Blue Cedar Networks is a newly launched startup focused on app security.
Blue Cedar’s Atlas Platform delivers military-grade app security and connectivity at massive scale, while still giving end-users consumer-grade “Tap & Go” access to your apps and data. Atlas has over 150 customers today, including some of the largest CPG, Telco, Financial Services, and Government agencies in the world.
By Farhaad Nero
Bank of Tokyo-Mitsubishi UFJ, Ltd., VP Enterprise Security
Try and do an information security risk assessment of a law firm your company uses.
Give them an InfoSec security questionnaire to fill out and request key information security documents. And if they host a lot of your sensitive data ask for a SOC2 report or even a penetration test report.
What are the chances you will not get a major push back? What about your right to audit? Can you come onsite and validate some key security controls?
By Christine Vanderpool
Molson Coors CISO and
By Dan Stern
Molson Coors Manager of Mobile Technology
Passwords are not a means of securing information. Bill Gates told us this in 2004, but it’s 2016 now and this time, we really mean it.
Gates’ reasoning was that passwords were just insufficient to protect the growing information field and the privacy of sensitive information.
The problem now is not that passwords are insecure - they are indeed insecure - but no one cares. The problem is password complexity.
By Dr. J.R. Reagan
Deloitte Touche Tohmatsu Limited (DTTL) CISO
Who knows you better than your smart phone? Your family? Maybe. Your colleagues? Perhaps. Your dog? Almost certainly—but that could change very soon.
For many of us, our phones and other devices—smart watches, tablets, laptops—are privy to our deepest secrets.
Our devices may know, via the alarm we set, when we get up in the morning, and, if we have
a sleep-tracking app, when we go to bed at night. They may also store information on nearly everything we do, think, and even feel, from the emails we send and receive to the purchases we make, to the contours of our fingerprints. It’s all faithfully recorded for our eyes only—until our device is lost or stolen.
By Pritesh Parekh
It’s impossible to build out a really strong IT security program without the solid foundation of a great security team. Pritesh Parekh, VP and CSO of Zuora, winner of the 2016 SC Magazine Award for Best Security Team, shares his best practices for structuring, hiring and managing a high-performing security team that will effectively execute on your security roadmap.
Here are the essentials for building a cohesive team that continually rises to the challenge of protecting your company:
#1: Building your security strategy
#2: Defining the key functional areas of your security program
#3: Staffing your security team
#4: Creating and managing your security roadmap
#5: Integrating the security function with the rest of your organization
#6 Measuring your security controls
Ten CISOs from across industries share insight on the future of cyber insurance and tips for success.
Ten CISOs from across industries weigh in on the effectiveness of passwords, with most predicting that the days are numbered for the password as the sole authentication method.
A CISOs Guide to Principles of Data Privacy and Security
By David Sheidlower
By Randy Marchany
Virginia Tech CISO
Glenn Fink, a security researcher at Pacific Northwest Labs, did a presentation called the “Internet of Cows” at a recent IEEE conference where he showed how dairy farming has become an automated, internet accessible business process.
He took the discussion one step further by saying that cows make great human surrogates in the privacy debates surrounding IoT. He showed how data from almost every single biological process of a cow (health, reproduction, location, sounds) is monitored by IoT.
Analysis of herd data allows farmers to predict the health of a cow, the optimum time for reproduction and milk production. He maintained that cows don’t object to this type of management and therefore, this is why they are well suited to study the effects of intrusive monitoring.