Highlights:

Podcast: Ron Green, Mastercard Executive VP & CISO, Talks New Technologies, What Keeps Him Up at Night & Offers Recommendations to His Peers

Mastercard is a technology company in the global payments industry which operates the world’s fastest payments processing network, connecting consumers, financial institutions, merchants, governments and businesses in more than 210 countries and territories. Mastercard’s products and solutions make everyday commerce activities – such as shopping, traveling, running a business and managing finances – easier, more efficient and secure for everyone. 

As Mastercard’s Executive Vice President and CISO, Ron Green is responsible for upholding that mission. In this podcast, Green, a security visionary responsible for both cyber and physical security, speaks with David Cass, Global Partner, Cloud Security and FSS CISO at IBM, about what Mastercard is doing to ensure the promise of security not only today but in the future. Green talks about new technologies and processes, what keeps him up at night, and he provides recommendations to his peers. 

Listen Now!

WEBINAR: Unix/Linux Privilege Management: What a Financial Services CISO Cares About

Speaker:
Nikolay Chernavsky, SVP & CISO Financial Services

Hardly a week goes by without a major cyber security event affecting millions of users – and the financial industry is particularly vulnerable.

The 2017 Verizon Data Breach Investigations Report identified “Insider and Privilege Misuse” as a major incident pattern resulting in confirmed data breaches. According to Verizon, 62% of all breaches featured hacking, and of those, 81% leveraged stolen and/or weak passwords—giving the attacker the same privileges as a trusted insider.

While many tools have been developed to address Least Privilege issues on Windows-based systems, Linux/Unix systems were largely neglected. Unix/Linux systems are serving critical roles for many financial organizations, from storing highly sensitive information to processing millions of transactions between institutions. Being able to tightly control access to these systems is a critical security need.

This webinar will provide CISOs in financial services and other sectors:

  • A CISO’s first-hand experiences regarding the challenges faced in securing access to critical Unix and Linux systems
  • Real-world insights on how Unix and Linux Privileged Access Management (PAM) helps CISOs bolster security with granular access controls while also meeting compliance requirements
  • Guidance on selecting technologies that enable CISOs to meet their business objectives while remaining nimble
  • An executive view on where the market is headed in relation to PAM

Listen Now!

CISO Spotlight: Daniel Conroy

Daniel Conroy never expected to be a CISO.  He never expected to be in America.  He was a rugby playing, triathlon-competing lad from Ireland, who came to the United States for a brief stint with a semiconductor company, using his background as an electrical engineer.  Seventeen years later, Daniel, his wife and children are living in Stamford, Connecticut where he is a much sought after CISO in the industry. 

The Triathlon of Cyber Security

As his background in rugby and triathlons attest (he took up triathlons because they were easier on his knees), Conroy is fiercely competitive.  As a CISO, he realizes that his opponents are trained well-funded and well-connected cyber criminals – and that’s an understatement. 

Conroy’s past harkens back to the days when information security, or the more archaic term “computer security,” was part of a job function, and not its own function.  “Back then,” Conroy said, “using a Super Bowl analogy, it was 11 defenders facing 11 attackers. Things have changed. It’s still 11defenders but now they have to face the entire stadium.  Our approach to security has had to change.” Conroy said.

                                                              Read more 

Patch Yours!

By David Sheidlower

Security professionals feel no great joy in being right about patching.  The past two months have been a period of “I told you so” moments for anyone who has ever had to have the conversation with a sys admin about the importance of patching. (It’s been a long time for me but the memory lingers.)  

Still  security professionals care more about being safe than being right so, as I say, there’s no great joy.  But, now that we’ve had two months of ugly exploits that were very much enabled by unpatched systems and everyone appears to be paying attention, we should take a few moments to review the excuses we’ve heard for why it was not important to patch.  

