Cut the FUD: Four Reasons Cloud Brings Security Advantages

At the risk of being ‘voted off CISO island’ or worse, ‘lose my CISO card,’ I’m prepared to make an argument contrary to the popular opinions expressed by many of my fellow CISOs. I believe cloud-based migrations can actually bring several security advantages for certain organizations and especially SMBs. I find it surprising that so…

Details

Never Say Never: US & EU Come to Agreement on New Framework

My mom always told me to never say never, so it’s a good thing I didn’t say it in my previous article. Although technically the deadline was January 31, there was a very remote possibility of a last minute agreement as the negotiations continued between the U.S. and the European Commission regarding the future of…

Details

As We Reach the End of the Voyage for Safe Harbor What are US Companies To Do?

The deadline for the U.S. and European Union (EU) to come to an agreement on the future of Safe Harbor, which governs transatlantic data transfers, passed on January 31. Although it is difficult to speculate what a revised agreement would look like, it potentially would no longer permit self-certification and may require some type of…

Details

10 CISOs Say Passwords are Failing and Must be Augmented or Supplanted

Ten CISOs from across industries weigh in on the effectiveness of passwords, with most predicting that the days are numbered for the password as the sole authentication method. They see enterprises moving to augment or supplant the traditional password with advanced technologies, such as biometrics. Read their insights here: Frank Bradshaw Valley Health CISO The days…

Details

Elevating Security Through Cross-Sector Information Sharing & Collaboration

The security landscape is ever evolving and with each new threat comes an even stronger need to work together as an industry in order to elevate information security and stay ahead of malicious actors. Public and semi-public agencies have long been collaborative in sharing their concerns, experiences, and solutions to meet cybersecurity threats. They share…

Details

Making Insurance Part of Your Enterprise Risk Management Program – Part One

In this series, Grace Crickette provides C-Level excutives a comprehensive overview of cyber insurance, while addressing business impacts and offering best practices for implementing a risk-management strategy that includes a cyber-liability policy. Part One The role of the CISO is expanding, shifting from a focus on information security programs to a holistic risk management approach. Necessary…

Details

An Assessment of the Framework for Improving Critical Infrastructure Cybersecurity – Part 3

In this five-part series CISO Brian Lozada examines the state of cybersecurity in our nation’s critical infrastructure, what is at risk, what makes it unique and what measures can be taken to bolster its safeguards. Read Part One Read Part Two Read Part Four In the second article, I more closely examined these evolving threats, the…

Details

The Sanders-Clinton Data Brouhaha: It is Not About Privacy and All About Identity

In August of 2010, Huping Zhou who had served as a researcher at the UCLA School of Medicine and had since been terminated, was sentenced to jail time for inappropriately looking at the medical records of his immediate supervisor and some notable celebrities including Drew Barrymore, Arnold Schwarzenegger, Tom Hanks, and Leonardo DiCaprio. He had…

Details