We have some more Good Security News! Learn how the Guerrilla Mask Movement (GMM) provides critical masks directly to healthcare workers in dire need of protection as they deal with COVID-19 patients.
After 14 years of finding last-minute goalies, securing locker room doors, and trying to parcel out equal ice time to the skaters, I recently shed the captain’s “C” from the jersey of my recreational hockey team
When I speak with candidates who are either leaving government roles or actively looking for a new role, I am often asked what programs or courses related to cybersecurity they could take to improve their marketability.
Sun Tzu famously said, “all warfare is based on deception.” He could hardly have anticipated how his words would ultimately be substantiated—particularly in the tactics of today’s cybercriminals.
In recent years, Enterprise Risk Management has become increasingly focused on cybersecurity risks. While this focus on cyber is understandable, the current COVID crisis has demonstrated that the unpredictable nature of cascading risks requires viewing risk through a much wider risk aperture. One way forward to successfully navigate this new risk frontier is the establishment of a Risk Operations Center (ROC). The ROC enables enterprise and technology leaders to have the continuous monitoring they require to proactively mitigate all cyber issues. Additionally, it fully supports the CISO/cybersecurity leader's principal responsibilities identified by the HBR survey.
To address this current losing war with cyberattackers, the future of cybersecurity requires augmenting the current focus of “indicators of compromise” with “indicators of exposure & warning” in real-time. Where the measure would be to gauge the shift of incident management that would tilt on managing more incidents at warning stages than on compromise stages. It is imperative to build an AI engine to perform this very task as that would be the only way to perform in real-time, scale with the growing nature of cloud as well as to cover the evolving nature to attack scenarios.
As the head of information security for a technology company with more than a thousand (now mostly-remote) employees, the COVID-19 pandemic has been — among other adjectives — an educational experience. And while it hasn’t been completely smooth sailing, I believe one of the reasons we were able to transition so quickly to remote work with relatively few hiccups is that we established practices to withstand precisely this type of scenario long before the virus swept through our community.
RSS
