Cybersecurity Leadership – It isn’t just 1’s and 0’s

Cybersecurity professionals often come from very technical backgrounds.  It is imperative that these professionals understand all the areas of technology: operating systems, networking protocols, architecture, applications and databases.  At some point many of these professionals achieve leadership roles.  A cybersecurity leader must be able to rely on that technical acumen to enable the business goals…

Details

TrapX Wins the Security Shark Tank® New York City

CISOs Praise Deception Technology Vendor for Importance to the Business and Ease of Use Security Current, the premier CISO knowledge-sharing community, today announced that CISOs from across industries selected TrapX as the winner of the Security Shark Tank® New York City 2019. In the Security Shark Tank, providers come face-to-face with CISOs seeking innovative solutions…

Details

Fortanix Lauded for Innovation, Vision and Importance

CISOs Laud Fortanix for Innovation, Vision and Importance to the Business Chicago, Illinois – Security Current, the premier CISO knowledge-sharing community, today announced that CISOs from across industries selected Fortanix® Inc. as the winner of the Security Shark Tank® Chicago 2019. In the Security Shark Tank, providers come face-to-face with CISOs seeking innovative solutions for their…

Details

Are you a Means, Motive or Opportunity CISO?

I was recently asked why there has been a spike in incident alerts during the current month. As I gave my answer, I noticed that I was focusing on the reasons behind “why” the numbers had risen and it became apparent to me that when I explain risks, I tend to focus on the motive…

Details

Data Privacy – I Do Not Think That Word Means What You Think it Means

On September 10, 2019, leaders of the high tech and business world, through the Business Roundtable, sent a letter to political leaders urging them to pass a comprehensive federal consumer data privacy law. The letter, signed by individuals like Amazon’s Jeff Bezos and Michael Dell, and other business leaders noted that “There is now widespread agreement among…

Details

Scraping Away at Computer “Crime” – Federal Appeals Court Rules Against LinkedIn in online “scraping” case

Your domain is your domain. Your website is your website. You decide who can access your site, who can access your data, and how they can do that. You make those decisions through both technology (e.g., code, access control, userIDs, passwords, multifactor authentication) and contracts (terms of use, terms of service, privacy policies, software license…

Details

Doorbell privacy: Where the ring tolls

Amazon’s Ring video doorbell allows you to see who is at (or near) your doorstep. Under a semi-secret program called “Neighbors” it also allows the police to see the same thing. The program incentivizes police to “sell” the Ring device to consumers (even giving the police free surveillance devices themselves) and creates a network whereby…

Details

How to Get Your Organization to “Own” Security – First Steps

Many companies grapple with integrating cybersecurity awareness into the organizational culture. After many years as a CISO and cybersecurity consultant, I believe the answer to this perennial problem is to encourage the organization to “own” security. The first step towards this goal is to establish a cybersecurity council composed of representatives from various business units. Some organizations already have…

Details

Former U.S. government cyber-czar says cyberwar is a huge security threat but it can be combatted

Companies need to embed cybersecurity into the DNA of their organizations to combat potentially disastrous cyber threats by state actors and individuals. This is the message that Richard Clarke, former National Coordinator for Security, Infrastructure Protection and Counter-Terrorism for the United States, gave cybersecurity executives at CISOs Connect San Diego 2019. Clarke told CISOs attending the conference about the chilling…

Details