Can the US Seize Botnets and Data Overseas Without a Warrant?

By Mark Rasch
Attorney and Cybersecurity Expert

It sounds like a classic law school exam question.  A border patrol agent in the United States, without adequate provocation or justification, fires a shot across the Mexican border, hitting an innocent Mexican teenager in the head – killing him. 

Does the family of the deceased have any recourse in the US courts, specifically under the Fourth and Fifth Amendments through the unjustified use of deadly physical force?  That’s what the Supreme Court will decide after oral argument on February 21, in a case called Hernandez v. Mesa

The holding will be significant because of its implications for cyberspace.  If the US government can “shoot” foreigners overseas with impunity because the Fourth Amendment does not apply, then it can seize documents or records remotely from non US servers (provided it isn’t infringing the privacy rights of US citizens).  It can also take down botnets, webpages, domains, and IP ranges without bothering to get a warrant because – well, ‘merica. 

                                                                 Read More 

San Diego CISO Gary Hayslip Talks Strategies for Building Executive Buy-in, Security Tech and Leveraging the Cloud

CISO Gary Hayslip Speaks with CISO David Cass

The city of San Diego is a $4 billion business and it doesn’t shut down. As you’ll hear in this discussion between Gary Hayslip, the city’s CISO, and David Cass, Global CISO IBM Cloud and SaaS, San Diego is a smart city which is continuously rolling out new technologies to facilitate 'the business' while bolstering its security.

In this podcast, recorded during the RSA Conference, Hayslip talks about joining the city as its first CISO some three years ago and how he established a five-year-plan which leveraged established frameworks like the National Institute of Standards and Technology (NIST) to increase the security of the city and its 24 networks and 40 departments.

The two also discuss ‘cloud first’ initiatives, resilient networks and the role of the CISO, which Hayslip provides practical guidance on with his book “A CISO Desk Reference Guide: A Practical Guide for CISOs.”

                                                                Listen Now 

Maxim Integrated CISO Speaks with Sophos Enduser Security Group SVP & GM on Ransomware, IoT and Hacking as a Business

CISO Matt Hollcraft Interviews Dan Schiappa of Sophos

In this podcast Matt Hollcraft, Maxim Integrated CISO, discusses common threat vectors – what is old and what is new – with Dan Schiappa, SVP & GM, Sophos Enduser Security Group. They talk about ransomware, the mobile workforce, Internet of things and hacking as a business.

In this sponsored podcast, you’ll also hear about approaches that enterprises can take to reduce threats, which are increasingly sophisticated and continuous. 

                                                                 Listen Now 

Payment Card Processor Monext Discusses Continuous Compliance, Reducing Complexity and Heightening Security

Monext's Laurent Klefstad Speaks With Security Current 

Ensuring continuous compliance while reducing complexity is essential to bolstering security for many organizations, in particular, those that process credit card data.

In this Tufin-sponsored podcast, IBM’s David Cass talks with Monext’s Laurent Klefstad, Leader for Systems, Network and Telecom, about automated security policy orchestration and how it allows the French company to save time and money by reducing the complexity of its networks and firewalls.

Klefstad explains how Monext’s implementation of the Tufin solution provided Monext continuous compliance and the ability to reduce its firewall rules, of which there were about 3,000, by upwards of 20 percent.  He also talks ROI, staffing implications and business enablement.

                                                                Listen Now 



CISOs Select ROMAD Cyber Systems as Winner of Security Current's Security Shark Tank During RSA 2017

Security Current, the premier information and collaboration community by CISOs for CISOs, named ROMAD Cyber Systems the winner of its Security Shark Tank® during RSA Conference 2017. Held in San Francisco on February 14, 2017 at the Four Seasons Hotel, the event brought security solution providers face-to-face with potential buyers.

Participating vendors were given 15 minutes each to pitch their solution to the panel of information security executives interested in innovative technologies. The executives scored each vendor based on innovation and vision, ease of use and implementation, value to the industry, and the presenter’s ability to clearly and effectively articulate the value and differentiator.

Robert Herjavec, founder & CEO of leading MSSP Herjavec Group, served as event host and David Hahn, CISO for Hearst, served as the panel moderator.

The CISO panel included:

Colin Anderson, CISO, Levi Strauss & Co.

