Find how-to's, case-studies, feature stories, opinions and interviews on Security.

Hack of New York Times Holds a Lesson for All Businesses

The New York Times, Twitter, and other major sites were knocked offline in an attack by the Syrian Electronic Army (SEA). While there is certainly a political motivation to the hacks, there is an underlying lesson that all businesses should learn.

Dealing With DNS Attacks

The Syrian Electronic Army, a pro-Assad hacking group, altered the DNS records used by the New York Times, Twitter, and the Huffington Post. Here are three ways such attacks happen, and how they can be mitigated.

7 Characteristics of a Secure Mobile App

When it comes to building secure mobile applications, errors most often occur in session management. By themselves, these mistakes do not present a significant risk, but the more mistakes made, the more vulnerable the application. And therein lies the problem: I often find several of these errors in any given app.

Cloud Security: The Basics

The Cloud Security Alliance and others are working to define security requirements for SaaS, IaaS, and PaaS cloud computing models.

A Few Good Information Security Metrics

Andrew Jaquith says information security metrics don't have to rely on heavy-duty math to be effective, but they also don't have to be dumbed down to red, yellow, green. Here are five smart measurements--and effective ways to present them.

15 Worst Data Breaches

Data security breaches happen daily in too many places at once to keep count. But what constitutes a huge breach versus a small one? For some perspective, we take a look at 15 of the biggest incidents in recent memory.

How to Build Multiple Layers of Security for Your Small Business

The complex and ever-changing security landscape can befuddle small businesses, and the plain truth is that there is no silver security bullet. Small businesses would be well-advised to deploy a multi-faceted security strategy. Here are eight must-have checklist items.

Security in the Cloud Is All About Visibility and Control

When it comes to security in the cloud, organizations are confident in their cloud providers, but also and reluctant to expose certain types of data and applications, according to IT industry association CompTIA. Security vendors maintain the problem is one of visibility and control, and each has a solution.