There were two security incidents over the past week that drew a lot of attention. The first was the ransomware attack against Medstar, a health system based out of Columbia, MD. The second, which received less publicity, was the Neo-Nazi propaganda sent out by infamous Internet troll Weev to publicly accessible printers across the Internet. Out…
DetailsI tell users all the time “Forget everything you learned in Kindergarten.” It always gets a laugh, gets their attention and gets my point across. It’s not nice to share (your password). Secrets are really ok (your IP address). Not only should you not take candy from strangers, you should not take strange candy from…
DetailsWe are seeing that in quite a few organizations the Chief Information Security Officer (CISO) role is going through a period of transition. Leading organizations that didn’t have a CISO role are now actively scoping the responsibilities of this role. To date, the security budget often remains a fraction of total IT spend, and a…
DetailsIn this series, Grace Crickette provides C-Level executives a comprehensive overview of cyber insurance, while addressing business impacts and offering best practices for implementing a risk-management strategy that includes a cyber-liability policy. Part Two: A Very Brief History of Insurance and Coffee Houses Coffee houses or cafés have served as centers of social interaction for patrons…
DetailsRSA Conference 2016 was a great opportunity to connect with the expansive and expanding world of information security. Just like the threat landscape is continuously changing, so is the landscape of security technology and solution providers to help combat this growing risk. Initially, I was shocked by the volume of people attending the conference. However,…
DetailsRSA provides great opportunities for the CISO to learn in a compressed and diverse way to help further the implementation and management of their IT Security Programs. My goal this year was to look for guidance that didn’t focus on the old view of aligning the IT Security Program with the business. Mostly this message had the IT Security Program engaging in technical security with a goal of not upsetting business leaders. I was looking for sessions that…
DetailsI guess it’s time to admit that I might be getting older. When will the adults of the world take back the media and create a Bull S*** rating system. We have a rating system for movies: “Rated PG: Parental guidance suggested – some material may not be suitable for children. Rated PG-13: Parents strongly cautioned…
DetailsIn this five-part series CISO Brian Lozada examines the state of cybersecurity in our nation’s critical infrastructure, what is at risk, what makes it unique and what measures can be taken to bolster its safeguards. Review of the first four installments In the first article in this series, I addressed the growing possibility of cyberwarfare. Many…
DetailsRSA Conference week can be overwhelming from a scheduling standpoint. Between conference sessions, vendor meetings and unlimited networking opportunities, a CISO’s time is in short supply and high demand. Below, seasoned CISOs share their personal best practices for managing time, maximizing value and making the most of the RSA Conference experience. For more in-depth insight, read…
DetailsLook, let’s be frank – the week of the RSA Conference is a scheduling nightmare. On easy days it takes effort to manage, and on difficult days it’s completely unwieldy. There are more sessions, activities, keynotes, networking events and ancillary get-togethers than you can possibly imagine, both in and around the actual conference. With the…
DetailsIn 2015, I was tasked with creating and delivering a security curriculum for “any takers” from within our 1200+ global innovation organization at Pitney Bowes. This was part of a continuous learning initiative that included 10 different key technologies for Pitney Bowes. Our approach was to utilize in-house experts to lead each technology topic, and…
DetailsClose your eyes and imagine you are standing in the middle of a car dealership showroom floor. What feelings and emotions are invoked? Do you feel stress, anger, hesitation, nauseated and a ton of other negative sentiments? If so, why do you think this is? I believe it is because most everyone has had a…
Details