Mitigating insider threats from a people perspective
Mitigating insider threats is an ongoing effort that requires a holistic approach that encompasses technological as well as human solutions. Additionally, organizational and situational factors can help mitigate the threat posed by...
Cyber threats come from all angles at the financial services industry
Reputational loss and reduction in customer confidence can severely impact the long-term well-being of a financial institution ill prepared for the threats that they face. Each organization must develop a strategy that finds the right...
Security can be a competitive differentiator
Organizations that are able to demonstrate that they have cyber security strategies in place to include incident and contingency planning position themselves ahead of competitors that are in the process of developing them or have yet...
How to keep your highly skilled and paid security team happy and engaged
Employees contribute significantly to an organization’s achievements and a cyber security team is no different. Its value can be measured by the reduced number of security incidents and the speed and efficiency with which those...
CISOs must quickly adapt to any situation
Today’s CISO is in the unique position of becoming an important conduit between the C-Suite and the operators that keep an organization running. The position is a pivotal spoke in a large wheel having visibility and influence in...
Retaining security talent by embracing distributed team management
Ask anyone in a security leadership role about their team and you’ll likely find that the great majority are struggling. They are struggling because finding security talent is increasingly hard and keeping that talent is even harder....
How to convince the CFO of the budgetary security need
It had been custom for organizations to think of cyber security in terms of an information technology (IT) problem best left to IT people to address and fix. However, as more prolific breaches were publicized exposing a variety of...
5 sins cybersecurity executives should avoid
With the advent of 2016, I was tempted to touch upon my thoughts on what the future of the cyber landscape will hold, prognosticating trends and shifts and what the next big threat would be. However, upon deeper reflection and...
Thinking outside the product box
The dynamic nature of the cyber threat landscape guarantees that the threats and the actors behind them are always evolving, increasing in sophistication in order to circumvent the most robust security devices. As such, our cyber...
The technocracy is over – innovation is here, plan your security accordingly
Information technology (IT) is going through an age of “technocracy” decline. Innovations in the IT sector have made way for various platforms that can be leveraged to support employees’ workflows and processes. As a result,...
Tighten up your cyber security strategies now
While there are many security offerings to help an organization better protect itself from the onslaught of cyber threats knocking on its perimeter, no one solution is enough to reduce risk in this dynamic landscape. Each individual...
Cyber security culture is a collective effort
Many believe that cyber security culture starts from the top and works its way down. While there is merit to this statement, I would argue that all stakeholders in the ecosystem create cultures collectively.
Social media can quickly take down your business if not monitored
Not having a plan in place to protect your brand risks losing public trust and confidence that build long lasting relationships. Trying to restore them can be an arduous undertaking. And a costly one.
Security and the Internet of Things – are we repeating history?
The Internet of Things (IoT) refers to the networking of endpoint products and objects that can be accessed via the Internet. The objective of this level of networking is to make our every day experiences more streamlined and...
Number 3 on my top 10 list for security executives: Focus
The threat landscape has evolved. Security solutions have evolved. Has your focus?
Number 2 on my top 10 list for security executives: Reform
There are a number of reforms that can be used to act as a carrot instead of a stick. Reform need not be regulatory mandates that are operationalized as reports used for placating auditors. Examples of ways the federal government can...
Number 1 on my top 10 list for security executives: History’s lessons
History has given us a wealth of stories from which analogies related to information security can be drawn. Some of these stories significantly predate the digital age but are relevant because they can impress upon us the significance...
Top 10 threats, trends and business priorities for security executives
Some of the most critical issues concerning security executives as they relate to internal and external threats, trends in IT such as BYOD and cloud, and the alignment of security strategies with business priorities
Phishing, football and frauds: 15 ways to safeguard yourself during the World Cup
The 2014 FIFA World Cup in Brazil promises amazing football, frantic fans around the globe, and a playground for fraudsters
Let's say goodbye to passwords
Over the last few years I’ve been conducting unofficial surveys of security analysts and security executives I meet in the field. My goal is always to determine what security solutions have been most detrimental to actually achieving...
