RSA Conference 2016 – Real-world Metrics, Security Shark Tank and Other Important Highlights

RSA Conference 2016 was a great opportunity to connect with the expansive and expanding world of information security. Just like the threat landscape is continuously changing, so is the landscape of security technology and solution providers to help combat this growing risk. Initially, I was shocked by the volume of people attending the conference. However,…

Details

RSA Conference 2016 Highlights – IT Security as a True Part of the Business

RSA provides great opportunities for the CISO to learn in a compressed and diverse way to help further the implementation and management of their IT Security Programs. My goal this year was to look for guidance that didn’t focus on the old view of aligning the IT Security Program with the business. Mostly this message had the IT Security Program engaging in technical security with a goal of not upsetting business leaders. I was looking for sessions that…

Details

First Sharknados, Now Cyber Pathogens – What’s Next?

I guess it’s time to admit that I might be getting older.  When will the adults of the world take back the media and create a Bull S*** rating system.  We have a rating system for movies: “Rated PG: Parental guidance suggested – some material may not be suitable for children. Rated PG-13: Parents strongly cautioned…

Details

An Assessment of the Framework for Improving Critical Infrastructure Cybersecurity – Part 5

In this five-part series CISO Brian Lozada examines the state of cybersecurity in our nation’s critical infrastructure, what is at risk, what makes it unique and what measures can be taken to bolster its safeguards. Review of the first four installments In the first article in this series, I addressed the growing possibility of cyberwarfare. Many…

Details

CISOs Offer Tips, Share Experiences for Navigating the RSA Conference Week

RSA Conference week can be overwhelming from a scheduling standpoint. Between conference sessions, vendor meetings and unlimited networking opportunities, a CISO’s time is in short supply and high demand. Below, seasoned CISOs share their personal best practices for managing time, maximizing value and making the most of the RSA Conference experience. For more in-depth insight, read…

Details

A CISO’s Guide to RSA Conference 2016

Look, let’s be frank – the week of the RSA Conference is a scheduling nightmare. On easy days it takes effort to manage, and on difficult days it’s completely unwieldy. There are more sessions, activities, keynotes, networking events and ancillary get-togethers than you can possibly imagine, both in and around the actual conference. With the…

Details

Better than Expected Results: Security Training for Developers in a Large Enterprise

In 2015, I was tasked with creating and delivering a security curriculum for “any takers” from within our 1200+ global innovation organization at Pitney Bowes. This was part of a continuous learning initiative that included 10 different key technologies for Pitney Bowes. Our approach was to utilize in-house experts to lead each technology topic, and…

Details

An Assessment of the Framework for Improving Critical Infrastructure Cybersecurity – Part 4

In this five-part series CISO Brian Lozada examines the state of cybersecurity in our nation’s critical infrastructure, what is at risk, what makes it unique and what measures can be taken to bolster its safeguards.  Read Part One Read Part Two Read Part Three In my last article, I reviewed past initiatives to secure the nation’s…

Details