Steven Chabinsky is global chair of the Data, Privacy, and Cyber Security practice at White & Case LLP, an international law firm. He previously served as a member of the President’s Commission on Enhancing National Cybersecurity, the General Counsel and Chief Risk Officer of CrowdStrike, and Deputy Assistant Director of the FBI Cyber Division. He can be reached at chabinsky@whitecase.com.

Who's Responsible for Cloud Security?

Cloud security is a shared responsibility. Consider these three key questions before outsourcing.

Steven Chabinsky

December 1, 2018

No Comments

If your company relies upon third-party cloud providers to support or deliver core services, or to protect sensitive data, it’s crucial to understand that cloud security is a shared responsibility.

Clear, Purge & Destroy: When Data Must be Eliminated, Part 2

Part 2 of a 2-part series on information disposal requirements

Steven Chabinsky

November 1, 2018

No Comments

Your mission, should you decide to accept it, is to implement a sound data sanititization program.

Clear, Purge & Destroy: When Data Must be Eliminated

Part 1 of a 2-part series on information disposal requirements

Steven Chabinsky

October 1, 2018

No Comments

Even at their most basic, information security programs are complex and include a seemingly endless combination of controls to detect, prevent and respond to data loss.

Bug Bounty Programs: An Emerging Best Practice

Steven Chabinsky

September 1, 2018

No Comments

Want to proactively detect and resolve cyber vulnerabilities? Maybe it's time to crowdsource your intelligence through a bug bounty program…

Managing Supply Chain Risk

Steven Chabinsky

July 1, 2018

No Comments

When NIST recently updated its Cybersecurity Framework, it added only one new core category: Supply Chain Risk Management (SCRM). Placed within the Framework’s “Identify” function, SCRM encompasses, but typically extends beyond, traditional vendor management approaches. That’s because the supply chain typically extends beyond suppliers to include other external parties, such as integrators and even third-party communications providers.

Revised NIST Cyber Security Framework - Security Magazine

5 Things You Need to Know about the Revised NIST Cybersecurity Framework

Steven Chabinsky

June 1, 2018

No Comments

To get you quickly up to speed, here’s a list of the five most significant Framework clarifications and revisions.

GDPR: Will Your Company Be Fine or Fined?

Steven Chabinsky

May 1, 2018

No Comments

The GDPR restricts how organizations can collect, use and retain personal data, and provides Europeans with certain rights to halt collection, and to obtain copies, correction and, at times, destruction of their data.

Is Your Vendor Risk Management Program Working?

Steven Chabinsky

April 1, 2018

No Comments

Companies remain on the hook for ensuring their vendors are up to task when it comes to cybersecurity, privacy compliance and continuity of operations. This checklist can help determine the maturity of your vendor risk management program.

Please Forget to Change Your Password Every 90 Days

It's Time to Rethink Password Management Best Practices

Steven Chabinsky

March 1, 2018

No Comments

Some of the most basic tenets of password account management have failed, leaving us with a dreadful combination of poor user experience and inadequate security.

Multi-Factor Authentication - Security Magazine

Multi-Factor Authentication Should Be HARD

Steven Chabinsky

February 1, 2018

No Comments

How difficult is it for a computer (or a complete stranger) to validate the true identity of a person they don’t know? Very difficult, it turns out, especially when others may be trying to imitate them.

2019 State of Organizational Resilience Report: Global Trends, Data and Analysis

Critical events can vary widely in type and size – from natural disasters to workplace violence – and a drawn-out response can lead to significant operational losses, brand damage, and concerns for health and safety. Organizational Resilience is the ability to identify, prepare for, and resolve these critical events, which is a vital trait for any mature institution.

The 2019 Security 500 Report will unveil the top 10 trends CSOs and enterprise security executives are facing today and how each of them could impact the enterprise’s global reputation with the public, governments and business partners.

Poll

Emergency Communications

View Results

Poll Archive

Products

Effective Security Management, 6th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Security Magazine

2019 November

This month, Security magazine brings you the Security 500 Report, Rankings and Thought Leader Profiles. How does your enterprise compare to others? Which security programs are leading the way? Also this month, we highlight artificial intelligence, ransomware attacks, vaping and cybersecurity regulations.

View More Create Account

ARTICLES