Doug Bonderud

Doug Bonderud is a freelance writer passionate about the evolution of technology and its impact on companies, stakeholders and end-users alike. Want to know more? Follow Doug on Twitter.
Posts by Doug Bonderud

How AppSec Fits into an Information Security Program

January 28, 2016  | Intro to AppSec

fits-well.jpg Want a better information security program? Most companies do and are willing to spend big money on safeguarding critical systems. As noted by Infosecurity Magazine, Allied Market Research predicts huge growth in the hardware encryption market, with a CAGR of more than 50 percent and a net value of almost $300 billion by 2020. But locking down data at rest and in... READ MORE

5 Steps to a Better Application Security Program

December 10, 2015  | Managing AppSec

hands-coffee-cup-apple.jpg Effective application security — AppSec — isn't easy. As noted by eWeek, payment apps on both iOS and Android devices lack not only encryption but are at risk of tampering, which "could potentially enable an attacker to reroute funds." Despite the challenge of tracking down and securing vulnerabilities, however, many companies... READ MORE

Investing in AppSec: What's the Magic Number?

December 4, 2015  | Managing AppSec

How much should an organization spend on application security? Cybersecurity experts are often willing to break budgets when it comes to protecting critical applications, arguing that prevention is worth millions in cure. Meanwhile, C-suite executives are often less convinced by this kind of proactive thinking, instead opting to spend on AppSec only when demonstrable threats are on the horizon.... READ MORE

Cybersecurity in Finance: Time for Change?

November 17, 2015  | Security News

Banks are investing big in cybersecurity. According to Lexology, HSBC has earmarked $1 billion for cybersecurity enhancements, while JPMorgan Chase has doubled down on spending with plans to hit $500 million by the end of 2015. Even financial institutions that aren't actively ramping up their resources are busy backing startups they hope will provide the next generation of cybersecurity. All... READ MORE

Security Leaders: Time for an About-Face?

November 16, 2015  | Security News

Chief information security officers (CISOs) are under fire. According to Bloomberg BNA, both CISOs and chief information officers (CIOs) are now at risk of being named in post-breach lawsuits because these executives, "by dint of their role and purported experience, assume a fiduciary duty to the shareholders." In response, both the ideal candidates and CISO job descriptions are... READ MORE

Healthcare Cybersecurity: Time for a Checkup?

November 9, 2015  | Security News

Discussions of cybersecurity are making their way into boardrooms — but that doesn't mean C-suite executives are fully up-to-date on threats, vulnerabilities and remediation techniques. As noted by The Wall Street Journal, just 11 percent of board members surveyed in a recent National Association of Corporate Directors study claimed a "high level" of knowledge about... READ MORE

Need a Better IT Organizational Structure? There's an "I" in "IT"

October 21, 2015  | Intro to AppSec

Who's held responsible if company data is breached? According to Dark Reading, chief information security officers (CISOs) are a top pick — almost half of US CEOs and other C-suite execs say CISOs are accountable for IT security failures. But there's a problem, since only 38 percent believe CISOs should take charge of security strategy and purchasing decisions. Bottom line? This... READ MORE

Providing Business Value: The Secret Skill Set of Next-Gen CISOs?

October 20, 2015  | Managing AppSec

What skills do chief information security officers (CISOs) need to succeed? At first glance the answer seems obvious — the job title suggests a focus on safeguarding data and ensuring that corporate networks are kept safe from malicious attackers. But as noted by a new Forrester report, "Evolve To Become the 2018 CISO or Face Extinction," there's significant change going on... READ MORE

Cybersecurity in Manufacturing: Fact or Fabrication?

October 19, 2015  | Security News

Manufacturers face a significant challenge when it comes to cybersecurity. Along with the task of protecting internal network systems and trade secrets, IT professionals are also on the hook to develop defensible architecture for any Internet-enabled technology they develop and deploy. The result? Cybersecurity in manufacturing is often more fabrication than fact. According to Veracode's... READ MORE

The Security Challenges Gap: Builders vs. Defenders

September 30, 2015

Software builders and developers just can't agree. That's the takeaway from a recent SANS white paper, entitled "2015 State of Application Security: Closing The Gap." The report found that while software creators and security experts both identified three top security challenges, these challenges were completely different. In an IT world informed by rapid technology development... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu