Thou shalt not reverse engineer Oracle's products. That was the stunning diktat issued by Oracle CSO Mary Ann Davidson in a blog post that some are reading as a declaration of war against the security research community.
When security succeeds, it is often unnoticed. That success might also make security investments hard to sustain, given its low profile in organizations. Gartner's Tom Scholtz discusses articulating security's business value.
Target is the high-profile example, but many organizations have been breached through third-party vulnerabilities. Where are the security gaps, and how can they be filled? BitSight's Stephen Boyer offers insight.
Retailers cannot avoid innovation. Yet, cybercriminals thrive when retailers innovate. What, then, can retailers do to stop cybercriminals from breaching their defenses? Here are three key questions to answer.
As a customer, Delaware Chief Security Officer Elayne Starkey has seen the evolution of cloud computing over the past three years to a point where she has more sway over the security terms of cloud services contracts.
Characterizing the state of employment among American information security practitioners, executive recruiter Joyce Brocaglia says, "We are experiencing negative unemployment in the field of information security."
To protect their privacy, organizations should get their IT security staffs involved in vendor-requested audits conducted to verify software licensing agreement compliance, says Gartner Research Director Victoria Barber.
Mobility has driven the rise of containerization as a security strategy for employee-owned devices. But what about for contractors? Kimber Spradlin of Moka 5 discusses how to mitigate third-party risks.
Despite their differences on certain issues, the Financial Services Roundtable and the Retail Industry Leaders Association have joined forces in an effort to prevent breaches by enhancing cybersecurity and threat intelligence sharing.
The potential of governments messing with commercial IT security products - think China and the NSA - means organizations need to improve lines of communications to assure the integrity of the IT wares they acquire. ISF's Steve Durbin discusses mitigating supply-chain risk.
President Obama met with technology company executives critical of his administration's surveillance program a day after a federal judge ruled that portions of the National Security Agency program could be unconstitutional.