Healthcare CISOs Talk About Supporting Frontline and Remote Medical Workers Leading healthcare CISOs discuss the unique challenges they face as they support frontline and remote medical workers as well as the myriad of other personnel. Everyone doing their utmost during these unprecedented times to save lives. They talk about facilitating and securing a diverse workforce,…
Global CSO of TikTok Roland Cloutier speaks with David Cass, VP of Cyber & IT Risk at the Federal Reserve Bank of New York (*any opinions David expresses are his own opinions and don’t represent the Federal Reserve Bank of New York or the Federal Reserve System). A seasoned executive, Roland provides guidance on being…
Details
by Angel T. Redoble* and Francisco Ashley L. Acedillo** Introduction In May 2019, a Chinese government-sponsored hacking group was reported to be targeting unidentified entities across the Philippines. By year’s end 2019, the Philippines was ranked number 12 among the top 20 countries where users face the greatest risk of online infection. One anti-malware company…
Many professions have formal apprentice or internship programs that allow junior employees to learn on the job under the tutelage of an experienced master. CISOs don’t have the luxury of a structured activity but many times they do have the advantage of working for someone who can set an example and provide a path that…
What impact has the COVID-19 pandemic had on the security of organizations that have now by and large had to quickly migrate to a remote workforce? David Cass, VP of Cyber & IT Risk at the Federal Reserve Bank of New York (*any opinions he expresses are his own opinions and don’t represent the…
When you “access” a website, what are you authorized to do? And how would you know what is “authorized?” The federal Computer Fraud and Abuse Act, 18 USC 1030 makes it a crime to “access” a “computer” “without authorization,” and further makes it a crime to “exceed authorization” to access a computer. Courts and computer…
A few years ago, Apple began pushing “two-factor” authentication on its users. Through an update in the Operating System, they began to require those who wanted to download and install software to, in addition to providing a password, use a separate out-of-band authentication mechanism. While such 2FA systems are not perfect, and those which rely…
Cyber Security is NOT about cybersecurity. It’s not about compliance with regulations. At the end of the day, cyber security is about identifying and managing risks. Risks associated with the use and misuse of technology. Risks associated with failing to protect data. Risks associated with doing too little. And risks associated with doing too much.…
