Discover PerformanceHP Software's community for IT leaders // April 2013
Boost your security with big data
Somewhere in all your data is your next security coup—or failure. Find out how to mine big data for high-def security.Power up
Take your IT team mobile—for real
Succeeding at mobile is about more than IT. It’s about people, culture, and LOB collaboration.Real moves
Hackers target mobile platforms and older avenues
HP 2012 Cyber Risk Report: Critical vulnerabilities dipped slightly, but attackers still exploit familiar vectors, as well as new ones.A risky read
Know your adversary
HP Security Research director John Pirc interviews HP Security VP Art Gilliland at RSA about what CISOs need to know to understand the people behind security threats.Watch now
Most read articles
Percentage of CIOs who viewed security as a major challenge to mobile deployments (versus 41 percent citing cost).1
Percentage of overall IT security enterprise product capabilities that will be delivered in the cloud by 2015.2
Percentage of U.S. workers who would reveal their email address to get a 50% discount on a $100 item (22% would reveal the name of the street they grew up on; 15% would reveal their mother’s maiden name).3
Q: How do you mitigate the risk from mobile application security vulnerabilities?
A: First, applications need to be manually audited and assessed before the products are launched to determine if any input injection vulnerabilities or information leakage vulnerabilities are present. … It’s much less expensive to address security vulnerabilities during development than once it has been released. Secure data transmission standards should be included as part of any application requirements, especially if those applications are being developed by third-party developers. The same is true for secure data storage and application logging. Reasonable inter-application communication exposure and permissions in application requirements should be stringently defined. These concerns should all be addressed in the requirements phase and tested during development.
—From the HP 2012 Cyber Risk Report (reg. req’d)