The Chief Information Officer (CIO) has become as important as the CEO. It’s a pivotal position that often can make or break the success of a corporation. As criminal hackers have launched various campaigns against numerous organizations, the CIO has become much more than an information officer. They are the guardian of corporate secrets, instrument of progress and the pulse of all communications and connectivity.

Securitymanagement.com recently reported the global cybersecurity market is expected to reach $120.1 billion by 2017. This is nearly twice its current size of $63.7 billion, according to a report by MarketsandMarkets, a Dallas-based research and consulting firm. The increase would represent an annual compound growth rate of 11.3 percent from 2012 to 2017.

Cyberspace is becoming an ever-important part of people’s lives. It’s also powered by a gamut of devices and applications that have made it vulnerable to threats from people and groups including students, spies, hackers, propagandists, and terrorists. Cybersecurity is also becoming an important aspect of the military realm. This has helped make battles “fought in cyberspace as imperative as battles occurring on the ground.”

As a result, as reported by CIO magazine,“the IT leader will still be the nucleus of any company, working closely with business executives and strategizing about future technology directions, leading a staff of highly trained professionals and championing streamlined technical operations. The position will still require a mix of analytical foresight and management prowess over the next decade.”

Going forward the role of the CIO will be critical not only to the organization, but to the public who does business with it and the governments who rely on it.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto.

Nearly three-quarters of Americans have never installed any type of data protection or security software on their mobile devices, leaving themselves completely open to data loss, viruses, and malware. 72% of us, to be exact, have unsecured smartphones, even as they take on an increasingly important role in our digital lives.

Update your OS: The expanding selection of mobile devices results in more complex operating systems and applications, which ultimately increases attack opportunities. One hopes that, as criminal hackers and security researchers expose new vulnerabilities, OS manufactures will role out timely updates to fix flaws.

Most OS updates require a USB connection to your Mac or PC and a desktop application that bridges the connection between your device and the manufacturer’s website. Newer OS updates can sometimes be downloaded directly to a phone through a Wi-Fi connection or your carrier’s network.

Update your applications: Just as an operating system can have a security or privacy vulnerability, so can an application. Most applications require functionality updates in order to remain compatible with OS updates. Updating an application should be fairly straightforward. Apps can usually be updated from the phone by accessing the official app store through the carrier’s network. Depending on the size of the download, a Wi-Fi connection may sometimes be necessary.

Lock your mobile device: 4-digit PINs for iPhones; or pattern recognition for Androids, are the current standard security measures. These flimsy defenses need to be updated to a more secure alternative, or at least a longer alphanumeric string, especially for the phones used for business purposes.

A very high percentage of owners lock their devices with a short PIN, and may be unaware of the alternatives to this bare minimum, such as a “non-simple” security option on the iPhone. And most PINs are weak as well as short. Five basic combinations ¾ “1234,” “0000,” “1111,” “2580,” or “0852 ¾ make up more than 10% of all PINs.

Install antivirus protection: Just like on a PC, mobile antivirus products should provide real-time protection against viruses, worms, spyware, Trojan horses, and battery-sapping malware. Adequate mobile antivirus protection guards against threats that originate via email, instant messaging, and Internet downloads. It detects data received from multiple entry and exit points, including email, instant message attachments, Internet downloads, SMS, MMS, WiFi, and Bluetooth.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. 

A 21-year-old Dutch hacker known within the online hacking community as “Fortezza” was arrested in Romania in March, and extradited to the United Statesin June.

U.S. Attorney Jenny A. Durkan, who chairs the Attorney General’s Advisory Committee on Cybercrime and Intellectual Property Enforcement, said, “This defendant has wrought havoc on victims and financial institutions around the world, this indictment alleges that in just one transaction he trafficked in as many as 44,000 stolen credit card numbers resulting in millions of dollars in losses to financial institutions. Cybercriminals need to know: We will find you and prosecute you. I commend the cyber investigators at the U.S. Secret Service Electronic Crimes Task Force and Seattle Police Department for tracking down these international criminals.”

Hackers like “Fortezza” employ a variety of methods to obtain credit card data. One technique is wardriving, in which criminals hack into wireless networks and install spyware. Another is phishing, in which spoofed emails prompt the victim to enter account information. “Smishing” is similar to phishing, but with text messages instead of emails. Some hackers use keylogging software to spy on victims’ PCs, while others affix devices to the faces of ATMs and gas pumps in order to skim credit and debit card data.

All this stolen data is ultimately used to steal from financial institutions, which lose $40 billion a year to credit card fraud, and from retailers. These business fraud targets must employ multiple layers of protection to thwart cybercriminals.

One layer that businesses put upfront in their fraud detection process is based on device intelligence—what that device is doing right now on the site, and what fraud or abuse that device has caused with other businesses, even in other geographies. The leader in device identification technology is iovation, and they offer a fraud prevention service that allows online businesses to create customized business rules for identifying potentially risky transactions, and those rules can be adjusted on the fly as new threats emerge.

Robert Siciliano, personal security and identity theft expert contributor to iovation.

A mobile device is an indispensible extension of your life, containing some of your most private conversations and confidential information. It’s your phone book, email, photo album, social life, and even your wallet, all rolled into one device. Chances are if you own a smartphone or tablet, it is connected to your money or financial accounts. For many, it’s like a right hand (or in my case, left hand), so it’s essential to secure your device and the information it holds.

The phone is moving in to replace the PC for the next generation. Carriers are increasing network speeds, cutting download time in half, and new phones have capacities of up to 64 GB ¾ that’s more hard drive space than my three-year-old laptop.

Software application developers are responding to this shift by focusing primarily on mobile devices, with PCs demoted to a secondary consideration. And as with any major transition to a new technology, the uncertainty and newness fosters a perfect opportunity for scammers to launch attacks.

