Steven Chabinsky is global chair of the Data, Privacy, and Cyber Security practice at White & Case LLP, an international law firm. He previously served as a member of the President’s Commission on Enhancing National Cybersecurity, the General Counsel and Chief Risk Officer of CrowdStrike, and Deputy Assistant Director of the FBI Cyber Division. He can be reached at chabinsky@whitecase.com.

Clear, Purge & Destroy: When Data Must be Eliminated, Part 2

Part 2 of a 2-part series on information disposal requirements

Steven Chabinsky

November 1, 2018

No Comments

Your mission, should you decide to accept it, is to implement a sound data sanititization program.

Clear, Purge & Destroy: When Data Must be Eliminated

Part 1 of a 2-part series on information disposal requirements

Steven Chabinsky

October 1, 2018

No Comments

Even at their most basic, information security programs are complex and include a seemingly endless combination of controls to detect, prevent and respond to data loss.

Bug Bounty Programs: An Emerging Best Practice

Steven Chabinsky

September 1, 2018

No Comments

Want to proactively detect and resolve cyber vulnerabilities? Maybe it's time to crowdsource your intelligence through a bug bounty program…

Managing Supply Chain Risk

Steven Chabinsky

July 1, 2018

No Comments

When NIST recently updated its Cybersecurity Framework, it added only one new core category: Supply Chain Risk Management (SCRM). Placed within the Framework’s “Identify” function, SCRM encompasses, but typically extends beyond, traditional vendor management approaches. That’s because the supply chain typically extends beyond suppliers to include other external parties, such as integrators and even third-party communications providers.

Revised NIST Cyber Security Framework - Security Magazine

5 Things You Need to Know about the Revised NIST Cybersecurity Framework

Steven Chabinsky

June 1, 2018

No Comments

To get you quickly up to speed, here’s a list of the five most significant Framework clarifications and revisions.

GDPR: Will Your Company Be Fine or Fined?

Steven Chabinsky

May 1, 2018

No Comments

The GDPR restricts how organizations can collect, use and retain personal data, and provides Europeans with certain rights to halt collection, and to obtain copies, correction and, at times, destruction of their data.

Is Your Vendor Risk Management Program Working?

Steven Chabinsky

April 1, 2018

No Comments

Companies remain on the hook for ensuring their vendors are up to task when it comes to cybersecurity, privacy compliance and continuity of operations. This checklist can help determine the maturity of your vendor risk management program.

Please Forget to Change Your Password Every 90 Days

It's Time to Rethink Password Management Best Practices

Steven Chabinsky

March 1, 2018

No Comments

Some of the most basic tenets of password account management have failed, leaving us with a dreadful combination of poor user experience and inadequate security.

Multi-Factor Authentication - Security Magazine

Multi-Factor Authentication Should Be HARD

Steven Chabinsky

February 1, 2018

No Comments

How difficult is it for a computer (or a complete stranger) to validate the true identity of a person they don’t know? Very difficult, it turns out, especially when others may be trying to imitate them.

The Top 12 Practices of Secure Coding

Steven Chabinsky

January 1, 2018

No Comments

The list provides a quick summary of the top 12 security practices to mitigate risks from internal and third-party software.

Workplace Violence Prevention Training Considerations for Healthcare Staff

This program will focus on the issue of workplace violence in the healthcare industry, current trends regarding violence rates, root causes for these behaviors and unique factors present in healthcare and social assistance environments which can cause such behaviors. Common factors in behaviors of concern, appropriate techniques for de-escalating conflict and the spectrum of workplace violence from intimidation to active assailant will be reviewed.

In today’s connected world, technology of all kinds are contributing to the transformation of hospitals and healthcare as we know it. The ability to identify and utilize these technologies in new and different ways is one factor that is separating the good hospitals from the great.

Poll

Recruiting Diverse Candidates

View Results

Poll Archive

Products

Effective Security Management, 6th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Security Magazine

2018 November

From duty of care to organized retail crime to C-Suite buy-in and more, a diverse set of challenges and goals are driving enterprise security leaders to build unique security solutions, programs and initiatives. Learn more about how sectors’ security challenges are evolving, which security executives are leading in their fields and what strategies they’re crafting in our annual Security 500 Report.

View More Subscribe

ARTICLES