For organizations to achieve maximum privacy and security the two need to go hand-in-hand but unfortunately they are often siloed within organizations. So how are organizations evolving to incorporate privacy, risk and compliance to address information security requirements?
Finding the balance between holding what may be sensitive information about individuals and partners among others with regulations and laws protecting that information has become critical.
Security Current's Vic Wheatman speaks with internationally-acclaimed, Professor Daniel Solove of the George Washington Law School, and CEO and Founder of training company TeachPrivacy about these issues and a groundbreaking conference being held in October 2015 that bridges the silos between privacy and security.
Many security policies are aspirations, doomed to fail because they are unrealistic. Not only can they be unachievable, but may in fact encourage people to disregard policies because, after all, "we can't really do that."
Further, enterprises may not be able to collect on cyber insurance policy payouts because they didn't meet their own, internal standards. These and other issues surrounding information security policies are discussed in this conversation between Security Current's Vic Wheatman and Gartner's Dr. Anton Chuvakin.
Most "new" security technologies use functions and features developed years ago. Network Forensics applies machine learning, automating detection functions via machine-based analytics to decode and visualize relevant metadata.
Accordingly, Network Forensics represents an evolutionary trend in security. Who is providing these tools and capabilities? Gartner Research Director Lawrence Pingree answers the questions in this interview with Security Current's Vic Wheatman.
In this interview with an information security officer who prefers to remain anonymous we discuss the definitions of security intelligence, what it takes to be a CISO and the toughest part about heading up security at an enterprise.
He also discusses how network complexity grows as new systems are built on top of existing infrastructure leading to potential problems. The interview, conducted by Security Current's Vic Wheatman, was recorded at the RSA Conference.
As the news of breaches across multiple sectors continues the role of the Chief Information Security Officers has never been more important.
The CISO is not only responsible for protecting the organization they are tasked with enabling the business. And with the CISO speaking in both business and technical languages, they are quickly gaining visibility with the Board of Directors that needs to understand, and to provide resources for, enterprise security.
In this podcast, Daniel Conroy, the CISO of Synchrony Financial, a leading financial institution, speaks with Security Current's Vic Wheatman about the role, the definition of security intelligence and what keeps him up at night.
It isn't a matter of if your organization will be infected with malware but rather a matter of when. Based on that premise, Seculert designed a cloud service to quickly and automatically identify the machines connected to bad actors on the Internet. By knowing which equipment if compromised, desktop support staff can quickly replace or wipe the offending machine.
In this sponsored podcast, Security Current's Vic Wheatman speaks with Richard Greene, Seculert's President of Field Operations about the compensating controls the company provides, and why unsubscribing from spam may not be such a good idea.
Healthcare providers have some of the most complicated environments with a multitude of systems, users and regulatory mandates. And often, according Barnabas Health CISO Hussein Syed, this leads to one of the biggest challenges, which is a misunderstood environment.
There are concerns over Personally Identifiable Information (PII), as well as maintaining compliance with Payment Card Industry (PCI) mandates as healthcare providers generally take credit cards.
Further, because of the growing Internet of Medical Things with various equipment now networked, data leakage becomes a greater concern. And compounding this is are third party providers, from doctors to billing companies, working with healthcare providers, making security even more difficult.
As you'll hear from Hussein Syed during this conversation with Security Current's Vic Wheatman while at RSA it is a balancing act to provide access while ensuring security. They speak about these and other issues.
RSA Conference 2015 was bigger than ever with hundreds of startups promoting their wares. One segment that caught the attention of CISOs was what is being dubbed as next generation endpoint security.
As you'll hear, new approaches to endpoint security may allow enterprises to turn off legacy anti-virus, anti-worm and other traditional protections. And what does security intelligence means to a CISO?
Security Current's Vic Wheatman speaks with Patricia Titus about these and other issues including the toughest part of being a CISO.
A surprising number of organizations are expecting a cyber attack. Despite this it is getting harder to fill cyber security jobs.
ISACA, an independent, nonprofit global association that develops and promotes the adoption of globally accepted practices for information security, in collaboration with the RSA Conference published a survey titled: The State of Cyber Security: Implications for 2015.
The survey found that while boards of directors are now including cyber security on their agendas security still isn't where it should be. The survey also revealed that despite organization's anticipating attacks there is a lack of sufficiently trained talent available to fill security positions.
According to Eddie Schwartz, who chairs ISACA's Cyber Security Task Force, only about 25 percent of applicants had the requisite skills to fill open security positions. Schwartz told Security Current's Vic Wheatman about the survey, and security certifications ISACA is rolling out to meet the growing need for skilled cyber security professionals.
The free study is available here
Is there room for yet another endpoint protection product in a market crowded with alternatives?
SentinelOne says there is and that they are reinventing endpoint protection with an aim to replace antivirus within the enterprise. In this sponsored podcast SentinelOne explains its approach to protecting against advanced persistent threats (APTs) and zero-day attacks while also providing forensics.
Tomer Weingarten, co-founder and CEO of SentinelOne, explains to Security Current's Vic Wheatman just how the startup combines behavior detection with cloud intelligence and whitelisting to block, detect and predict attacks.