CISO Platform's Blog – June 2020 Archive (31)

Data Privacy and Biometrics

[Posted on Behalf of Steve King,  Director, Cybersecurity Advisory Services at Information Security Media Group (ISMG) ]

Biometrics, while an element of data security, is a unique attribute that should be treated in an extraordinary fashion.



Passwords and MFA data are useful to attackers, but facial, retina and fingerprint scans open a whole new world of threat.



DNA is also coming soon.



It is…

Continue

Added by CISO Platform on June 23, 2020 at 2:19pm — No Comments

Management in time of AI and ML

[Posted on Behalf of Rajeev Shukla, Founder and CEO, Castellum Labs] 

The world around you is altering in irrevocable ways. Software/s is eating the whole sectors, not just the jobs, anymore. Within next decade, "The Enterprises" and "The Jobs", will take on a very different meaning. Some key questions ... !



How and what will be job profile of the future?

What would it mean for people who are to manage…

Continue

Added by CISO Platform on June 17, 2020 at 5:18pm — No Comments

19 Things I followed in 2019 & continue to...

[Posted on Behalf of Archie Jackson, Senior Director and Head of IT & IS Incedo Inc]
C>O>P>I>S: Customer is the center of the universe. Everyone around us are customers tangibly or intangibly, including self. 


Solve Problems: Be the problem solver. If you think you can solve a problem, do not hesitate.... dive in and attempt. 


Compete with self: Local competitions are underestimation. We are a small dot in the entire…
Continue

Added by CISO Platform on June 17, 2020 at 5:14pm — No Comments

Can I Have Decent Detection and Visibility on a Badly Managed Network?

[Posted on Behalf of Anton Chuvakin, Security Strategy - chronicle Google]

Let me ask you this: do smaller businesses (say, SMBs) get more security vendor lies than large enterprises? My past analyst experience certainly seems to suggest so. When I was an analyst, the most ridiculous claims, the craziest “features” and the sleaziest marketing decks were most often seen from the vendors that target just such businesses. The word “target” here is…

Continue

Added by CISO Platform on June 17, 2020 at 5:08pm — No Comments

Who will pay for your cyber liabilities?

[Posted on Behalf of Pushkal Mishra AVP IT & CISO HDFC ERGO Health Insurance Ltd)

The 2019 edition of Symantec threat report reveals that:



- One in 10 URLs are malicious



- More than 70 million records stolen from poorly configured *S3 buckets



- 56% rise in web attacks with an average of 4,800 websites compromised each month



- Enterprise *ransomware up by…

Continue

Added by CISO Platform on June 17, 2020 at 5:04pm — No Comments

The CISO Job and Its Short Tenure

[Posted on Behalf of Gary Hayslip,  CISO Softbank Investment advisor]



Recently, I have written and spoken on the subject of CISO burnout. I have stated my belief that the job is maturing so fast, it's harming many of the security professionals who serve in its varied positions. While speaking about this subject and the importance of self-care for security professionals to manage their stress, I also found another topic that is of great…

Continue

Added by CISO Platform on June 17, 2020 at 5:01pm — No Comments

Are you working from home?

[Posted on Behalf of Pushkal Mishra, AVP IT & CISO HDFC ERGO Health Insurance Ltd.]
While the world is battling with COVID-19, Information security professionals have a double duty to do.



1. Take all the precaution to keep the Coronavirus away on the personal front



2. Manage the IT risks that come along while facilitating Work From Home (WFH) for the organizations they work for



Let’s focus on point No. 2 here. With COVID-19, the…
Continue

Added by CISO Platform on June 15, 2020 at 8:10pm — No Comments

AI in Cybersecurity? Closing In

[Posted on Behalf of Steve King, Director, Cybersecurity Advisory Services at Information Security Media Group (ISMG) ]

"AI Needs to Understand How the World Actually Works"

On Wednesday, February 26th, Clearview AI, a startup that compiles billions of photos for facial recognition technology, said it lost its entire client list to hackers.



The company then quickly stated that it has patched the unspecified flaw…

Continue

Added by CISO Platform on June 15, 2020 at 6:18pm — No Comments

METT-T for the Information Security Leader

[Posted on Behalf of Dennis Leber Cybersecurity Executive | CISO | Board Member | Educator | Speaker | Author ]

METT-T is an acronym for planning patrol mission utilized by the US Marine Corps. This acronym is also very useful when applied to planning Information Security.



Let 's take a look at each part, and apply that to our Information Security.



M is Mission; the mission is at the…

Continue

Added by CISO Platform on June 15, 2020 at 6:11pm — No Comments

Growing at the rate of Learning

[Posted on Behalf of Subbu Iyer, Founder & chief designer architect  Hreemm] 

An emperor was once gifted two baby peregrine falcons. These species are known for their speed and predatory skills. He summoned the best trainer in his kingdom and handed them over to see them achieve their potential. After two months, the trainer demonstrated one of the falcons to have achieved its zenith in skills but the second one refused to leave the tree. The trainer lamented…

Continue

Added by CISO Platform on June 15, 2020 at 5:58pm — No Comments

I’m a CISO, what’s next?

