Upcoming Events:

Security Shark Tank NYC Vendor Spotlight

Cloudmark Trident protects against a broad spectrum of spear phishing attacks. This includes wire fraud, authentication credentials discovery, corporate information requests and malware deployment schemes that lead to multi-million dollar losses, data theft, and negative impact to brand and reputation.

Its spear phishing solution combines the broadest global intelligence network, behavioral learning, context analysis and anomaly detection.

                                                                Read more  

The Cybersecurity Convergence 

By Dr. J.R. Reagan

Deloitte Touche Tohmatsu Limited (DTTL) CISO

People love to predict the next must-have digital device, from personal drones to augmented-reality contact lenses.

But what if the next big device isn’t one single technology? What if it’s a convergence of technologies? How will we then secure our networks and data?

A look at the history of the digital universe shows us that, like the real universe, it is expanding. From a single device’s meeting our needs—starting with the PC, then moving to laptops and phones--we seem poised on the brink of a technological “big bang” resulting in an ever-more-diffuse array of gadgets, monitors, appliances, and communications all working in tandem to enhance our personal and professional lives.

                                                                 Read more 

Don't Sweep These Third-Party Vendor Challenges Under the Rug

By Farhaad Nero

Bank of Tokyo-Mitsubishi UFJ, Ltd., VP Enterprise Security

Third-party vendors are essential to businesses big and small, national and global. Outsourcing is big. Offshoring is big. You can’t just move or outsource part of your business halfway across the world or even across the street and have no way of ensuring that it is being well run.

You put your hard-earned money in the bank for someone else to keep safe for you until you need it. You trust the bank but you would surely want to confirm that it’s all there.

You check your balance daily and look at transactions frequently to decipher if there are any illegitimate transactions. The bottom line, as President Ronald Reagan said: trust but verify.  It stands to reason that you should approach your business in the same way?

                                                                  Read More  

 



Impacts of Tennessee's Revision to Data Breach Notification   

By Gary Haney 

Mountain States Health Alliance Corporate Director, IT Security

David M. Brown reported on April 1, 2016 in Data Breach Notification Laws that the State of Tennessee has passed and received the Governor's signature on revisions to its breach notification requirements.  

This law goes into effect on July 1, 2016 and could have significant impacts to Tennessee businesses and others, especially if other states follow Tennessee with enacting stronger breach notification requirements.

Three of the changes to this law include: 1) a shorter notification timeframe, 2) the removal of "safe harbor" provisions for data encryption and 3) a change in the definition of "unauthorized person."  A fourth statement surrounding breach notification was already within the law, but it is worth repeating here.

Shorter Notification Timeframe -- A breach is now defined in § 47-18-2107(a)(1) of Tennessee State law, as "unauthorized acquisition of unencrypted computerized data that materially compromises the security, confidentiality or integrity of personal information maintained by the information holder."  Notification of the breach must occur within 45 days of discovery, whereas most Federal laws are 60 days.

                                                                                           Read More 

 

10 CISOs Say Cyber Insurance is Growing and Evolving, but Adoption Comes with Caveats

Ten CISOs from across industries share insight on the future of cyber insurance and tips for success.

10 CISOs Say Passwords are Failing and Must be Augmented or Supplanted

Ten CISOs from across industries weigh in on the effectiveness of passwords, with most predicting that the days are numbered for the password as the sole authentication method.

Security Current eBook 

A CISOs Guide to Principles of Data Privacy and Security
By David Sheidlower

 

The Best Security Control You Never Use

By John. J. Masserini

MIAX Options CSO

Consider for a moment the business lines that drive your company's revenue. If the president of that business unit had an 85% assurance that a new business venture would be successful, would they pursue it? Likely they would.

Neil Armstrong, one of America's greatest heroes, once commented that they had a 90% chance of returning safely to Earth but only a 50% chance of pulling off a successful Apollo-11 lunar landing - but yet we still went and achieved one of mankind's greatest missions.

So, if the experts on the Apollo team felt there was only a 50% chance of a successful lunar landing, and yet, we still accomplished this amazing feat, why wouldn't you leverage a security control that, by all accounts, has a 100% chance of an 85% reduction in attack surface?

Read more!

 

 

About securitycurrent | Privacy Policy | Subscribe to our newsletter