In the News

Open source software security challenges persist, but the risk can be managed

Using open source components saves developers time and companies money. In other words, it’s here to stay. Here’s a look at what it will take to improve open source security. This year’s Equifax breach was a reminder that open source software and components pose a giant risk to enterprise security despite their many benefits, especially when not […]

How to Protect Your Child’s Privacy on Internet-Connected Toys

“We’re still in the wild, Wild West,” says John Dickson, a principal at Denim Group, a cybersecurity company in San Antonio, when it comes to connected products. VTech, which makes tablets, smartwatches, and other connected toys for kids, settled the complaint without admitting or denying any wrongdoing. Allan Wong, chairman and group CEO, said the […]

Gifts That Snoop? The Internet of Things Is Wrapped in Privacy Concerns

Just about every electronic device now has some kind of internet connection. So it’s not a stretch to predict that the so-called “internet of things,” or IoT, will take up a significant amount of space on Santa’s sleigh this year. These items include connected thermostats, smart speakers, web cameras, fitness trackers, and lots of kids’ […]

How Uber Is Going to Change the C-Suite in 2018

The CEO of Uber knew about the hack months before the public was notified. Should that have been his call? The C-suite is in for a sea change in 2018. Given the mayhem perpetrated (and sometimes even disclosed) this year, things are going to change in 2018. Whether we’re talking about the recent Uber revelation, or the world’s cyber-elite meddling […]

What Sort of Testing Do My Applications Need?

As you start to get an idea of what your application portfolio looks like, you then need to start determining the specific risks that applications can expose your organization to. This is typically done through application security testing – identifying vulnerabilities in an application so that you can make risk-based decisions about mitigation and resolution. […]

PODCAST: Will 2018 be the year of the CISO?

“What this means is that now the CISO has more hard core business rationale for spending,” Dickson opined. “In the good old days CISOs would say, ‘We have to do this or we might get hacked.’ It was it was an abstract threat and risk that, candidly, most execs had a hard time quantifying. “Now […]