Steven Chabinsky is global chair of the Data, Privacy, and Cyber Security practice at White & Case LLP, an international law firm. He previously served as a member of the President’s Commission on Enhancing National Cybersecurity, the General Counsel and Chief Risk Officer of CrowdStrike, and Deputy Assistant Director of the FBI Cyber Division. He can be reached at chabinsky@whitecase.com.

Who's Responsible for Cloud Security?

Cloud security is a shared responsibility. Consider these three key questions before outsourcing.

Steven Chabinsky

December 1, 2018

No Comments

If your company relies upon third-party cloud providers to support or deliver core services, or to protect sensitive data, it’s crucial to understand that cloud security is a shared responsibility.

Clear, Purge & Destroy: When Data Must be Eliminated, Part 2

Part 2 of a 2-part series on information disposal requirements

Steven Chabinsky

November 1, 2018

No Comments

Your mission, should you decide to accept it, is to implement a sound data sanititization program.

Clear, Purge & Destroy: When Data Must be Eliminated

Part 1 of a 2-part series on information disposal requirements

Steven Chabinsky

October 1, 2018

No Comments

Even at their most basic, information security programs are complex and include a seemingly endless combination of controls to detect, prevent and respond to data loss.

Bug Bounty Programs: An Emerging Best Practice

Steven Chabinsky

September 1, 2018

No Comments

Want to proactively detect and resolve cyber vulnerabilities? Maybe it's time to crowdsource your intelligence through a bug bounty program…

Managing Supply Chain Risk

Steven Chabinsky

July 1, 2018

No Comments

When NIST recently updated its Cybersecurity Framework, it added only one new core category: Supply Chain Risk Management (SCRM). Placed within the Framework’s “Identify” function, SCRM encompasses, but typically extends beyond, traditional vendor management approaches. That’s because the supply chain typically extends beyond suppliers to include other external parties, such as integrators and even third-party communications providers.

Revised NIST Cyber Security Framework - Security Magazine

5 Things You Need to Know about the Revised NIST Cybersecurity Framework

Steven Chabinsky

June 1, 2018

No Comments

To get you quickly up to speed, here’s a list of the five most significant Framework clarifications and revisions.

GDPR: Will Your Company Be Fine or Fined?

Steven Chabinsky

May 1, 2018

No Comments

The GDPR restricts how organizations can collect, use and retain personal data, and provides Europeans with certain rights to halt collection, and to obtain copies, correction and, at times, destruction of their data.

Is Your Vendor Risk Management Program Working?

Steven Chabinsky

April 1, 2018

No Comments

Companies remain on the hook for ensuring their vendors are up to task when it comes to cybersecurity, privacy compliance and continuity of operations. This checklist can help determine the maturity of your vendor risk management program.

Please Forget to Change Your Password Every 90 Days

It's Time to Rethink Password Management Best Practices

Steven Chabinsky

March 1, 2018

No Comments

Some of the most basic tenets of password account management have failed, leaving us with a dreadful combination of poor user experience and inadequate security.

Multi-Factor Authentication - Security Magazine

Multi-Factor Authentication Should Be HARD

Steven Chabinsky

February 1, 2018

No Comments

How difficult is it for a computer (or a complete stranger) to validate the true identity of a person they don’t know? Very difficult, it turns out, especially when others may be trying to imitate them.

This presentation will explore nine key cybersecurity habits, and will look at how you can use those habits to focus on changing behaviors in your security training. Join this session to tailor your approach to awareness training and have the greatest impact for all of your employees or customers.

Drones and Surveillance at MetLife Stadium

Unmanned aerial systems pose a legitimate threat to sporting events in America. The devices are not only becoming cheaper and easier to own, but technology has advanced to such a point that virtually anyone — hobbyist or terrorist — can fly one. MetLife Stadium is home of the New York Jets and New York Giants, in addition to numerous entertainment events and concerts each year.

Poll

Employee Background Screening

View Results

Poll Archive

Products

Effective Security Management, 6th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Security Magazine

2019 January

From building a Global Security Operations Center and more, learn how three enterprise security teams created and built GSOCs, and how they are using them to mitigate global risks. Learn more about why HR Professionals worry most about active shooters, how would you define security’s role, and more.

View More Subscribe

ARTICLES