Ransomware in Healthcare – Strategies for Protecting the Enterprise – Part Three

In this three-part series, Academic Health Care CISO Mitch Parker shares his insights on ransomware, incident response and best practices for building a world class prevention program. Read parts one and two. As I mentioned in my previous articles on ransomware, I have spoken at numerous industry conferences and discussed the growing threat of ransomware with many…

Details

The Human Element of Incident Response – Part Three

There is an extraordinary amount of money and time spent on detection and response relative to cybersecurity, and much of this conversation is technology focused.  In this series of articles, DocuSign CISO Vanessa Pegueros explores a different aspect of incident response — the human being. She asserts that people ultimately orchestrate incident response and the…

Details

The Human Element of Incident Response – Part Two

There is an extraordinary amount of money and time spent on detection and response relative to cybersecurity, and much of this conversation is technology focused.  In this series of articles, DocuSign CISO Vanessa Pegueros explores a different aspect of incident response — the human being. She asserts that people ultimately orchestrate incident response and the…

Details

The Army of Things

By now, you’re probably well aware of the fate recently befallen on the Brian Krebs site KrebsOnSecurity.com.  A Distributed Denial of Service (DDoS) attack in excess of 620/Gbps caused such a strain on one of the world’s largest DDoS protection services, that Krebs asked that his site fundamentally be black-holed until the storm passed. What…

Details

Ransomware in Healthcare – Strategies for Protecting the Enterprise – Part Two

In this three-part series, Academic Healthcare CISO Mitch Parker shares his insights on ransomware, incident response and best practices for building a world-class prevention program. Read part one. As a preamble to this list of key considerations and best practices, let me first say that all organizations should plan to be attacked.  While there may…

Details

Beyond Security and Privacy…A CISO’s Influence on the Ethical Use of Data

This article is based on the closing keynote remarks I delivered at the IQPC Cybersecurity in Higher Education Conference in March 2016.  This is one higher education CISO’s viewpoint of issues, interactions and risk that exists at the intersection between security and privacy.  The University of Wisconsin (UW) – Madison is the flagship campus in…

Details

The Human Element of Incident Response – Part One

There is an extraordinary amount of money and time spent on detection and response relative to cybersecurity, and much of this conversation is technology focused.  In this series of articles, DocuSign CISO Vanessa Pegueros explores a different aspect of incident response — the human being. She asserts that people ultimately orchestrate incident response and the…

Details

Ransomware in Healthcare – Strategies for Protecting the Enterprise – Part One

In this three-part series, Academic Health care CISO Mitch Parker shares his insights on ransomware, incident response and best practices for building a world class prevention program. Ransomware has been the buzzword du jour for the past year in computer security.  This mostly unsophisticated attack type uses deception and already-existing means of communication to destroy…

Details

Will Corporate Security Models Move Toward the EDU Security Model?

No network is impenetrable, a reality that business executives and security professionals alike must accept. The traditional perimeter focused approach to cybersecurity has often failed to prevent intrusions, especially in an application-focused paradigm. While prevention is crucial, timely incident detection of anomalous behaviors for data ex-filtration are key. Continuous monitoring assumes the attackers are already…

Details