                                                                Read More 

 

 


Cybersecurity Startup Verodin Wins Security Shark Tank Palo Alto


CISOs award Verodin third consecutive win, noting its innovation and importance to the industry

Security Current, the premier information and collaboration community by CISOs for CISOs, selected Verodin as the winner of its Security Shark Tank Palo Alto competition. The event brought security solution providers face-to-face with potential security buyers.
 
“The Verodin solution addresses a key industry challenge of identifying the effectiveness of our cybersecurity tools,” said Matt Hollcraft, Maxim Integrated Chief Cyber Risk Officer. “Verodin’s innovative approach stands out for its potential value to the industry. Congratulations on winning three Security Shark Tanks in a row.”​
 
Participating vendors were given 15 minutes each to pitch their solution in a rapid-fire question and answer format to a panel of information security executives interested in innovative technologies. The executives scored each vendor based on innovation and vision, ease of use and implementation, value to the industry, and the presenter’s ability to clearly and effectively articulate their solution’s value. 
 
GoPro CISO Todd Barnum served as the event host and moderator of the panel. 
The panel included:

Alameda Alliance for Health CISO Scott J. Wright
CalPERS Privacy Officer Tom McCreary
Contra Costa County Health Services CISO Patrick Wilson
DocuSign Senior Director of Security Engineering John Heasman
Federal Home Loan Bank AVP of Information Security Van Nguyen
GE Digital Senior Director of Cyber Security Al Ghous
Hitachi Vantara VP and CISO Chris Jacquet
Maxim Integrated Chief Cyber Risk Officer Matt Hollcraft
Maxim Integrated Chief Information Officer Walter Curd
Ross Stores Chief Security Architect (CSA) BG Badriprasad
Samsung Semiconductor CISO Jay Gonzales
Square Security Engineer Neal Harris
Visa CSA Bill Yue Chen
Whisker Labs CISO Anshu Gupta

 
“It was my pleasure to host the Security Shark Tank Palo Alto event,” said Todd Barnum, GoPro, Inc. CISO. “The fast-paced interaction between the CISOs and the security solution vendors created a great platform to learn new ways to protect the enterprise.  Security Current, the event sponsor, has a winning format making the event educational and enjoyable for everyone in attendance.” 

                                                                                           Read more

 

10 CISOs Say Cyber Insurance is Growing and Evolving, but Adoption Comes with Caveats

Ten CISOs from across industries share insight on the future of cyber insurance and tips for success.

10 CISOs Say Passwords are Failing and Must be Augmented or Supplanted

Ten CISOs from across industries weigh in on the effectiveness of passwords, with most predicting that the days are numbered for the password as the sole authentication method.

Security Current eBook 

A CISOs Guide to Principles of Data Privacy and Security
By David Sheidlower

 

Feris Rifai Speaks with CISO David Cass

CISOs are increasingly looking to User Behavior Analytics (UBA) as a key security tool to help combat threats by identifying anomalous behavior.

According to the report, CISOs Investigate: UBA, authored by more than a dozen CISOs, by quickly providing actionable intelligence, UBA enables them to potentially reduce loss to their organizations by identifying and thwarting attacks earlier.

Feris Rifai, CEO of Bay Dynamics, a provider of analytics and UBA solutions, says CISOs are realizing that to effectively protect their organization they need to add a UBA component to their security arsenal.

In this sponsored podcast, Rifai and David Cass, the Global Partner, Cloud Security and FSS CISO at IBM, discuss what UBA offers and how it is helping organizations across industries.

Listen Now!

How to Unlock Cybersecurity Talent

By Daniel Conroy

Today the cybersecurity sector is fraught with the challenge of a diminished talent pool. Cisco’s report, “MitigatiListng the Cybersecurity Skills Shortage,” highlights the worldwide shortage of one million information security professionals. It sends out a disturbing warning to the cybersecurity industry to bridge this gap immediately or face consequences with significant costs.

There is no doubt that the number, scale, and sophistication of operational technology attacks will continue to increase thereby putting connected transportation, health, energy and financial systems at risk.

Read more!

 

 

About Security Current | Privacy Policy | Subscribe to our newsletter