The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) becomes effective on May 25, 2018. It is an extensive and unifying regulation pertaining primarily to the privacy of personal data belonging to or derived from EU citizens and residents. With its focus on personal privacy, the GDPR is quite different from US regulations which tend…
Details
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) was enacted on April 27, 2016, with the enforcement date being May 25, 2018. It replaces the European Data Protection Directive (DPD) (Directive 95/46/EC), which was the previous privacy and data protection scheme for the European Union. GDPR is intended to strengthen and unify data protection…
Details
Women make up half the workforce in America, yet they hold fewer than 20% of board seats among the 2017 Fortune 1000 companies.[i] However, the Fortune 1000 companies are comparatively progressive, given that nearly 90% of the world’s board seats overall still belong to men. It’s important to have women serve on boards. Studies show…
Details
The most common identity and access management (IAM) authentication control in use today is a user ID and password, and there is growing awareness that passwords are incrementally becoming obsolete as an authentication control. Three billion credentials were harvested in North America in 2016 alone according to Shape Security. You and I know there’s only…
Details
If your organization were to experience some sort of cyber incident – e.g., an intrusion of your network, theft of your intellectual property or sensitive data, Internet fraud – does your company have an incident response plan that includes notifying federal law enforcement? If so, do you know what agencies like the FBI do when…
Details
We have all read and probably even lived the statistics. ISACA claims there will be a global shortage of two million cyber security professionals by 2019. Every year in the U.S., 40,000 jobs for information security analysts go unfilled. Maybe some of those positions are in your organization. It’s tough for all of us who…
Details
As we at Security Current talk to CISOs and other information security leaders on a daily basis, we are often asked career-oriented questions. One frequently asked question is about college degrees: Which degree(s) is most important to help advance a CISO’s career? We understand that people are positioning themselves to climb the corporate ladder, or…
Details
Eleven Chief Information Security Officers (CISOs) from across industries share insights on the use of open source software in their enterprise environments. Most CISOs agree that open source software generally has been well vetted by a vast development community that quickly finds and fixes vulnerabilities in the software libraries. What’s more, open source provides flexibility…
Details
In my 10+ years as a CISO, I’ve noticed a trend that appears to only be increasing. What I have observed is a proliferation of job titles that rhyme with CISO. But rather than describing the Chief Information Security Officer, these new titles swap out the word “chief” and come up with something else to describe…
Details