Since ancient times, passwords have been used as a form of identity. Passwords offered the ability to validate someone based on something supposedly known only by the individual or group. However, the days of the password serving as a viable method of identification are behind us. Anyone can “steal” a password. Once you gain someone’s…
DetailsAt the risk of being ‘voted off CISO island’ or worse, ‘lose my CISO card,’ I’m prepared to make an argument contrary to the popular opinions expressed by many of my fellow CISOs. I believe cloud-based migrations can actually bring several security advantages for certain organizations and especially SMBs. I find it surprising that so…
DetailsMy mom always told me to never say never, so it’s a good thing I didn’t say it in my previous article. Although technically the deadline was January 31, there was a very remote possibility of a last minute agreement as the negotiations continued between the U.S. and the European Commission regarding the future of…
DetailsThe deadline for the U.S. and European Union (EU) to come to an agreement on the future of Safe Harbor, which governs transatlantic data transfers, passed on January 31. Although it is difficult to speculate what a revised agreement would look like, it potentially would no longer permit self-certification and may require some type of…
DetailsTen CISOs from across industries weigh in on the effectiveness of passwords, with most predicting that the days are numbered for the password as the sole authentication method. They see enterprises moving to augment or supplant the traditional password with advanced technologies, such as biometrics. Read their insights here: Frank Bradshaw Valley Health CISO The days…
DetailsRecall these 2 famous quotes: “The horse is here to stay but the automobile is only a novelty – a fad.” Michigan Savings Bank president advising Henry Ford’s lawyer, Horace Rackham, not to invest in Ford Motor Company (1903). “There is no reason anyone would want a computer in their home.” Ken Olson, president, chairman…
DetailsIn the insurance business, it’s all about the “policy,” and finding the right policy is akin to modern day horse trading. It’s important to understand the specifics of your coverage in order to ensure there are no gaps that could surprise you later. The latest insurance product to hit the market is cyber insurance, and…
DetailsThe security landscape is ever evolving and with each new threat comes an even stronger need to work together as an industry in order to elevate information security and stay ahead of malicious actors. Public and semi-public agencies have long been collaborative in sharing their concerns, experiences, and solutions to meet cybersecurity threats. They share…
DetailsIn this series, Grace Crickette provides C-Level excutives a comprehensive overview of cyber insurance, while addressing business impacts and offering best practices for implementing a risk-management strategy that includes a cyber-liability policy. Part One The role of the CISO is expanding, shifting from a focus on information security programs to a holistic risk management approach. Necessary…
DetailsIn this five-part series CISO Brian Lozada examines the state of cybersecurity in our nation’s critical infrastructure, what is at risk, what makes it unique and what measures can be taken to bolster its safeguards. Read Part One Read Part Two Read Part Four In the second article, I more closely examined these evolving threats, the…
DetailsIn August of 2010, Huping Zhou who had served as a researcher at the UCLA School of Medicine and had since been terminated, was sentenced to jail time for inappropriately looking at the medical records of his immediate supervisor and some notable celebrities including Drew Barrymore, Arnold Schwarzenegger, Tom Hanks, and Leonardo DiCaprio. He had…
DetailsI recently sat on a panel with fellow security executives to discuss the general topic of innovating as a CISO. Unsurprising and somewhat understandable, the conversation quickly devolved and topics covered included RSA’s Innovation Sandbox, the large number of startups CISOs visit at RSA each year and how many trips CISOs make to Silicon Valley…
Details