Meg Anderson, VP & CISO, Principal

Tom Baltis, VP, Chief Technology Risk Officer & CISO, Delta Dental Insurance Company

Devon Bryan, CISO, Federal Reserve System

David Cass, VP & Global CISO, IBM Cloud & SaaS

Curtis Coleman, VP & CISO, Seagate Technology

Daniel Conroy, CISO, Synchrony Financial

Rajesh David, Director of Information Security and Architecture, GE Capital

Franklin Donahoe, CISO, Mylan

Frank Fischer, EVP & CSO, Deutsche Boerse

Ajit Gaddam, Chief Architect, Visa

Sara Griffith, CISO, Euronet Worldwide, Inc.

Tim Held, SVP & Deputy CISO, US Bancorp

Matt Hollcraft, CISO, Maxim Integrated

Manish Khera, Senior Director, Royal Bank of Canada

George LLano, Global CISO, iHeartMedia

Chris Lugo, CISO, Danaher

John Masserini, CSO, MIAX Options

Mike Molinaro, CISO, BioReference Laboratories

Jasper Ossentjuk, CISO, TransUnion

David Peach, CISO, The Economist Group

Vanessa Pegueros, VP & CISO, DocuSign

David Rooker, CISO, Actian Corporation

Hussein Syed, CISO, RWJBarnabas Health

Patricia Titus, CISO, Markel Corporation

Anil Varghese, CISO, Service King

CISOs said a key benefit of participating in the Security Shark Tank was that it enabled them to engage with their peers as they learned about innovative solutions.

“The Security Shark Tank provides great exposure to new thoughts around cybersecurity defenses as well as a great opportunity to engage with my CISO peers to hear how they are leveraging new technology and automation to improve their information security programs,” said Principal CISO Meg Anderson.

Security Shark Tank winner ROMAD Cyber’s patented Malware Genetics™ genome sequencing technology profiles entire malware families, enabling users to proactively detect and stop emerging threats. CISOs rated ROMAD highest in the areas of innovation and vision, ease of use/integration and the importance of the challenge the technology solves.

"ROMAD's technology is impressive in both its simplicity and innovation. This new approach to endpoint protection has the potential to bring real value to the enterprise. Congrats to Igor Volovich and all of the ROMAD team for a second Security Shark Tank win," said Matt Hollcraft, CISO for Maxim Integrated.

                                                                           Visit Security Shark Tank 


10 CISOs Say Cyber Insurance is Growing and Evolving, but Adoption Comes with Caveats

Ten CISOs from across industries share insight on the future of cyber insurance and tips for success.

10 CISOs Say Passwords are Failing and Must be Augmented or Supplanted

Ten CISOs from across industries weigh in on the effectiveness of passwords, with most predicting that the days are numbered for the password as the sole authentication method.

Security Current eBook 

A CISOs Guide to Principles of Data Privacy and Security
By David Sheidlower


The Benefits of Tokenization: A Podcast with Jason Witty, US Bancorp EVP and CISO

Jason Witty, US Bancorp EVP and CISO 

Tokenization is helping render data theft obsolete. Jason Witty, US Bancorp EVP and CISO, is in the midst of completing a multi-year tokenization integration project, for which his team won the recent ISE North America Project of the Year Award in the Financial Services category.  

He discussed the many benefits of tokenization with David Cass, Global CISO IBM Cloud & SaaS, including fraud prevention and the reduction of risk and the attack surface. They discuss how it is a complex process, which is “simple” to implement but difficult to adopt. Witty also touches on the many unintended business benefits.

Listen Now!

How to Unlock Cybersecurity Talent

By Daniel Conroy
Synchrony Financial Chief Information Security Officer

Today the cybersecurity sector is fraught with the challenge of a diminished talent pool. Cisco’s report, “MitigatiListng the Cybersecurity Skills Shortage,” highlights the worldwide shortage of one million information security professionals. It sends out a disturbing warning to the cybersecurity industry to bridge this gap immediately or face consequences with significant costs.

There is no doubt that the number, scale, and sophistication of operational technology attacks will continue to increase thereby putting connected transportation, health, energy and financial systems at risk.

Read more!



About Security Current | Privacy Policy | Subscribe to our newsletter