Opinions

regulations

Updates that simplify NIST certifications

A road map that reduces time and resources required across multiple frameworks and regulations.

man person building front columns

Security experts talk insider threats

So much of the noise today seems to still focus on the adversary/hacker breaking the perimeter and accessing a network. While a huge problem, I wanted to shed more light on the insider threat problem and better understand some...

woman phone scam

Why awareness needs to teach scam detection and reaction

Most awareness programs teach users how to behave. Ira Winkler argues training needs to go further so people know what to do if they do fall victim to fraud.

fuel pod aircraft carrier jet

Hacking for Defense to solve national security challenges

As the speed and complexity of America's national security threats increase, so too must its response. Using Lean Startup methodologies, schools like Stanford and Georgetown University are harnessing the collective intellect of their...

shopping cart outdoors commerce

Network security demands better procurement processes

The federal government is spending millions of dollars to deal with the aftermath of cyber breaches but why aren't we putting more resources and money into preventing them in the first place?

data privacy 3

MWC 2017: The value exchange of data privacy

While consumers may not know the necessary precautions they should be taking to protect their data, they’re aware of a bigger problem. And this has a lot to do with the rising number of data breaches each year. In 2016, for example,...

2 imposter

A better security strategy than ‘know your enemy’: Know your co-workers

Something as simple as an uncharacteristic turn of phrase can clue people into an email’s illegitimacy.

alarm ambulance emergency red

Keeping security (and alerts) in context

Complexity is the primary security problem, demonstrated by the degree to which misconfiguration and misalignment of protection are leveraged in cyber attacks. One way to change the game is via context. We need to know more about 1)...

cyber security insurance protection

New National Cyber Incident Response Plan

The NCIRP provides a consistent and common approach and vocabulary to enable the whole community to work together to manage cyber incidents seamlessly. The NCIRP directly responds to private sector requests for clarity on the roles...

stylish laptop euro

Skills of the sophisticated hacker

While many cybercriminals today don't need technical skills, many of today's successful hackers are entrepreneurs

hidden eggs

How to protect sensitive data and limit risk of data exposure or leaks?

The average cost per record is $158 whereas the cost per record breached ranges from $355 to $129 for healthcare and retail industry respectively. Despite the high risk of the threat, enterprises continue to fall victim to data...

verizon sign

Verizon's risky business: Acquiring the world's biggest hack

Verizon's biggest risk is acquiring Yahoo, victim of the biggest hack ever.

cso50 intro

The evolving role of the chief security officer

Today's Chief Security Officers (CSO) are charged with mitigating an array of interdisciplinary and intersecting risks across the enterprise. The CSO role is evolving into a mission-critical service that spans risk areas ranging from...

healthcare it

HIPAA compliance report card

The HIPAA data breaches immediately followed the US government's directive to push healthcare data online as part of the American Recovery and Reinvestment Act Jan 1 2014. HIPAA is a law that is implemented with IT frameworks like...

windows trouble controversy crash problem hacked

What’s up with Windows patching, Microsoft?

A month late? Seriously? It’s both outrageous and unsurprising.

board of directors

Cybersecurity: What does the board want?

Summary of the 2017 NACD Cyber-risk Handbook and its recommendations for directors. Action items for CISOs.

cybersecurity boards

Emboldening the CISO ecosystem

Cybersecurity recruitment and leadership adviser, Stephen Spagnuolo of ZRG Partners, discusses how the inaugural launch of the peer to peer HMG Strategy CISO Executive Leadership Summit will lead the way on strengthening the range,...

bingo sign

Before you buy another cybersecurity buzzword

Your security posture should not be based on assumptions. It should be based on empiric evidence. That empiric evidence can be derived by validating your controls with security instrumentation solutions. You may very well discover...

signature signing contract handwriting cursive

Hey New York - ready for CyberSOX?

If your organization is regulated by New York State’s Department of Financial Services (DFS), your organization will need to comply with a new cybersecurity regulation that goes into effect on March 1, 2017.

phone privacy

True privacy online is not viable

You can hide from casual observers, but a motivated person will see through your attempts at anonymization.

Load More