Upcoming Events:

Security Shark Tank Vendor Spotlight 

Skyport Systems mission is to deliver a simple and effective secure-computing platform for enterprise applications.   

               Read More  

PODCAST: Encryption and Backdoor Access: A Conversation with a CISO

Greg Schaffer, FirstBank VP and Information Security Officer Speaks with Security Current's Vic Wheatman 

Encryption is fundamental to business today. But encryption also allows evildoers to plan nefarious criminal or terrorist acts.  Law enforcement, intelligence agencies and political interests have proposed "back doors" to enable them to do their jobs.  Shades of the cryptographic device, The Clipper Chip and the Skipjack algorithm!  Look it up!

CISOs need to work with stakeholders to find the right balance between their responsibilities in protecting sensitive data and cooperation with law enforcement and Homeland Security.  These and other  issues are discussed  in this conversation between Security Current's Vic Wheatman and Greg Schaffer, FirstBank VP and Information Security Officer.  

                                                                  Listen Now  

A CISOs Role in Cyber Security Insurance Decision

By Mike Molinaro
BioReference Laboratories Inc., CISO 

In the insurance business, it’s all about the “policy,” and finding the right policy is akin to modern day horse trading. It’s important to understand the specifics of your coverage in order to ensure there are no gaps that could surprise you later.

The latest insurance product to hit the market is cyber insurance, and the need to fully understand these policies is no different. Insurance carriers underwrite cyber policies that cover liability related to data breaches and major security incidents, which can be costly to identify, contain, resolve and recover. 

                                                                  Read More  

Never Say Never: US and EU Come to Agreement on New Framework

By David Cass
VP & CISO ​IBM Cloud & SaaS 

My mom always told me to never say never, so it's a good thing I didn't say it in my previous article. Although technically the deadline was January 31, there was a very remote possibility of a last minute agreement as the negotiations continued between the U.S. and the European Commission regarding the future of Safe Harbor.  

It was announced today that the two groups did reach an agreement on a new framework to govern the way European data is collected, processed and transmitted by U.S.-based companies.

This next generation program is called Privacy Shield. I think we were all betting on it being called Safe Harbor 2.0? That’s probably the techie in me escaping.

                                                                  Read More  

 

10 CISOs Say Passwords Are Failing and Must Be Augmented or Supplanted

Ten CISOs from across industries weigh in on the effectiveness of passwords, with most predicting that the days are numbered for the password as the sole authentication method.

They see enterprises moving to augment or supplant the traditional password with advanced technologies, such as biometrics.

Frank Bradshaw, Valley Health CISO
The days of the password serving as a viable method of identification are behind us. 

Chris Bullock, Aaron’s, Inc. CISO
Passwords are about as sexy as locking the front door of your house before you leave for work however, that being said, both are still a rudimentary and necessary instrument of security.

Jonathan Chow, Live Nation Entertainment CISO
The death of passwords as we know them today is probably over-stating it – for better or worse, I think we’ll be using passwords for a long time to come.

Michael Dent, Fairfax County CISO
As much as C-level executives would like to eliminate the use of passwords altogether, the reality is this is not happening.

Nikk Gilbert, ConocoPhillips Director of Global Information Protection and Assurance
Passwords are as useful as floppy disks just before their extinction, but to date, we have yet to find a viable solution to replace them.

John J. Masserini, MIAX Options CSO
Believe it or not, security people hate passwords more than the users do.

Pritesh Parekh, Zuora VP and CSO
Weak passwords top the list of the most common reasons for data breaches.

Jim Routh, Aetna CISO
With each newly announced data breach, most enterprises have done little to eliminate passwords as the primary method of authenticating individuals.

Hussein Syed, Barnabas Health CISO
Passwords are a growing target of hackers who are continually advancing their techniques, from phishing onwards, to crack them.

Christine Vanderpool, Molson Coors CISO
Standard multi-use passwords, the ones we use on a daily basis for almost everything in our lives, are archaic and ineffective at achieving their goal of proving one’s identity.                                                                                      

                                                     Read Their Complete Insights Here 

 

Security Shark Tank

Leading CISOs Hear from Emerging Companies at the Upcoming Security Shark Tank

CISO Buying Trends Approaches and Considerations

Vic Wheatman Speaks with Gartner on their Bi Annual CISO Buying Trends Survey

Security Current eBook 

A CISOs Guide to Principles of Data Privacy and Security
By David Sheidlower

 

A CISO Checklist: 11 Reasons to Avoid the Cloud

By Farhaad Nero 
Bank of Tokyo-Mitsubishi UFJ, Ltd., VP Enterprise Security

Recall these 2 famous quotes:

“The horse is here to stay but the automobile is only a novelty – a fad.” Michigan Savings Bank president advising Henry Ford’s lawyer, Horace Rackham, not to invest in Ford Motor Company (1903).

“There is no reason anyone would want a computer in their home.” Ken Olson, president, chairman and founder of Digital Equipment Corp (DEC), the maker of big business computers, arguing against the PC (1977).

These are but a few examples of when experts have dismissed technologies that now are integral parts of our daily lives, and as some would say, make up the very fabric of our existence.

Read More 

 

 

About securitycurrent | Privacy Policy | Subscribe to our newsletter