I was recently asked why there has been a spike in incident alerts during the current month. As I gave my answer, I noticed that I was focusing on the reasons behind “why” the numbers had risen and it became apparent to me that when I explain risks, I tend to focus on the motive…
Details
Part 4: – “Full Engagement” – Bringing Value to Partnerships This is the third of a four part series. To read part one of this report click here. This series has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the objective problem your…
Details
Part 3: – “Strengthening Your Strategy” – How Do You Make the Most of Continuous Monitoring? This is the third of a four part series. To read part one of this report click here. This series has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one…
Details
Part 2: – “Knowing Your Ground” – What Conditions Create Third Party Risk? This is the second of a four part series. To read part one of this report click here. This series has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the…
Details
Part 1: – “Doing It Right” – What Problem Are You Trying to Solve? This is the first of a four part series. This series has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the objective problem your organization is trying to…
Details
The first step that self-help books suggest when a person wants to change is to perform a self- assessment. By honestly looking at yourself – the good, the bad, and the ugly – you can gain the knowledge on what direction you need to travel as you attempt to maximize the program you wish to…
Details
Some people establish organizations because they want to build something big, or want recognition. But in 2013 when I established the Philippine Institute of Cybersecurity Professionals, I was coming from a different place: Disappointment and anger. At that time I had just come back home from a security consulting stint in Spain. When I got…
Details
CISO, Delta Dental Plans Association Cybersecurity is so much about users and the vigilance of people in the organization. Understanding the underlying psychology of the organization, its culture and mindset, gives me an amazing insight that is priceless in developing cybersecurity strategies. The most useful concepts that help me at my job as CISO of…
Details
The role of the CISO has evolved greatly over the years. Over the past 20 years leading security practices across multiple industry verticals for large Fortune 500 organizations, I have observed first hand its various shifts. The natural next question is what the next phase would look like. More importantly, will the CISOs of today…
Details
by Joel Rosenblatt Director for Network and Computer Security Columbia University (Beginning January 28, Joel Rosenblatt will be moderating a group discussion on CISOs Connect. The discussion will run for two weeks and is open to all CISOs Connect members. CISOs who want to sign up may send an email to arhodes@cisosconnect.com) There’s a familiar…
Details
by Kyle F. Kennedy When you search for images under the key word “cybersecurity,” a familiar shot always turns up: a guy wearing a hoodie, operating in a dark room, fingers on a keyboard. I’d like to replace that image with…anything. To be a cybersecurity professional, you can be anything. And anyone. We’ve heard the…
Details
by Mark Rasch Google recently disclosed the fact that a vulnerability in its Google Plus configuration could have been used by hackers to expose personal information about users of the Google Plus service. (https://www.nytimes.com/2018/10/08/technology/google-plus-security-disclosure.html) Indeed, Google announced that it was shutting down the service as a result of the hack. That’s not what outraged the…
Details
