The Silver Lining of an Intense Security Week
As security practitioners, we know that nary a day goes by when our schedule for the day (or week) goes as planned. There is always an alert to address, an…
DetailsThe Time for F.U.D. is Over… Long Live F.U.D…
I’ve been known to say that ‘I’ve been in InfoSec since before it was cool.’ After 20 years of being on the front lines, first as a consultant, then as…
DetailsThe Point Beside the Point
If we live in a data-centric world, it is still true that data are more immediate for some than for others. To use one individual as an example: by the…
DetailsWhy Is Everything Turning Into a Reality TV Show?
Someone recently pointed out an article to me: ‘Big 12 beats Ivy League – in cybersecurity’ I didn’t realize that there was a competition between schools as to who does…
DetailsBig Data And Us Little People
The last series I wrote for securitycurrent dealt with principles of data security and privacy. Many authorities charged with enforcing data protection accept the principles. They are based on the idea that…
DetailsAre CISOs Better Off When They Think Like Security Entrepreneurs?
Recently I have begun to think about the strengths that make a good CISO. Some of those include technical understanding, business acumen, strategic vision, collaborative mindset, risk management mindset, and…
DetailsThanks for the CISO Recognition (I think)
Most of you reading this are security practitioners, and I can safely assume that each of you has discussed this topic at conferences and airports for years: Is our role…
DetailsAdvice for the Incoming CISO of Target
There is no task more difficult for a CISO than stepping into that role at a large organization that has never had a CISO and has recently experienced a devastating…
DetailsWhen is it a Breach?
One of the most difficult decisions a CISO has to make is the one that says the organization suffered a data breach. A data breach starts a chain of events…
DetailsCISOs as Rock Stars. Really?
Life as a Chief Information Security Officer can oftentimes be hard on the ego. It is surely one career in which it is easy to fall in to an identity…
DetailsHeartbeat, Heartbleed or Heartache?
You almost have to be on some deserted island with no Internet access to have not heard about the OpenSSL Heartbleed vulnerability. This vulnerability is very serious and pervasive because…
DetailsWhy I Hate Phishing
Thursday, April 18 started out as a normal day (except for all of the Heartbleed hubbub), that was, until we realized that the University had been hit with about 32K…
Details