 [Posted on Behalf of Gary Hayslip CISO Softbank Investment advisor]



Over the years in my career, I have heard some variation of this question from many of my peers. Usually, the discussion starts over a cold beverage as we catch up and discuss how our current roles and the companies we work for have issues, note to the reader everyone has issues, and that leads to the inevitable “now what, is there something else?” Basically, they have…

Continue

Added by CISO Platform on June 15, 2020 at 5:56pm — No Comments

No Margin for Error: Inside the Mind of an Accomplished Hacker

[Posted on Behalf of Steve King, Director, Cybersecurity Advisory Services at Information Security Media Group (ISMG) ]

Why did the CapitalOne hacker do what she did?



Following forensic analysis related to the Capital One breach, a spokesperson for the bank claimed that the data has not been compromised for fraudulent or monetary purposes, saying, "Based on our analysis to date, we believe it is unlikely that the information was…

Continue

Added by CISO Platform on June 15, 2020 at 5:32pm — No Comments

Information Security Service Management (ISSM)

[Posted on Behalf of Dennis Leber Cybersecurity Executive | CISO | Board Member | Educator | Speaker | Author ]
It's time for IS Service Management

IT Service Management (ITSM) is nothing new to the Information Technology realm. I propose now is the time to apply Customer Service (Service Management) to Information Security programs.



According to a study by CIOinsights.com, ITSM improves the internal users experience, improves governance, and…
Continue

Added by CISO Platform on June 11, 2020 at 3:49pm — No Comments

Coronavirus in the Dark

[Posted on Behalf of Steve King, Director, Cybersecurity Advisory Services  Information Security Media Group (ISMG) ]

So, yes. It is now very clear that the outbreak of the COVID-19 virus and the concomitant investor panic leading to a rapid collapse of the global financial system along with predictable social behavior has created what the Chinese like to call “interesting times”.



The Pandemic is already in the process of…

Continue

Added by CISO Platform on June 10, 2020 at 3:43pm — No Comments

Why does the world have to be the same again?

[Posted on Behalf of Subbu Iyer, Founder and chief Designer Hreemm]

Every other person is lamenting about world never ever going to be the same again. This of course references the current context of the Covid - 19 wringing its destruction on this planet. The most important truth we have to come to terms with is, the Covid - 19 did not seek to cause any destruction or kill people. We as a human race were in its way. Complacent and secure in our…

Continue

Added by CISO Platform on June 10, 2020 at 3:39pm — No Comments

Move to Cloud: A Chance to Finally Transform Security?

[Posted on Behalf of Anton Chuvakin, Security strategy chronicle , Google]

There is a lot of hilarity in how some organizations move to the cloud. Today, there are many stories of people who “lift and shift” during the migration. As a result, they bring pre-cloud tools and pre-cloud thinking along with them — and of course their pre-cloud problems. Hence, they miss their chance to improve when they migrate. Note that all this persists despite the fact that…

Continue

Added by CISO Platform on June 9, 2020 at 2:46pm — No Comments

Universal Aspects of the Evolving CISO Role

[Posted on Behalf of Gary Hayslip,  CISO Softbank Investment advisor]

Currently, many of us security professionals are sheltered in place working from home, managing our security teams remotely as we help our organizations find their path forward in the new world COVID-19 has created. During this day-to-day grind, over the last eight weeks, I found time to discuss with peers how we believe our jobs as CISOs are adapting to meet the challenges of this…

Continue

Added by CISO Platform on June 9, 2020 at 2:44pm — No Comments

Are you following the basics of security?

[Posted on behalf of Dinesh Kumar Aggarwal Founder | CISO | Architect | Cyber Security Practitioner | Information Security Blogger & Speaker]

Every year, cyber security scenario is perky with new technologies, trends and vendors and yet year after year, hackers are still ahead of the game. Why is this so? Are we following the basics of security? Instead of talking about new technologies and trends, let us focus on the very basics of the security…

Continue

Added by CISO Platform on June 8, 2020 at 11:30pm — No Comments

Business Continuity Planning Made Simple

[Posted on behalf of Dennis Leber Cybersecurity Executive | CISO | Board Member | Educator | Speaker | Author ]

Business Continuity Planning (BCP) goes beyond Cybersecurity; however, cyber security leaders are often looked at to implement, lead, and design the BCP program.



BCP is the plan implemented when a disaster occurs. These disasters span natural disasters, cyber attacks, or simple power outages. Simply; the question is,…

Continue

Added by CISO Platform on June 8, 2020 at 11:00pm — No Comments

Comparing Major Crises To COVID-19: A Teachable Moment

[Posted on behalf of Steve King Director, Cybersecurity Advisory Services at Information Security Media Group (ISMG) ISMG]

Lessons from past financial crises might prepare us for the long and short-term effects of COVID-19 on the economy and the Cybersecurity ecosystem. Or, not.



The Dot-Com Bubble (2000-2002):



Investors so eager to invest at any valuation in any internet company they ignored traditional…

Continue

Added by CISO Platform on June 8, 2020 at 10:30pm — No Comments

FireCompass

Forum

CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by SACHIN BP SHETTY Apr 24. 1 Reply

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

[Please Suggest] Corona Virus: Security advisory for work from home

Started by CISO Platform. Last reply by Bhushan Deo Mar 20. 12 Replies

(question posted on behalf of a CISO member)Due to CORONA virus most of the organizations are allowing their employees to work form home.Has any one issued security advisory for work from home ?Continue

Tags: #COVID19

Follow us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service