, companies have plenty to worry about when it comes to enterprise security in 2014.

November Data Breaches: More Lessons Learned

In this second of two parts, we present more advice for security pros based on data breaches that occurred in November 2013, here focusing on how to fight hackers and malware.

November Data Breaches: Learn from Others' Mistakes

In this first of two parts, we look at what security professionals can learn from data breaches that occurred in November 2013.

How to Prevent DNS Attacks

Hackers like the Syrian Electronic Army are finding weaknesses to exploit in the Domain Name System. Here's how to keep your organization from falling victim to a DNS attack.

13 Hot Security Startups to Watch

There is always a batch of enterprise security startups with clever technologies poised to be purchased by Infosec giants. Here are 13 interesting security startups to keep an eye on.

Data Breach Roundup: October 2013

Data loss related to theft and loss is on the rise, says security expert Ryan Kalember, thanks to the huge popularity of smartphones and tablets.

White Hats for Hire Find Software Bugs

Companies that lack the resources to run their own bug bounty programs may want to consider a bug bounty as a service program.

Apple iOS7 Management vs. MDM

Though Apple has added MDM-like features to iOS7, many enterprises will find they still need third-party mobile device management solutions.

Data Breach Roundup: September 2013

A surprising number of last month's data breaches involved the theft or loss of laptops or hard drives.

Lagging Updates Compound Java Risks

Most Windows-based devices are running Java 6. Oracle is no longer releasing patches for this version of the software, which makes machines running it vulnerable to security risks.

Workplace Surveillance Revisited

As revelations about the NSA's security program continue to come, it's a good time to discuss workplace surveillance and when and why it might be used.