Making Insurance Part of Your Enterprise Risk Management Program – Part One

In this series, Grace Crickette provides C-Level excutives a comprehensive overview of cyber insurance, while addressing business impacts and offering best practices for implementing a risk-management strategy that includes a cyber-liability policy. Part One The role of the CISO is expanding, shifting from a focus on information security programs to a holistic risk management approach. Necessary…

Details

An Assessment of the Framework for Improving Critical Infrastructure Cybersecurity – Part 3

In this five-part series CISO Brian Lozada examines the state of cybersecurity in our nation’s critical infrastructure, what is at risk, what makes it unique and what measures can be taken to bolster its safeguards. Read Part One Read Part Two Read Part Four In the second article, I more closely examined these evolving threats, the…

Details

The Sanders-Clinton Data Brouhaha: It is Not About Privacy and All About Identity

In August of 2010, Huping Zhou who had served as a researcher at the UCLA School of Medicine and had since been terminated, was sentenced to jail time for inappropriately looking at the medical records of his immediate supervisor and some notable celebrities including Drew Barrymore, Arnold Schwarzenegger, Tom Hanks, and Leonardo DiCaprio. He had…

Details

Push Beyond Political Rhetoric in the Backdoor Encryption Debate

The old year is over, the new one has begun, and that means information security predictions galore! From my very unscientific perusal of many of those, incident response, cyber insurance, information sharing, and vendor management top the lists of high importance target areas for 2016. All of these are timely issues, I agree. But what…

Details

An Assessment of the Framework for Improving Critical Infrastructure Cybersecurity – Part 2

In this five-part series CISO Brian Lozada examines the state of cybersecurity in our nation’s critical infrastructure, what is at risk, what makes it unique and what measures can be taken to bolster its safeguards. Read Part One Read Part Three Read Part Four In the first article in this series, I addressed the growing possibility…

Details

Facts, Tips, and References for CISOs this Holiday Season

Well, ‘tis the season – a season for celebrating and a season for shopping. You are the CISO, the head honcho for everything information security. So who’re you gonna call when everyone and their mothers come running your way asking how their information can be kept safe this holiday season? Here’s your cheat sheet. A compendium…

Details

It’s All About the User

Sometime ago, I had a moment of introspection, which oddly, sounded a lot like Redd Foxx, in his best deadpan Fred Sanford delivery…. ‘It’s the user…. Dummy!’ Those of us who have been in the space for a while recognize the one common factor in every significant breach is the abuse of privileged accounts throughout…

Details