Conducting Organizational Information Security Assessments
The first step that self-help books suggest when a person wants to change is to perform a self- assessment. By honestly looking at yourself – the good, the bad, and…
Details
Don’t look for talent. Create it instead.
Some people establish organizations because they want to build something big, or want recognition. But in 2013 when I established the Philippine Institute of Cybersecurity Professionals, I was coming from…
Details
OD in cybersecurity
CISO, Delta Dental Plans Association Cybersecurity is so much about users and the vigilance of people in the organization. Understanding the underlying psychology of the organization, its culture and mindset,…
Details
A Road Map for CISOs
The role of the CISO has evolved greatly over the years. Over the past 20 years leading security practices across multiple industry verticals for large Fortune 500 organizations, I have…
Details
Log-ical Benefits: Why Logs Are a Treasure Trove of Information
by Joel Rosenblatt Director for Network and Computer Security Columbia University (Beginning January 28, Joel Rosenblatt will be moderating a group discussion on CISOs Connect. The discussion will run for…
Details
Stories, not resumes: Breaking educational and other barriers in cybersecurity
by Kyle F. Kennedy When you search for images under the key word “cybersecurity,” a familiar shot always turns up: a guy wearing a hoodie, operating in a dark room,…
Details
A Modest Proposal to Eliminate (or Modify) Breach Disclosure Laws
by Mark Rasch Google recently disclosed the fact that a vulnerability in its Google Plus configuration could have been used by hackers to expose personal information about users of the…
Details
Darren Death: Developing a business continuity plan – and sticking to it
It is standard business practice for organizations to have a contingency plan after acknowledging the various threats and risks that it faces. Having a plan in place, however, is not…
Details
The Attacks of the Future
What might the most damaging attacks of the future look like? The answer to the question may lie somewhere between the known patterns that attackers have established over the years,…
Details
How to Get Everyone Attuned to Cybersecurity: Ways to Raise Security Awareness
Your organization’s security stance must be supported by everyone in the company, every day, in all that they do. However, people are focused on their jobs, not necessarily on security.…
Details
People, Process and Technology: Tips for Strengthening the Three Pillars of a Highly Effective Security Program
Did you know you need just three resources to build a highly effective security program? It’s true. Your success will be highly contingent upon how you leverage people, process and…
Details
Healthcare Ransomware Attacks – Don’t Be Part of the Statistics
In 2017, six of the top ten HIPAA breaches reported to the U.S. Department of Health and Human Services (HHS) stemmed from ransomware.[1] In a typical ransomware attack, important data…
Details