Best practices to fight corporate security risks

Best practicesImage by PexelsToday, security education may be part of an organization’s onboarding process, but while many people know not to open an email from an unidentified source, or even those from a friend or coworker that have uncharacteristic links or text, individuals inevitably still do.To read this article in full or to leave a comment, please click here

These are the coolest things you can do with Google Home

Make Google your home companionImage by Derek WalterGoogle Home promises to one-up the Amazon Echo through its tight integration with Google services. It's the perfect desk-side comapnion to those who live in Google's world, as some simple voice commands allow you to unlock a ton of information or get your smart devices to perform many different actions. It's the closest we'll get to using magic incantations to make objects around us obey.To read this article in full or to leave a comment, please click here

Hottest Cyber Monday 2016 deals on Apple iPhones, iPads, Macs

Apple's underwhelming one-day Black Friday sale has come and gone, but other retailers have come to the rescue for Cyber Monday 2016 and put Apple iPhones, iPads, Macs and more on sale this Nov. 28 (though note that some retailers are extending Cyber Monday to the entire week).Best Buy is offering the iPhone 7 starting at $1*, and yes there is an asterisk on that. You save $200 on the 32GB edition of the iOS smartphone, but you also need to activate the phone on Verizon and sign on for a two-year contract.To read this article in full or to leave a comment, please click here

Security budgets continue to grow, but is it enough?

Cybersecurity is an increasing concern in the enterprise as the number of high-profile breaches reported only grow each year. In 2015, there were a reported 781 data breaches in the U.S., making it the second highest year for security threats, according to data from the ISACA. And 40 percent of those data breaches happened in the business sector.So it's no surprise that Business Insider Intelligence reports an estimated $655 billion will be invested in cybersecurity initiatives between 2015 and 2020. However, in 2015, worldwide cybersecurity spending reached only $75.4 billion, according to Gartner, jumping to an estimated $2.77 trillion in 2016. Those numbers suggest that businesses are only just catching on to the importance of cybersecurity in the workplace, but are they too late?To read this article in full or to leave a comment, please click here

Security budgets continue to grow, but is it enough?

Cybersecurity is an increasing concern in the enterprise as the number of high-profile breaches reported only grow each year. In 2015, there were a reported 781 data breaches in the U.S., making it the second highest year for security threats, according to data from the ISACA. And 40 percent of those data breaches happened in the business sector.So it's no surprise that Business Insider Intelligence reports an estimated $655 billion will be invested in cybersecurity initiatives between 2015 and 2020. However, in 2015, worldwide cybersecurity spending reached only $75.4 billion, according to Gartner, jumping to an estimated $2.77 trillion in 2016. Those numbers suggest that businesses are only just catching on to the importance of cybersecurity in the workplace, but are they too late?To read this article in full or to leave a comment, please click here

4 ways tech will shape workforce management in 2017

It's not too early to start thinking about your workforce management strategy for 2017. In 2016, organizations realized the importance of organizational efficiency, employee well-being and workplace wellness as well as engagement, flexibility, career growth and planning. You can expect those trends to only accelerate in 2017.We asked three experts -- a chief product officer, a senior technical recruiter, and a partner at a workforce management consulting firm -- to share their thoughts on what lies ahead for in workforce management. Here is their take on workforce management trends to watch in 2017.Related Video 1. Technology in the driver's seat Technology will continue to impact workforce management and HR in incredible ways, says Karen Williams, chief product officer for workforce management solutions company Halogen Software.To read this article in full or to leave a comment, please click here

Retailers get an IoT wake-up call

The DDoS attack against Dyn on Oct. 21 may not have been anything new or sophisticated to those steeped in cybersecurity, but it should serve as a significant wake-up call to retailers this holiday season and beyond, say experts. The hack — which led to vast consumer trouble loading major websites such as Etsy, AirBnB, Netflix and Twitter — was particularly notable because it appears to have relied on infecting internet of things (IoT) devices such as cameras, monitors and routers with software meant to flood targets with overwhelming traffic.[ Related: DDoS attack shows dangers of IoT 'running rampant' ]To read this article in full or to leave a comment, please click here

Retailers get an IoT wake-up call

The DDoS attack against Dyn on Oct. 21 may not have been anything new or sophisticated to those steeped in cybersecurity, but it should serve as a significant wake-up call to retailers this holiday season and beyond, say experts. The hack — which led to vast consumer trouble loading major websites such as Etsy, AirBnB, Netflix and Twitter — was particularly notable because it appears to have relied on infecting internet of things (IoT) devices such as cameras, monitors and routers with software meant to flood targets with overwhelming traffic.[ Related: DDoS attack shows dangers of IoT 'running rampant' ]To read this article in full or to leave a comment, please click here

HPACK: the silent killer (feature) of HTTP/2

If you have experienced HTTP/2 for yourself, you are probably aware of the visible performance gains possible with HTTP/2 due to features like stream multiplexing, explicit stream dependencies, and Server Push.

There is however one important feature that is not obvious to the eye. This is the HPACK header compression. Current implementations of Apache and nginx servers, as well edge networks and CDNs using them, do not support the full HPACK implementation. We have, however, implemented the full HPACK in nginx, and upstreamed the part that performs Huffman encoding.

CC BY 2.0 image by Conor Lawless

This blog post gives an overview of the reasons for the development of HPACK, and the hidden bandwidth and latency benefits it brings.