In McAfee Labs’ report, “Securing Mobile Devices: Present and Future,” Dr. Igor Muttik states, “Despite steady progress in securing desktop computers—using safer hardware, operating systems, and applications—malware is not going extinct. With today’s explosive proliferation of smartphones, tablet computers, and other mobile devices, we have to wonder whether our pocket devices can also be secured. We might assume from our extensive knowledge in protecting desktop computers that the new wave of mobile hardware should be relatively secure because we shall benefit from the lessons we have already learned.” But so far, many have neglected to consider the security of their mobile devices.

As new tablets and smartphones are released, along with thousands of new mobile applications, hackers are working to create bugs and viruses that modify the legitimate software industry’s processes. The burgeoning ubiquity of these mobile devices offers criminals the same sorts of possibilities today that they found in PCs several years ago.

Only download mobile payment applications from a reputable app store. Check user reviews of the app and make sure to read to app’s privacy policy on what data of yours it is accessing and sharing.

Don’t do any mobile transactions over unsecured Wi-Fi connection. It’s much more secure to use your mobile data network.

Keep your mobile software current. This includes the latest updates for your operating system, mobile browser and mobile security software

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. 

As summer heats up, so does mobile payment  – a hot topic between major credit card companies, mobile carriers, and mobile manufacturers.

First, to give you some perspective, let’s cool down and cite some statistics from November of last year, when “Cyber Monday” was the most successful ever; and mobile purchases skyrocketed on Black Friday. U.S. shoppers made nearly two and a half times as many purchases through eBay Mobile on Black Friday 2011 compared to 2010, U.S. mobile sales were up 234% overall, and Paypal Mobile reported a global increase of 516% from Black Friday 2010 to 2011. Naturally, marketers and advertisers are now positioning themselves for a 2012 “Mobile Tuesday.”

This spring, at the London 2012 Olympics, Samsung introduced a new mobile payments system in collaboration with Visa. Near-field communication technology is taking a leap forward in the form of the Samsung GALAXY S III with mobile contactless payments.  With Visa’s payWave service, users can pay for a purchase by tapping a button on the phone and then holding it to a contactless payment terminal. 

Meanwhile, Wired reports that Isis, a mobile payment system developed by AT&T, T-Mobile, and Verizon, has reached agreements with a number of major retailers including Coca-Cola, Food Locker, and Macy’s to implement their system in stores nationwide later this year. Google Wallet works at hundreds of MasterCard terminals, found in locations like Macy’s, Toys “R” Us, and Old Navy, but for now, the service is only available through Sprint, on four devices (not including the iPhone). And now, Apple has come up with Passbook, an elegantly simple new app for iOS 6 that works with retailer’s existing apps and QR codes rather than NFC technology.

It’s tough to say which will come out on top. We’ve been there before – remember  Betamax versus VHS and HD DVD versus Blu-ray?

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. 

There are some things in life that require a “professional” to get the job done properly. You wouldn’t let your cousin Larry who’s a landscaper reset a broken bone in your hand right? You can certainly go to a hardware store and buy all the wood to build a deck, but just because you know how to swing a hammer doesn’t mean the deck will be safe, or even up to code.

Frankly, I’m a big time “DIY” or Do it Yourselfer” and take on most tasks myself. However, some things I know are beyond my expertise and I usually hire someone to do those tasks. So even though painting my house is a relatively simple task, I hire someone because they often get it done faster, better and cheaper than I can do it myself.

With technology I hire out for many tasks because some things can be done much better and more efficiently by a recognized expert. When I first started computing in the early 90’s I was on the phone with tech support all the time and learned an awful lot from these experts. Just figuring out how to use your new device can be challenging. So why not leave the process of getting your new devices to work with your existing ones, setting up connections, printers, etc. to someone else?

Consider getting help with tedious tasks such as:

Configuring your device out of the box

Customizing your desktop, screensaver, icons, profile picture, folders and tasks

Setting up your browser, homepage, bookmarks, and optimize the security settings

Creating user accounts

Installing all your software

Setting up printers and scanners

Configuring your email

One thing I learned is that even though I have a general working knowledge of technology, like painting, sometimes it’s easier to have the experts do the job. You’ll save yourself a ton of time and reduce headaches over the life of the device if you hire a professional to walk you through setting it up. Check out McAfee TechMaster Services which can help you with all this and more!

Robert Siciliano is an Online Security Evangelist to McAfee. 

You may have heard the term jailbreaking or rooting in regards to your mobile phone, but what is this and what does it really mean for you?

Jailbreaking is the process of removing the limitations imposed by Apple and associated carriers on devices running the iOS operating system. To “jailbreak” means to allow the phone’s owner to gain full access to the root of the operating system and access all the features. Similar to jailbreaking, “rooting” is the term for the process of removing the limitations on a mobile or tablet running the Android operating system.

Jailbroken phones came into the mainstream when Apple first released their iPhone and it was only on AT&T’s network. Users who wanted to use an iPhone with other carriers were not able to unless they had a jailbroken iPhone.

By hacking your device, you can potentially open security holes that may have not been readily apparent, or undermine the device’s built-in security measures. Jailbroken and rooted phones are much more susceptible to viruses and malware because users can avoid Apple and Google application vetting processes that help ensure users download virus-free apps.

It is inevitable that over the next few years, as millions of smartphones replace handhelds, laptops, and desktop PCs, and billions of applications are downloaded—risks of mobile crime will rise. Not only do you need to stay educated about the latest threat and scams, you should also make sure you have comprehensive mobile security installed on your mobile device.

And remember, jailbreaking or rooting your mobile device can open you up to security risks that don’t make it worth doing so.

Robert Siciliano is an Online Security Evangelist to McAfee.