The Best Security Control You Never Use
Consider for a moment the business lines that drive your company’s revenue. If the president of that business unit had an 85% assurance that a new business venture would be…
DetailsCISO Advises Enterprises on How to Combat Latest Printer-based Attacks
There were two security incidents over the past week that drew a lot of attention. The first was the ransomware attack against Medstar, a health system based out of Columbia, MD.…
DetailsWhat Would Harold Do?
I tell users all the time “Forget everything you learned in Kindergarten.” It always gets a laugh, gets their attention and gets my point across. It’s not nice to share…
DetailsThe Evolution of the CISO
We are seeing that in quite a few organizations the Chief Information Security Officer (CISO) role is going through a period of transition. Leading organizations that didn’t have a CISO…
DetailsMaking Insurance Part of Your Enterprise Risk Management Program – Part Two
In this series, Grace Crickette provides C-Level executives a comprehensive overview of cyber insurance, while addressing business impacts and offering best practices for implementing a risk-management strategy that includes a cyber-liability…
DetailsRSA Conference 2016 – Real-world Metrics, Security Shark Tank® and Other Important Highlights
RSA Conference 2016 was a great opportunity to connect with the expansive and expanding world of information security. Just like the threat landscape is continuously changing, so is the landscape…
DetailsRSA Conference 2016 Highlights – IT Security as a True Part of the Business
RSA provides great opportunities for the CISO to learn in a compressed and diverse way to help further the implementation and management of their IT Security Programs. My goal this year was to look for guidance that didn’t focus…
DetailsFirst Sharknados, Now Cyber Pathogens – What’s Next?
I guess it’s time to admit that I might be getting older. When will the adults of the world take back the media and create a Bull S*** rating system. …
DetailsAn Assessment of the Framework for Improving Critical Infrastructure Cybersecurity – Part 5
In this five-part series CISO Brian Lozada examines the state of cybersecurity in our nation’s critical infrastructure, what is at risk, what makes it unique and what measures can be…
DetailsCISOs Offer Tips, Share Experiences for Navigating the RSA Conference Week
RSA Conference week can be overwhelming from a scheduling standpoint. Between conference sessions, vendor meetings and unlimited networking opportunities, a CISO’s time is in short supply and high demand. Below,…
DetailsA CISO’s Guide to RSA Conference 2016
Look, let’s be frank – the week of the RSA Conference is a scheduling nightmare. On easy days it takes effort to manage, and on difficult days it’s completely unwieldy.…
DetailsBetter than Expected Results: Security Training for Developers in a Large Enterprise
In 2015, I was tasked with creating and delivering a security curriculum for “any takers” from within our 1200+ global innovation organization at Pitney Bowes. This was part of a…
Details