Security has always been something of an afterthought, especially in small business environments where just getting systems up and running is more than challenging enough. The solution to that vexing problem has been to bundle security software directly into the operating system. But the problem with that approach is the security software that usually gets bundled into the operating system is rarely best in class.

There’s a lot more talk about potential threats to mobile security that any actual activity. But as mobile devices increasingly become used to initiate transactions, there’s no doubt that mobile computing devices present a tempting target for cyber criminals.

Nobody can say Google didn't warn us: Notifications of changes to its privacy policies have been impossible for its users to miss over recent weeks. Come March 1, Google's privacy policies and the data gained from its more than 60 products and services all become one.

For all the concerns about cybercrime and digital espionage the threat that can do the most harm to any organization is the one that comes from inside. It doesn’t take much these days for a disgruntled employee to become motivated enough to share valuable business information with outsiders. Whether it’s for revenge or profit, most IT organizations are not really prepared to prevent that leak from happening or identify the source of that leak once it happens.

Is it just me or do others share my concern that some people responsible for malware creation also play a role in selling anti-malware?

With each passing day it’s becoming clear that law enforcement organizations are gaining more insight into the cybercriminal community.

Despite decades of research into alternatives, two researchers say passwords are getting more use than ever, deserve more research and may be the best solution for many security applications.

While gamers complain Microsoft is refusing to take the blame for hacked xBox Live profiles.

On the eve of the 1980 Presidential election, candidate Ronald Reagan posed a 10-word question to the voting public that may have cost Jimmy Carter his re-election: "Are you better off than you were four years ago?" Reagan asked on national television.

Microsoft admitted this week that months after the discovery it is still working to fix a Skype vulnerability that potentially can  reveal a user's location and download habits. As of Jan. 12, the vulnerability remained and Microsoft, which owns Skype, offered no timetable for a fix.

It’s hell week for many IT security professionals: Not only did Microsoft issue its usual raft of “Patch Tuesday” security updates, one of which involved a critical flaw to the Windows Media player, but Adobe Software also issued several updates as part of an ongoing process to address fundamental security issues.

I am of two minds regarding the Stop Online Privacy Act (SOPA), currently winding its way through the U.S. Congress. I passionately love SOPA and hate it just as much, both at the same time.

Just about everyone is concerned about cloud security these days; it’s just not clear who is doing anything about it.

Phishing has been one of the banes of e-mail ever since the first e-mail delivery services emerged. Now more than a decade later it looks as though we finally may be witnessing the beginning of a broad-based effort to curtail, if not eliminate, the vast majority of phishing attacks.

There are not nearly as many IT organizations using encryption as there should be. But among the organizations that do, an interesting problem is emerging: Various database systems have different encryption schemas that all come with their own management framework.