WHAT DOES THE FUTURE LOOK LIKE? CAN WE ACTUALLY PREDICT THE FUTURE? As a person who regularly makes predictions would tell us, the past is an important tool in determining what will happen in the future. Past experiences can be collected in the form of data to calculate probabilities of certain events happening in the future. In the world of business, correctly seeing…
DetailsIn this two-part series, CISO Anthony Scarola examines the elevated threats for both shoppers and financial institutions during the holiday season and offers best practices for ensuring your enterprise is protected during the time of increased risk. Read Part One here. Part Two Besides the required risk assessment and documentation efforts outlined in the first article in…
DetailsAccording to the internetretailer.com, holiday sales are up 15%-16% this year online, but down 4.7%-10% instore. If I were in the identity theft business, I would have a hard time containing my excitement. Last year, my Holiday article was all about various hacks and scams that always seem to increase around this time of the…
DetailsIn this two-part series, CISO Anthony Scarola examines the elevated threats for both shoppers and financial institutions during the holiday season and offers best practices for ensuring your enterprise is protected during the time of increased risk. Ho, Ho, Ho! Happy Holidays to the security executive protecting banks across the US! Are you ready for…
DetailsIn the third and final installment of my Open Letter to Vendors, we’re going to take a look the technology challenges that many vendors overlook. This isn’t about the bits and bytes, but rather around the considerations we face when looking for a solution and the challenges we confront when it comes to implementation. So,…
DetailsFocus is over-rated when you’re starting out. The original idea for my presentation at The Privacy & Security Forum in Washington, D.C. was to talk exclusively on how security controls relate to the frameworks that sweep them up and organize them. It was to be “how controls become a framework” in the spirit of the…
DetailsIn today’s Internet of Things (IoT) world, every device can communicate and be connected to the Internet – from your refrigerator to your lights and cars. IoT’s glitter is often dimmed by legitimate security concerns. Just as the power of this new technology can make our lives easier and immensely more delightful, IoT put into…
DetailsIn Part I, I gave you some food for thought about getting your message out there in a clean, crisp, and concise way. In the second installment of my Open Letter to Vendors, we’re going to take a trip to the magical and mystical island of InfoSec Land, where sales are based on trust and…
DetailsPrivacy folks and security folks were finally intermingling by design and not by accident or through one or the other being adventurous. I’m a huge proponent of the two being intermingled (my post Security and Privacy walk into a bar is an example). So I was glad to attend the inaugural Privacy & Security Forum…
DetailsAll financial institutions and retailers are looking for solutions to protect credit card and other sensitive data from the moment the magnetic stripe of the payment card is swiped through to the end of the payment processing cycle. The current end-to-end encryption solutions between the merchant system (point of sale or POS device) and the…
DetailsAs a CISO or an executive responsible for the Information Security organization at your company, one thing that you ought to keep in real focus is the Silo Effect. Be conscious of it, work against it, and prevent it from derailing your vision and longevity! So what is the Silo Effect? It’s when departments do…
DetailsBy now most of us have heard of the phrase kill chain. For those of you that haven’t heard of it, the kill chain is a phase-based model used to describe the stages of a data breach attack. The goal is to break the attack chain by using the appropriate level of key controls for…
Details