Steven Chabinsky is global chair of the Data, Privacy, and Cyber Security practice at White & Case LLP, an international law firm. He previously served as a member of the President’s Commission on Enhancing National Cybersecurity, the General Counsel and Chief Risk Officer of CrowdStrike, and Deputy Assistant Director of the FBI Cyber Division. He can be reached at chabinsky@whitecase.com.

Who's Responsible for Cloud Security?

Cloud security is a shared responsibility. Consider these three key questions before outsourcing.

Steven Chabinsky

December 1, 2018

If your company relies upon third-party cloud providers to support or deliver core services, or to protect sensitive data, it’s crucial to understand that cloud security is a shared responsibility.

Clear, Purge & Destroy: When Data Must be Eliminated, Part 2

Part 2 of a 2-part series on information disposal requirements

Steven Chabinsky

November 1, 2018

Your mission, should you decide to accept it, is to implement a sound data sanititization program.

Clear, Purge & Destroy: When Data Must be Eliminated

Part 1 of a 2-part series on information disposal requirements

Steven Chabinsky

October 1, 2018

Even at their most basic, information security programs are complex and include a seemingly endless combination of controls to detect, prevent and respond to data loss.

Bug Bounty Programs: An Emerging Best Practice

Steven Chabinsky

September 1, 2018

Want to proactively detect and resolve cyber vulnerabilities? Maybe it's time to crowdsource your intelligence through a bug bounty program…

Managing Supply Chain Risk

Steven Chabinsky

July 1, 2018

When NIST recently updated its Cybersecurity Framework, it added only one new core category: Supply Chain Risk Management (SCRM). Placed within the Framework’s “Identify” function, SCRM encompasses, but typically extends beyond, traditional vendor management approaches. That’s because the supply chain typically extends beyond suppliers to include other external parties, such as integrators and even third-party communications providers.

Revised NIST Cyber Security Framework - Security Magazine

5 Things You Need to Know about the Revised NIST Cybersecurity Framework

Steven Chabinsky

June 1, 2018

To get you quickly up to speed, here’s a list of the five most significant Framework clarifications and revisions.

GDPR: Will Your Company Be Fine or Fined?

Steven Chabinsky

May 1, 2018

The GDPR restricts how organizations can collect, use and retain personal data, and provides Europeans with certain rights to halt collection, and to obtain copies, correction and, at times, destruction of their data.

Is Your Vendor Risk Management Program Working?

Steven Chabinsky

April 1, 2018

Companies remain on the hook for ensuring their vendors are up to task when it comes to cybersecurity, privacy compliance and continuity of operations. This checklist can help determine the maturity of your vendor risk management program.

Please Forget to Change Your Password Every 90 Days

It's Time to Rethink Password Management Best Practices

Steven Chabinsky

March 1, 2018

Some of the most basic tenets of password account management have failed, leaving us with a dreadful combination of poor user experience and inadequate security.

Multi-Factor Authentication - Security Magazine

Multi-Factor Authentication Should Be HARD

Steven Chabinsky

February 1, 2018

How difficult is it for a computer (or a complete stranger) to validate the true identity of a person they don’t know? Very difficult, it turns out, especially when others may be trying to imitate them.

Pandemics, Recessions and Disasters: Insider Threats During Troubling Times

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Industrial Cybersecurity: What Every Food & Bev Executive Needs to Know

ON DEMAND: There's a lot at stake when it comes to cybersecurity. Reputation, productivity, quality. Join us to discuss the future of your global security strategy and a path forward with trusted partners Cisco and Rockwell Automation, and turn your Food & Bev security challenges into strategic advantages that drive business value.

Poll

Who has ownership or primary responsibility of video surveillance at your enterprise?

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Steven Chabinsky

ARTICLES

Who's Responsible for Cloud Security?

Clear, Purge & Destroy: When Data Must be Eliminated, Part 2

Clear, Purge & Destroy: When Data Must be Eliminated

Bug Bounty Programs: An Emerging Best Practice

Managing Supply Chain Risk

5 Things You Need to Know about the Revised NIST Cybersecurity Framework

GDPR: Will Your Company Be Fine or Fined?

Is Your Vendor Risk Management Program Working?

Please Forget to Change Your Password Every 90 Days

Multi-Factor Authentication Should Be HARD

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.