Josh Fruhlinger

Learn how CompTIA Security+ certification will impact your job and salary and how to decide if this cert is right for you.

Tabletop exercises are a low-stress, high-impact way to test your plans for handling a crisis. Here are some tips for getting the most out of the process, plus six scenarios you can use to start your journey.

Dear Riders, On Sunday, Metro Bus and Rail service changes went into effect — with more frequent service on many bus lines, as well as our light rail trains. Metro also resumed front door boarding …

As these examples show, vulnerabilities can lurk within production code for years or decades—and attacks can come at any time.

HITRUST is a cybersecurity framework that seeks to unify the rules for many other existing regulatory and industry frameworks, including HIPAA, GDPR, PCI-DSS, and more.

The CSO is the executive responsible for the organization’s entire security posture, both physical and cyber, and has the big picture view of the company’s operational risk.

The IEEE 802.1X standard integrates enterprise authentication into wired or wireless LANs.

Banish these common passwords now and employ these tips for better password security.

A zero day is a security flaw that has not yet been patched by the vendor and can be exploited. The name evokes a scenario where an attacker has gotten the jump on a software vendor, implementing attacks that exploit the flaw before the good guys of infosec are able to respond.

The chief information security officer (CISO) is the executive responsible for an organization’s information and data security. Learn what it takes to land a CISO job and how to be successful in the role.

The Health Information Technology for Economic and Clinical Health (HITECH) Act aims to expand the use of electronic health records through incentives to health care providers and consumers. It also tightens rules on providers to ensure that EHRs remain private and secure.

HIPAA (the Health Insurance Portability and Accountability Act) is a law passed in 1996 that imposes stringent privacy and security mandates on health care providers—and most of their IT vendors.

The Graham-Leach-Bailey Act (GLBA) is a 1999 law that allowed financial services companies to offer both commercial and investment banking, something that had been banned since the Great Depression. It has an infosec reach that goes far beyond the financial services industry.

WANs connect smaller networks across long distances, and their architecture, protocols and technologies have evolved to their latest incarnation, SD-WAN.

The future of data centers will rely on cloud, hyperconverged infrastructure and more powerful devices.

Cryptography is the science of keeping information secret and safe by transforming it into form that unintended recipients cannot understand. It makes secure data transmission over the internet possible.

PCI DSS is a cybersecurity standard backed by all the major credit card and payment processing companies that aims to keep credit and debit card numbers safe.

Whitelisting is a cybersecurity strategy under which a user can only take actions on their computer that an administrator has explicitly allowed in advance. It is a fairly extreme measure with high administrative overhead, but it makes sense in certain scenarios.

Newspaper comic strips find themselves rethinking slice-of-life comedy

The internet of things (IoT) is a network of connected smart devices providing rich data, but it can also be a security nightmare.