News and Events

March 24, 2015

Smart Devices Pose Dumb Security Risks

Someone has to take responsibility for the security and privacy issues attendant to the Internet of Things. In this guest essay posted on ThirdCertainty, George Japak, managing director of ICSA Labs, a vendor-neutral testing and certification organization, outlines who that should be.

January 30, 2015

ICSA Labs Certified Products - January 2015

Congratulations to Barracuda Networks, Cyberoam Technologies, F5 Networks, MicroWorld Technologies and Sophos!

October 30, 2014

Q&A: George Japak of ICSA Labs Offers Advice around NCSA Month

George Japak, managing director of ICSA Labs and Verizon’s HIPAA security officer, discusses his thoughts on NCSA month and offers important advice to help enterprises and consumers stay vigilant when it comes to cybersecurity.

May 15, 2014

ICSA Labs new certification option - Malicious URL testing module

To address these evolutionary threats, ICSA Labs is introducing a new certification option, the Malicious URL Testing module.

November 21, 2013


One of my friends recently received an alert from her sheriff’s office, warning her about something called Cryptolocker. The language in the alert was quite alarming, and she wanted my opinion.

August 12, 2013

The Age Of Enterprise Malware (A.k.a APT vs AFT)

Over the weekend, however, came the “revelation” that the FBI was using exploits and malware that they’d developed themselves to catch Bad Guys...

June 20, 2013

Infosecurity Professional - Interview with George Japak

George Japak, managing director of ICSA Labs, discusses testing, certification and security challenges in a Q&A interview with Infosecurity Professional's Joyce Chutchian.

May 20, 2013

Lessons from the latest Mac malware

Given that an organization of one is about the smallest SMB you could find, it is clear that any person or group that has valuable enough information, or who makes someone mad enough, can be targeted by organizations with either the resources to write a 0-day exploit, or steal some legitimate code signing ability.

April 25, 2013

Assume You’re Breached

The Verizon DBIR came out today, and, as usual, it’s full of interesting favorite sentence was in the opening paragraph. It said, “A growing segment of the security community adopted an “assume you’re breached” mentality.”

March 11, 2013

Windows 8

One other feature in Windows 8 is built in anti-malware protection...