Columnists 

TrueCrypt Getting a New Life

TrueCrypt will stay alive, thanks to devotees who are forking the encryption program's code. 'Cleaned up' code will get a new name, CipherShed, and a different open source license.

Startup Spotlight: Threat Detection Specialist ThetaRay

Israeli security startup ThetaRay promises to detect zero-day attacks, hidden APTs and other threats in seconds by simultaneously analyzing all security and operational data sources.

For Bank, Mobile Device Management Offers Benefits – Some Unexpected

Massachusetts' Needham Bank enjoys a bevy of benefits thanks to its mobile device management system.

Internet of Things a Potential Security Disaster

Experts believe the Internet of Things will be highly insecure, at least in the early days.

Mobile Device Management: The Buying Basics

Mobile device management (MDM) can help enterprises minimize security risks associated with BYOD. Here is what you need to know if you plan to purchase an MDM system.

Big Data Overwhelms Security Teams

Experts say increased automation and better analytics will help security teams overwhelmed by Big Data.

How to Minimize Enterprise File Sharing Risks

File sharing and sync (FSS) services like Dropbox can expose sensitive corporate data. Luckily, there are enterprise-grade FSS alternatives.

Are TrueCrypt Users Screwed?

When developers of the TrueCrypt disk encryption program warned the open source project was insecure, it left users hanging. Fortunately, there are TrueCrypt alternatives.

Hackers Using DDoS to Distract Infosec Staff

Hackers are increasingly using DDoS attacks as a kind of 'smokescreen' that helps them carry out data breaches.

Data Breach Roundup: May 2014

Third-party vendors played a significant part in a handful of data breaches in May. This is why, experts say, companies must ensure vendors are careful with their data.

Are Anti-Malware's Days Numbered?

Anti-malware software can't spot all malicious code. Is  isolating end-user tasks through virtualization a better approach to security?

Managed Security Services' Role in Cloud Security

A managed security service provider (MSSP) is a good option for cloud security, say experts.

How to Protect PII

Personally identifiable information, or PII, is especially valuable to hackers. Here's how to make sure they don't get their hands on it.

How to Buy Static Analysis Tools

Static analysis tools can help software developers produce more secure applications. Here is what you need to know when evaluating such tools for your organization.

3 Tools for Enforcing Password Policies

User passwords are often a weak link in the corporate security chain. How can security pros make users adhere to strong password policies?

Top Apps for Boosting Mobile Security

Carriers of both iOS and Android mobile devices can improve their mobile security with apps that offer help with password management, encryption and other security best practices.

How to Fight Malvertising Threat

Even security-conscious enterprises like Yahoo can be compromised by attacks in which ad servers are used to deliver malware. How can you fight this 'malvertising' threat?

10 Bitcoin Security Tips

Bitcoins have the potential to revolutionize business payment transactions. But they also have some security shortcomings. Here are 10 tips for keeping Bitcoins secure.

6 Tips for Stronger Encryption

In the wake of revelations about NSA backdoors in encryption systems, organizations must do everything they can to ensure their encryption is as strong as possible.

December Data Breach Roundup: Theft Prevention, and More

Employee education can help prevent data breaches caused by the loss or theft of unencrypted devices, and employee monitoring is a key strategy for fighting insider theft.

How to Secure Digital Signatures

Hackers have found many ways to exploit digital certificates. What can you do to defend yourself against digital certificate risks?

7 Security Trends to Expect in 2014

From increasingly sophisticated DDoS attacks to stuxnets to insider threats, companies have plenty to worry about when it comes to enterprise security in 2014.

November Data Breaches: More Lessons Learned

In this second of two parts, we present more advice for security pros based on data breaches that occurred in November 2013, here focusing on how to fight hackers and malware.

November Data Breaches: Learn from Others' Mistakes

In this first of two parts, we look at what security professionals can learn from data breaches that occurred in November 2013.

How to Prevent DNS Attacks

Hackers like the Syrian Electronic Army are finding weaknesses to exploit in the Domain Name System. Here's how to keep your organization from falling victim to a DNS attack.