CSO:CYBER

This week's episode of CISO/Security Vendor Relationship Podcast Why Don't Cybercriminals Attack When It's Convenient for Me? This week's episode is hosted by me, David Spark, producer of CISO Series and Mike Johnson. Our guest is Margarita Rivera, vp of information security, LMC. All three of us discussed: It's never TGIF for those who work in cybersecurity. Cybercriminals know when our guard is down and it's usually late on a Friday or just before a holiday. At these times, coworkers shift into half-work speed and half cybervigilance. It would be annoying to remind people every Friday to be on guard for cyberattacks, but it's worth it to remind your staff just before a big holiday. Show support for those still out of work. We talked about a very emotional post of someone who was suffering a six month streak of rejection. When rejection becomes that overwhelming, it can definitely cause one to start questioning whether you made the right decision to do wha...

A new issue of Intelligent CISO Issue 31 publication has been published. - Cloud sock - Spike in cloud attacks shows businesses were not prepared to work remotely. - Threat evolution - McAfee report explores how cybercriminals have exploited the pandemic. - Cyberthreat impact - Industry experts discuss the major cyberthreats to the North America region. - Safe Bet - Killian Faughnan, Group CISO at William Hill, discusses his role at the bookmakers and some of the driving factor behind its ambition to continuously strengthen its cybersecurity posture. - Infographic - Study reveals 94% of global organizations suffered one or more business-impacting cyberattacks. - Latest updates from North America and APAC. - Understanding Ransomware in the Enterprise. - What are the major cyberthreats to the North America Region? Read more: https://view.joomag.com/intelligent-ciso-issue-31/0252261001604323146?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb29tYWciLCJpYXQiOjE2MDQzMjQ2NjAsImV4cCI6...

This week's episode of Defense in Depth Leaked Secrets in Code Repositories This week's episode is hosted by me, David Spark, producer of CISO Series and Allan Alford. Our sponsored guest is Jérémy Thomas, CEO, GitGuardian. All three of us discussed: Putting passwords and other credential information inside of code simply happens. It is done by developers for purposes of efficiency, laziness, or simply forgot to take it out. Given that exposing secrets is done by developers, these secrets appear in code everywhere, most notably in public code repositories like GitHub. Exposed credentials can appear in SIEMS as it's being exported from the developers' code. There is a shared responsibility model and cloud providers do have some ability to scan code, but ultimately code you put in your programs is your responsibility. Scanning public code repositories should be your first step. You don't want to be adding code that has known issues. Next step is to scan your own code...

This week's episode of CISO/Security Vendor Relationship Podcast Can a Robot Be Concerned About Your Privacy? This week's episode is hosted by me, David Spark, producer of CISO Series and Mike Johnson. Our sponsored guest is Rebecca Weekly, senior director of hyperscale strategy and execution, senior principal engineer, Intel. All three of us discussed: Privacy as competitive advantage. For years, it seemed the corporate norm was to push users to relinquish their privacy for additional functionality. This would give the business more insight into user behavior to be able to sell more products. But now privacy is hip and something companies want to promote. For example, Apple is spending advertising dollars to promote their privacy controls. If you're creating an AI/ML engine, what information could be anonymized and/or thrown out after use? Lack of diversity didn't happen overnight. We're in this lack of diversity issue today because of years of ignoring it. That...

This week's episode of Defense in Depth Measuring the Success of Your Security Program This week's episode is hosted by me, David Spark, producer of CISO Series and Allan Alford. Our sponsored guest is Chad Boeckmann, CEO, TrustMAPP. All three of us discussed: The process is very systematic. Start with knowing your risks, how you're going to track them, and the controls you're going to put them in place to manage them. Simple to say, hard to do. Security risk is just one of a multitude risks a business faces. Data's whereabouts is a moving target. Having confidence in its location and protections is key to managing overall risk. Constantly be asking who has access to the data and what communications processes are you using to share that information between humans and machines. Discuss with leadership as to how you will judge success and what metrics you will use. C-suite will need to lead the discussion with security providing guidance as to what they can and can...

Privacy Is An Uphill Battle This week's episode of Defense in Depth This week's episode is hosted by me, David Spark, producer of CISO Series and Allan Alford. Our guest is Dave Bittner, host, The CyberWire Podcast. All three of us discussed: Marketers, the ones often collecting the data, have no incentive to not gather more. The only thing holding them back, barely, are newly growing privacy regulations. Security professionals are tasked with protecting privacy but they're not usually on the front lines of data collection and are often brought in after the data has been collected. The public has become numb to the abuse of their privacy. A little is being chipped away at the time that they either don't know they're being abused or it appears to be so slight they don't even care. They see the benefits of sharing far outweighing the negatives. GDPR is large and very difficult to comply with. And although it only affects site visitors from Europe, most site owner...

A new issue of Intelligent CISO Issue 30 publication has been published. - Secure automation - Experts discuss using automation technology securely for business - Rise in ransomware - Why creating a comprehensive cybersecurity and Disaster Recovery plan is a ‘Must have’ - Powering security - How to ensure score operations and manage risk in the energy supply chain - Remote Protection - Cyber trends - How to adapt to phishing trends and keep cybercriminals at bay - Infographic - 84% of businesses will likely increase WFH capacity beyond pandemic despite security concerns - Threats updates - Latest updates from across the globe, the UK and Europe - Editor’s question - What are the advantages for enterprises and how are such capabilities secure? - Predictive Intelligence - How to fight back against the rise of ransomware - Feature - Securing connections in the cloud and across IoT Devices Read more: https://view.joomag.com/intelligent-ciso-issue-30/0425437001601973540?token=eyJ0eXAiOiJKV...