Hurdling Obstacles to Security Training and Awareness Success

Things happen. Staffers click links they shouldn’t. Interlopers enter the workplace, gain access to a vacant desk, log in and steal corporate secrets.

Technology helps, but end user security awareness training puts people on the front line of defense.  Employees need to recognize that the threats are real. Executives need to see that there is a real return on security training investment, partly due to preventing lost productivity, and that business risks can be significantly reduced.

In this sponsored podcast, Security Current’s Vic Wheatman speaks with Amy Baker, Vice President of Marketing of Wombat Security Technologies, a premier provider of security awareness training.

 

Details

Software Defined Perimeters

In a world of three letter acronyms comes yet another — a new specification from the Cloud Security Alliance. SDP or Software Defined Perimeter.

SDP approaches are meant to create a secure micro segment between the user and a host.

But how are SDPs different from other approaches based on firewall appliances or virtual firewalls? Can SDPs eliminate the need for firewalls? Can they save money? Who provides the technology and what are the advantages?

Security Current’s Vic Wheatman speaks with Gartner Research Director Lawrence Pingree about this emerging technology.

 

Details

CISO Buying Trends, Approaches and Considerations

With the plethora of information security products and services on the market, how can CISOs prioritize what they truly need? And how can they differentiate from what may be a short-term fad brought to market by earnest but oftentimes aggressive solution providers or a long-term solution?

The answer lies in stepping back and carefully examining your organization’s overall security program from a predict, prevent, detect, protect and respond context to help plan priorities.

Gartner surveys CISOs bi-annually to determine security buying trends and top of mind concerns.  In this podcast, Security Current’s Vic Wheatman speaks with Gartner Research Director Perry Carpenter about the results of the survey and the current state of CISOs when it comes to buying trends.

 

Details

Creating and Managing a Security Aware Culture

Episode 77: Creating and Managing a Security Aware Culture

In both the public and private sector employees are by and large the weakest link when it comes to information security breaches.

Training needs to be more than simply a checkbox on a compliance list. There are various approaches that combine training and technology to ensure employees are security aware.

As you’ll hear from Gartner Research Director Perry Carpenter in this conversation with Security Current’s Vic Wheatman, training is not a one-time endeavor but needs to be multifaceted and continuous.

 

Details

EU’s “Safe Harbor” Provisions Invalid.  So What?  Attorney Lawrence Dietz Explains 

The European Union’s (EU) highest court recently found that the “Safe Harbor” provisions allowing data transfers from EU countries to United States’ data centers are invalid.

Triggering this finding was a lawsuit motivated, in part, by spy agency access to citizen data in violation of privacy initiatives. Despite this ruling, transatlantic data flows can continue — assuming other safeguards are in place.

Security Current’s Vic Wheatman speaks with Lawrence Dietz, General Counsel for California-based TAL Global to make sense out of this and what it means to CISOs. Dietz is a nationally recognized expert in the areas of cybersecurity, cyber warfare, information security and intellectual property.

 

Details

Management Hierarchy and CISO Reporting Roles — Part 2 with CISO Brian Lozada

What is the optimal structure within an enterprise in terms of CISO reporting? Should a CISO report to the CIO? Or possibly to the CFO?

In some cases, as you’ll hear in part two of Vic Wheatman’s interview with CISO Brian Lozada, CISO can stand for Chief Information Scapegoat Officer. Avoiding blame for security incidents requires relationships to ensure that both business and technical concerns are properly addressed.

 

Details

Information Security in Hedge and Private Equity Funds — Part 1 with CISO Brian Lozada

Information security in hedge funds is new and many hedge funds don’t know what cybersecurity is or what is at risk. And there are unique security issues specifically related to hedge funds.

With a high risk/reward mentality, and with high-worth individuals involved, regardless of the technologies implemented, the potential security problems may best addressed presently through ongoing security awareness and education, according to an expert in the space.

Brian Lozada, Director and CISO of Abacus Group, LLC, a solutions provider servicing the segment speaks with Security Current’s Vic Wheatman about the state of hedge funds and how they are a ‘rich’ target for cyber attackers.

 

Details

Vetting Security Startups — Venture Capital Series Part 3

How can CISOs differentiate among “me too” information security startups? What is the role of incubators in helping new companies get started? And how is the NSA considered one of the best “graduate schools” in cybersecurity?

Security Current’s Vic Wheatman explores this and other topics with Allegis Capital’s Founder and Managing Director Robert Ackerman in part three of our investor series.

 

Details

What Happens When Your Security Vendor is Acquired with Allegis Capital’s Ackerman – Venture Capital Series Part 2

One of the primary exit strategies for security startups is to be acquired. Sometimes that’s a good thing, other times, not so much.

Hear about some of the issues associated with acquisitions and where startups added value to a security platform or suite of a larger solution provider.

And get the inside scoop on what Allegis Capital’s Founder and Managing Director Robert Ackerman sees as some of the most creative, innovative, and cutting edge information security ideas of today.

In part two of a three-part series, Ackerman discusses exits and technologies he is watching.

 

Details

Security Shark Tank Quick Hits Podcast

At the second Security Current Security Shark Tank competition held during Black Hat in Las Vegas, six up and coming cybersecurity providers came face-to-face with some 20 Chief Information Security Officers (CISOs).

The startups were: Dtex Systems, Infocyte, Cymmetria, Datex Inc, Wombat Security and Syncurity.

After each startup’s interaction with the Security Sharks, Security Current’s Vic Wheatman spoke with the speaker for a quick hit podcast.

Hear the results in this entertaining and informative podcast.

 

Details