TrapX Wins the Security Shark Tank® New York City

CISOs Praise Deception Technology Vendor for Importance to the Business and Ease of Use Security Current, the premier CISO knowledge-sharing community, today announced that CISOs from across industries selected TrapX as the winner of the Security Shark Tank® New York City 2019. In the Security Shark Tank, providers come face-to-face with CISOs seeking innovative solutions…

Details

Fortanix Lauded for Innovation, Vision and Importance

CISOs Laud Fortanix for Innovation, Vision and Importance to the Business Chicago, Illinois – Security Current, the premier CISO knowledge-sharing community, today announced that CISOs from across industries selected Fortanix® Inc. as the winner of the Security Shark Tank® Chicago 2019. In the Security Shark Tank, providers come face-to-face with CISOs seeking innovative solutions for their…

Details

Are you a Means, Motive or Opportunity CISO?

I was recently asked why there has been a spike in incident alerts during the current month. As I gave my answer, I noticed that I was focusing on the reasons behind “why” the numbers had risen and it became apparent to me that when I explain risks, I tend to focus on the motive…

Details

Data Privacy – I Do Not Think That Word Means What You Think it Means

On September 10, 2019, leaders of the high tech and business world, through the Business Roundtable, sent a letter to political leaders urging them to pass a comprehensive federal consumer data privacy law. The letter, signed by individuals like Amazon’s Jeff Bezos and Michael Dell, and other business leaders noted that “There is now widespread agreement among…

Details

Scraping Away at Computer “Crime” – Federal Appeals Court Rules Against LinkedIn in online “scraping” case

Your domain is your domain. Your website is your website. You decide who can access your site, who can access your data, and how they can do that. You make those decisions through both technology (e.g., code, access control, userIDs, passwords, multifactor authentication) and contracts (terms of use, terms of service, privacy policies, software license…

Details

Doorbell privacy: Where the ring tolls

Amazon’s Ring video doorbell allows you to see who is at (or near) your doorstep. Under a semi-secret program called “Neighbors” it also allows the police to see the same thing. The program incentivizes police to “sell” the Ring device to consumers (even giving the police free surveillance devices themselves) and creates a network whereby…

Details

How to Get Your Organization to “Own” Security – First Steps

Many companies grapple with integrating cybersecurity awareness into the organizational culture. After many years as a CISO and cybersecurity consultant, I believe the answer to this perennial problem is to encourage the organization to “own” security. The first step towards this goal is to establish a cybersecurity council composed of representatives from various business units. Some organizations already have…

Details

Former U.S. government cyber-czar says cyberwar is a huge security threat but it can be combatted

Companies need to embed cybersecurity into the DNA of their organizations to combat potentially disastrous cyber threats by state actors and individuals. This is the message that Richard Clarke, former National Coordinator for Security, Infrastructure Protection and Counter-Terrorism for the United States, gave cybersecurity executives at CISOs Connect San Diego 2019. Clarke told CISOs attending the conference about the chilling…

Details

CISOs Investigate: Vulnerability Management Released to CISOs

A Vulnerability Management Program is made up of a complex matrix of policies, processes and tools that enable security professionals to turn a detective control into an ongoing risk-management operation. Effective risk management is a function of the organization’s ability to manage vulnerabilities. That makes managing vulnerabilities a particularly crucial part of the CISO role.…

Details