Chief Security Officers (CSOs) are charged with protecting an organization’s assets and people. Like all corporate functions, the design of this department will vary greatly depending upon the organization. However, the process by which a program is designed, measured and evaluated has some consistent principles across different industries. This series explores how to make your physical security program more strategic, and how to secure funding for this objective.
Studies and surveys consistently show that cybersecurity and data protection is one of the top five concerns of internal auditors, who worry that their organizations lack the internal resources to deal with security risks. On January 1, 2020, the California Consumer Privacy Act (CCPA) became effective, requiring new data privacy measures at most US organizations. Yet it is estimated that less than 10 percent are fully prepared for compliance with CCPA. Unfortunately, in this case, ignorance is not bliss and may result in hefty fines.
Retailers today face a number of security challenges, including shoplifting, shrink and theft at the point of sale, protecting the premises after hours, slip and fall lawsuits and much more. Adding complexity to the security challenge is that retailers face these threats in a variety of locations within stores, each of which comes with its own unique requirements. Today’s flexible, intelligent surveillance cameras offer a variety of form factors and capabilities that allow them to address the range of security and operational challenges.
When California Governor Jerry Brown signed Senate Bill 327 on September 28, California became the first state to enact legislation expressly governing cybersecurity measures that must be employed by manufacturers of Internet-connected “smart” devices, collectively known as the Internet of Things (IoT). The law, to be codified at California Civil Code Sections 1798.91.04–06, became effective on January 1, 2020.
As technologies and laws continue to evolve, and more people move into urban centers, cities are looking for ways to become smarter – and safer. Today, more than half of the world’s population lives in an urban area. It is predicted that by 2030, our planet will have 41 mega-cities with more than 10 million inhabitants each. After all, a successful city attracts businesses, fosters innovation and provides incredible opportunities for its citizens. But how do we construct and manage cities so that everything, and everyone, flows smoothly today and in the future? How can we ensure that cities are resilient and continue to succeed as they grow?
The Mass Shooting Tracker reported that in 2019 there were 374 mass shootings in the U.S. Given this reality, it is essential to take all possible steps to protect your employees and visitors from harm. It should be a core requirement of every organization’s security plan to give serious consideration to how they will thwart an active shooter. Putting a security plan in place to guard against on-site violence begins at the perimeter, and security entrances are a strong first line of defense against the threat of an active shooter.
Taking place across the U.S. and the world, cybersecurity conferences can offer unique opportunities for cybersecurity professionals, such as hands-on workshops, networking and certifications. They also provide cybersecurity leaders with greater security awareness of threats, tactics and best practices needed to effectively thwart attacks on the systems and assets they protect. Here, Security brings you a list of the top 20 cybersecurity conferences in the U.S. in 2020.
Back away from the snooze button. This is a $29 million wake-up call you can’t afford to miss. In January 2019, Yahoo’s board agreed to pay the enormous $29 million settlement to its shareholders as the result of cyberattacks that compromised three billion Yahoo user accounts. It was the first time shareholders had successfully held a company responsible for data breaches. And it is a loud warning to corporate boards that they must start paying attention to cyber risks. But are they?
There seems to be a consensus for advocates of private Internet use that encryption is a good thing, and that encryption of DNS is needed to prevent network operators from gaining visibility into the sites and services their users lookup (and then visit). Two protocols have been created to achieve this encryption: DNS over TLS (DoT) and DNS over HTTPS (DoH). While both offer encryption of DNS data using the same TLS protocol, there are some very important differences: