By Farhaad Nero
The only thing worse than being blind is having sight but no vision – Helen Keller
According to a newly released report, 54% of security professionals said they were under more pressure in 2014 than the previous year. 61% said the pressure came from the board, corporate owners, or C-level executives – up by 50 percent!
Yes, the pay and job security may be good for Information Security (InfoSec) professionals these days – thanks to Target, Home Depot, Sony, and now Anthem. But that kind of constant pressure, year after year, can make these professionals quickly lose the vision that took time, sweat, and tears to implement. The vision that became their path to success.
By Gary Hayslip
As a CISO, you will find your job requires you to have experience in many areas.
As the leading cyber security executive for your organization you will be expected to manage your organizations cyber security suite and lead your team in protecting its assets. In this position you will also work with your organizations departments and in the process meet many of your critical stakeholders.
As you build your human network in your organization, remember these stakeholders are your customers and it is important that you understand what issues they are presently having with your organization’s enterprise network and its current application portfolio.
By Joel Rosenblatt
There have been articles on how Samsung’s smart TV may be “recording” your conversations and sending them off to a “third party.”
We are living in a world where organizations like the NSA may or may not be recording our phone conversations and reading our email. We know that Google and others track our online presence “to provide a better experience” and target advertising.
So, if your smart TV can listen to you and follow your commands – it is not that big of a stretch to imagine the rest of your appliances doing the same thing (I know that I have yelled at a few of them over the years.)
I can see the new version of wiretapping including TVs, toasters, refrigerators, washers, and any other smart device.
By David Sheidlower
A CISOs Guide to Principles of Data Privacy and Security examines the key issues surrounding data privacy and security.
In this eBook, Sheidlower, currently CISO of an international media and advertising firm, provides his perspective on topics, which include privacy policies, big data, consent, governance and security.
According to the author: “The fundamental principles of privacy and security continue to evolve. I’ve tried to look into each of them from the consent process, which most people find problematic, to the need for a framework for data protection, which is where an organization’s security program comes in.”
The eBook has been lauded by Sheidlower’s peers, with Larry Whiteside Jr., CISO of the Lower Colorado River Authority (LCRA), stating: “It provides thought provoking and actionable information on issues that are top of mind for us – data privacy and security. I highly recommend reading it.”
Chief Information Security Officers (CISOs) are dedicated to protecting enterprises and government organizations.
But with the drumbeat of attacks getting louder and more frequent and the number of security technology companies continuously increasing how do CISOs decide what to use?
The Security Shark TankTM is a unique opportunity for security companies to present their technologies to Security Sharks - accomplished security executives on the front line.
The security companies have the chance to convince the Security Sharks to select their technologies.
It's sink or swim.
3 Things to look for in 2015
The President's cybersecurity legal proposals
By David Cass
Security and Privacy are essential in today’s digital economy. 2014 was a year of large-scale security and privacy breaches, leaving everyone asking themselves how much should we trust companies with our sensitive information.
Currently, there are more than 80 countries with privacy laws. Violating these laws may result in fines, brand damage, and/or loss of revenue.
LabMD processes medical specimens. One day, a security services company emailed them advising that its patented searching software, which looks for problems caused by peer-to-peer applications, found a file with sensitive information.
LabMD refused to pay, choosing to mitigate the problem themselves. The security company turned over its finding to the Federal Trade Commission leading to a multi-year, resource-draining battle by LabMD to try to prove they did nothing wrong.