Stories by Bill Brenner

Spy versus spy

The cyberwar discussion is mired in confusion.

Written by Bill Brenner20 Nov. 11 22:00

Android a big target of Facebook-based attacks

Sophos Senior Technology Consultant Graham Cluley agrees with a BitDefender study showing Facebook as a growing attack vector for smartphone malware. Sophos has seen a similar pattern, and Android phones are often the easiest targets, said Cluley in an interview with CSO.
"The iPhone operates in a more controlled environment and the BlackBerry security model is fairly strong. Because Android operates in a more open environment, it's more open to infections," Cluley said.

Written by Bill Brenner11 Jan. 11 22:00

The pros of an 'adversarial' relationship

When CSO teamed up with PricewaterhouseCoopers to conduct its Eighth Annual Global Information Security Survey earlier this year, one question asked was who CISOs are reporting to these days. What the majority of respondents said was somewhat surprising.
Of the 12,847 respondents, only 6.5 percent described themselves as a chief information officer. Meanwhile, when CISOs were asked who they report to, most said the company CEO or board of directors. Less than a quarter of respondents said they report to the CIO.

Written by Bill Brenner10 Nov. 10 22:00

Why CIOs are resetting information security priorities

The threats and challenges you face haven't changed much in the past year, but you're finding a better recipe for protecting your corporate data and networks, according to our eighth annual Global Information Security Survey.

Written by Bill Brenner30 Sept. 10 07:04

Cloud security still a struggle for many companies

You want to embrace cloud computing because it makes your IT operations leaner and less expensive. But your understanding of cloud security hasn't advanced much in the last year, so you have to be cautious.
That's one of the takeaways from the Eighth Annual Global Information Security Survey CSO conducted along with sister publication CIO and PriceWaterhouseCoopers. Some 12,847 business and technology executives from around the world took the survey, and many admitted they're still a bit scared with the idea of putting critical data in the cloud.

Written by Bill Brenner29 Sept. 10 22:00

Combined defence

Physical and IT security shops often have trouble working together. They work as two separate departments and cultures, and criminal activity can go unnoticed as a result.
At the recent CSO Security Standard event, two security professionals sought to change that, offering up a plan the physical and IT sides can use to join forces for a far more potent defense.

Written by Bill Brenner13 Sept. 10 22:00

Security information event management use up in mid-sized orgs

IT security practitioners typically greet vendor-based studies with scepticism because they come off as a sales pitch for whatever products that vendor sells. People become especially leery when a study leads to the predicted death of a particular security tool. But when looked at cumulatively, such studies offer small snapshots of why companies are making certain security decisions.
Two newly released studies aiming to do just that looked at how security information event management (SIEM) and other log management tools are being used in mid-sized companies.

Written by Bill Brenner02 June 10 22:00

The most underrated security technologies

Here are four techniques and related technologies several cited as underrated in today's security fight. Since one security pro's miracle tool is another's waste of budget, it's no surprise that a couple of the technologies panned in an article that came out early this week on overrated security technologies are praised here.

Written by Bill Brenner17 March 10 22:00

Tweeps and Facebook Friends, Let's Smarten Up

Anyone who knows me understands that social networking is a critical piece of what I do. Every story, podcast, column and slideshow we publish on CSOonline is quickly proliferated via Facebook, LinkedIn, Twitter and elsewhere online. So it might be easy to look at the headline of this column and suggest I'm being a hypocrite.

Written by Bill Brenner17 March 10 05:34

The most overrated security technologies revealed

The security community has grown to depend on some basic technologies in the fight against cyber thieves, such as antivirus software and firewalls. But are practitioners clinging to tools that outlived their usefulness long ago? Were those tools ever really useful to begin with? recently conducted an unscientific survey on the matter, asking those questions to a variety of security forums on LinkedIn and following it up with e-mails and phone conversations. What follows are four technologies several cited as overrated in today's security fight.

Written by Bill Brenner14 March 10 22:00

Windows 7 will slash malware

Microsoft caused the IT security community more than a little heartburn when it included fixes for the barely-out-of-the-box Windows 7 in its October 2009 Patch Tuesday security update.
Nevertheless, Jimmy Kuo - principal architect for Microsoft's Malware Protection Center - has high hopes that Windows 7 will ultimately be seen as the major turning point where malware writers finally met their match. In the following Q&A, Kuo talks about the top takeaways from the latest Microsoft security intelligence report and why he believes Windows 7 will ultimately shut the door on a lot of the malware activity outlined this year.

Written by Bill Brenner03 Nov. 09 22:00

IT Security Outsourcing in Decline

The worst economic recession in decades has compelled more companies to spend less on outsourced security services and do more in-house, according to the seventh-annual Global Information Security survey, which CSO and CIO magazines conducted with PricewaterhouseCoopers earlier this year.

Written by Bill Brenner29 Oct. 09 00:28

The Curse of Cloud Security

Virtualization and cloud computing let you simplify your physical IT infrastructure and cut overhead costs, but you've only just begun to see the security risks involved.

Written by Bill Brenner28 Oct. 09 02:26

Why Security Matters Now

Social networking and cloud computing threats abound, our annual Global Information Security Survey finds, making information security important once again to business leaders.

Written by Bill Brenner16 Oct. 09 05:06


IT security pros are often driven to drink - literally - over the daily battles of their job: bosses unwilling to accept the rationale for some new security investment, employees who regularly infect their computers by doing things that have nothing to do with their jobs, and vendors who don't understand the company's needs.
But in a recent, unscientific and informal poll CSOonline conducted over such social networks as Twitter and LinkedIn, many IT security pros admitted they've often looked the enemy in the eye only to find themselves staring back in the mirror. Or, they've seen carelessness in well-meaning professionals who should know better.

Written by Bill Brenner23 Sept. 09 22:00