Some Background

As you probably know, a regular HTTPS connection is in fact an overlay of several connections in the multi-layer model. The most basic connection you usually care about is the TCP connection (the transport layer), on top of that you have the TLS connection (mix of transport/application layers), and finally the HTTP connection (application layer).

In the the days of yore, HTTP compression was performed in the TLS layer, using gzip. Both headers and body were compressed indiscriminately, Continue reading

Advice for evading ATM skimmers

I cannot use an ATM these days without wondering if I am getting ripped off by a stealthy skimming device that has been placed inside the machine’s card slot. One reason for my concern is that for years now I have been reading with great interest a series of articles on the subject by security expert Brian Krebs, who posted another one just yesterday.This piece includes a couple of videos showing exactly how scammers insert and remove the skimmers from an ATM, as well as practical advice you can use to thwart those efforts:To read this article in full or to leave a comment, please click here

Advice for evading ATM skimmers

I cannot use an ATM these days without wondering if I am getting ripped off by a stealthy skimming device that has been placed inside the machine’s card slot. One reason for my concern is that for years now I have been reading with great interest a series of articles on the subject by security expert Brian Krebs, who posted another one just yesterday.This piece includes a couple of videos showing exactly how scammers insert and remove the skimmers from an ATM, as well as practical advice you can use to thwart those efforts:To read this article in full or to leave a comment, please click here

How to protect the C-suite from spear phishing

CSO Editor-in-Chief Joan Goodchild sits down with Kevin O'Brien, founder and CEO of GreatHorn, to discuss ways that security leaders can fend off spear phishing attempts aimed at the executives at their companies.

80% Discount on a Amazon Dash Button, Just $0.99 with special Cyber Monday code – Deal Alert

Today get Amazon Dash buttons for $0.99 instead of $4.99 when you use our code CYBERDASH at checkout. Limit 3 buttons on the deal. And Amazon pays you a $4.99 credit after your first button push, so you sort of make money on this deal, don't you. Amazon Dash is a simple Wi-Fi connected gadget that lets you order your favorite things with just the push of a button. Keep it by your washing machine, your pet food, or in the bathroom closet. When you notice you're running low, just press the button and Amazon ships it right out. Each button gets tied to a specific product from Amazon's library of over 200 brands, in categories such as (click each category to see samples) household supplies, beverage & grocery, health & personal care, beauty products, pets, kids & baby, and more. Visit Amazon now, select up to 3 buttons and use CYBERDASH to sink the price from $4.99/button to just $0.99. (Access this deal on Amazon)To read this article in full or to leave a comment, please click here

Gartner: CLI Use Will Dwindle By 2020

Cyber Monday Savings on Amazon Products – Deal Alert

Amazon has released more deals on some of their most popular products and we have them all listed below. $40 off Echo $40 off TapTo read this article in full or to leave a comment, please click here

Ooma adds Internet security service to VoIP platform

Ooma’s VoIP platform has been around for several years now – it provides a home telephone line without having to pay additional fees for landline voice service. Even as phone service prices continue to drop, Ooma can be a good value for people looking for an additional phone line (one example - dedicated 911) beyond just using their mobile phones.But the folks at the company must be noticing that the trend for home phone service is certainly a downward arrow. This means the company needs to offer additional services in order to keep customers interested in their products/offerings. One such service is Internet security, which the company just announced.To read this article in full or to leave a comment, please click here

8 Significant Data Storage Mergers Of 2016

IDG Contributor Network: Information security priorities for Trump’s administration

Cybersecurity needs to be a top priority for the administration of Donald Trump. The first task should be shoring up government IT systems. As recent attacks have shown, adversaries aren’t afraid to go after political organizations. There’s no reason to suspect they won’t continue to target political entities such as the Democratic National Committee or step up attacks on government agencies.Emphasize that information security applies to all agencies Ideally, a cabinet meeting for all new secretaries should be held within three months of the inauguration to underscore that information security is essential for all agencies to complete their missions. Even secretaries whose agencies are not typically associated with either information security or IT need to be included.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Information security priorities for Trump’s administration

Cybersecurity needs to be a top priority for the administration of Donald Trump. The first task should be shoring up government IT systems. As recent attacks have shown, adversaries aren’t afraid to go after political organizations. There’s no reason to suspect they won’t continue to target political entities such as the Democratic National Committee or step up attacks on government agencies.Emphasize that information security applies to all agencies Ideally, a cabinet meeting for all new secretaries should be held within three months of the inauguration to underscore that information security is essential for all agencies to complete their missions. Even secretaries whose agencies are not typically associated with either information security or IT need to be included.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Why the IETF will be key for standardizing 5G

Most people in the mobile industry are aware that the Third-Generation Partnership Project (3GPP)—and Global System for Mobile communication (GSM) before it—has traditionally been the lead standards organization in specifying mobile network functionality. 3GPP logically partitions the mobile network architecture into Radio Access Network (RAN), and Core Network (CN) components.+ Also on Network World: What we talk about when we talk about 5G wireless + 3GPP will continue to be important in 5G, especially for the RAN-related functionality such as the OFDM and massive MIMO specifications for the radio interfaces. However, knowledgeable observers will also be aware of the fact that a significant number of key 5G protocols will be specified in the Internet Engineering Task Force (IETF). Actually, this is just a continuation and acceleration of trends started way back in 3G.To read this article in full or to leave a comment, please click here