Global CSO of TikTok Roland Cloutier speaks with David Cass, VP of Cyber & IT Risk at the Federal Reserve Bank of New York (*any opinions David expresses are his own opinions and don’t represent the Federal Reserve Bank of New York or the Federal Reserve System). A seasoned executive, Roland provides guidance on being…
Details
by Angel T. Redoble* and Francisco Ashley L. Acedillo** Introduction In May 2019, a Chinese government-sponsored hacking group was reported to be targeting unidentified entities across the Philippines. By year’s end 2019, the Philippines was ranked number 12 among the top 20 countries where users face the greatest risk of online infection. One anti-malware company…
Many professions have formal apprentice or internship programs that allow junior employees to learn on the job under the tutelage of an experienced master. CISOs don’t have the luxury of a structured activity but many times they do have the advantage of working for someone who can set an example and provide a path that…
CISO Colin Anderson of Levi Strauss speaks with David Cass, VP of Cyber & IT Risk at the Federal Reserve Bank of New York (*any opinions he expresses are his own opinions and don’t represent the Federal Reserve Bank of New York or the Federal Reserve System). Colin discusses how Levi Strauss is putting people…
What impact has the COVID-19 pandemic had on the security of organizations that have now by and large had to quickly migrate to a remote workforce? David Cass, VP of Cyber & IT Risk at the Federal Reserve Bank of New York (*any opinions he expresses are his own opinions and don’t represent the…
When you “access” a website, what are you authorized to do? And how would you know what is “authorized?” The federal Computer Fraud and Abuse Act, 18 USC 1030 makes it a crime to “access” a “computer” “without authorization,” and further makes it a crime to “exceed authorization” to access a computer. Courts and computer…
A few years ago, Apple began pushing “two-factor” authentication on its users. Through an update in the Operating System, they began to require those who wanted to download and install software to, in addition to providing a password, use a separate out-of-band authentication mechanism. While such 2FA systems are not perfect, and those which rely…
Andrew Skelton was a senior auditor in the internal audit department of UK supermarket chain Morrisons. In July, 2013, Skelton was scolded by Morrisons for some minor misconduct. To get even, Skelton leaked payroll, banking and other data about 126,000 Morrisons employees first to an online accessible website, and then to several newspapers. The breach, forensics,…
