CISO Journal


September 6, 2017

By David Sheidlower
CISO, Turner Construction

In my 10+ years as a CISO, I've noticed a trend that appears to only be increasing. What I have observed is a proliferation of job titles that rhyme with CISO. But rather than describing the Chief Information Security Officer, these new titles swap out the word “chief” and come up with something else to describe something different.

There’s the BISO, or Business Information Security Officer, who has some level of responsibility for a specific part of a firm’s business. They are expected to be part of the business unit they are responsible for. In other words, knowing the business is as important as knowing security.


July 10, 2017

By David Sheidlower

I have gone back and forth for a long time.  Should security be risk-centric or data-centric.  Outside of security professionals, you sometimes meet people who believe security should be compliance-centric and others who believe security should be audit-centric (which is a type of compliance-centrism). 

Certainly there used to be network-centric views of security but they have mostly eroded in the face of mobile devices and the rise of cloud applications.


July 4, 2017

By David Sheidlower
CISO

Security professionals feel no great joy in being right about patching.  The past two months have been a period of “I told you so” moments for anyone who has ever had to have the conversation with a sys  admin about the importance of patching. It’s been a long time for me but the memory lingers.)  


June 27, 2017

Daniel Conroy never expected to be a CISO.  He never expected to be in America.  He was a rugby playing, triathlon-competing lad from Ireland, who came to the United States for a brief stint with a semiconductor company, using his background as an electrical engineer.  Seventeen years later, Daniel, his wife and children are living in Stamford, Connecticut where he is a much sought after CISO in the industry. 


May 29, 2017

By Devon Bryan

"We drive into the future looking into our rear view mirrors" Marshall McLuhan

Notably absent from the dearth of ongoing blockchain conversations, is the cyber defenders perspective.  Perhaps the reasoning could simply be that thought-leaders feeding the blockchain hype cycle are opposed to having security types pouring cold water on their "1000 blockchain flowers blooming" conversations. 


April 13, 2017

By Roota Almeida
Head of Information Security – Delta Dental of NJ and CT

CISOs are often in a situation where the CEO or a Board member asks them, “Just how secure are we?” Or “Are we secure enough?”

These questions sound simple, but are quite difficult to answer accurately. The quick answer to the question would be, “We are more secure today than we were before and are constantly striving to be better and one step ahead of the bad guys.”


March 20, 2017

CISO Spotlight
Michael Mangold
Tractor Supply VP of Information

ISE® Southeast Executive Award Finalist

To Michael Mangold, the CISO of rural lifestyle retailer Tractor Supply Company, located outside Nashville, Tennessee, the most important skills for a CISO are not only technical.


March 19, 2017

By Henry Jiang
CISO and Managing Director at Oppenheimer & Co. Inc.

Recently, I posted a picture of a mind-map that I created just called "The Map of Cybersecurity Domains (v1.0)." The map was put together as a way to clear my head by fully immersing myself in the world of cybersecurity day-in and day-out for the past few years, and constant reminder that just how complex and vast the subject can be. 


March 12, 2017

By Joel Rosenblatt
Columbia University Director of Computer and Network Security

The first week of March in 2017 will be remembered as the time that AWS (Amazon Web Services) failed. The actual failure was in the Amazon Simple Storage Service (S3), but to the world in general, if your stuff was running in the Amazon cloud, it was not working.


January 27, 2017

By David Cass
Global CISO IBM Cloud & SaaS Operational Services

Each year brings more large-scale security and privacy breaches, leaving the general public questioning to what extent companies could be trusted with their sensitive information. Retail, health care, banking, entertainment, governments – no industry is left untouched. Security and privacy must remain top of mind within every organization as both are essential in safeguarding data, protecting brand image, and avoiding hefty fines and financial losses.


Page 1 of 22 : First   1 2 3 4 5 6 7 8 9 10 Last

The Human Factor: Gain new insight into the ways attackers exploit end-users' psychology​​

About Security Current | Privacy Policy | Subscribe to our newsletter