16 World Renowned IT Security Experts Provide Their Website Security Tips and What You Should NEVER Do

May 5, 2015

originally published on 4-15-15

Tip from Paul Roberts, Editor-In-Chief at The Security Ledger and Contributor to CSM: Passcode - who also moderated the 2014 ACSC Conference Plenary Session

Beware of your third-party partners

As the founder and editor-in-chief at the Security Ledger, Paul Roberts has been writing about hacks, cyber attacks and the security industry in general, for over a decade.

Roberts can sum up his top security tip in just three characters “2FA (two factor authentication).” Roberts describes this as “the most effective, lowest cost way to protect your web site against compromise.” He went on to explain, “despite the media’s fixation on sophisticated, super stealthy hacks, most successful cyber attacks on websites and Web applications go through the front door. It’s not perfect, but it raises the bar significantly for would be attackers – and that may be enough to get them to look elsewhere and leave your site alone.”

Having owned and operated his own security news and analysis website for the last several years, Roberts believes the biggest mistake website owners make is “allowing third parties access to their site or their customers without first vetting the company, its technology and its business model. Malicious (or just suspicious) ad networks abound and can easily turn your site into a malware spewing mess, putting your readers and your reputation at risk.’ He adds, “you are your site. Treat it accordingly. ”

Read more expert tips