Steven Chabinsky is global chair of the Data, Privacy, and Cyber Security practice at White & Case LLP, an international law firm. He previously served as a member of the President’s Commission on Enhancing National Cybersecurity, the General Counsel and Chief Risk Officer of CrowdStrike, and Deputy Assistant Director of the FBI Cyber Division. He can be reached at chabinsky@whitecase.com.

Who's Responsible for Cloud Security?

Cloud security is a shared responsibility. Consider these three key questions before outsourcing.

Steven Chabinsky

December 1, 2018

No Comments

If your company relies upon third-party cloud providers to support or deliver core services, or to protect sensitive data, it’s crucial to understand that cloud security is a shared responsibility.

Clear, Purge & Destroy: When Data Must be Eliminated, Part 2

Part 2 of a 2-part series on information disposal requirements

Steven Chabinsky

November 1, 2018

No Comments

Your mission, should you decide to accept it, is to implement a sound data sanititization program.

Clear, Purge & Destroy: When Data Must be Eliminated

Part 1 of a 2-part series on information disposal requirements

Steven Chabinsky

October 1, 2018

No Comments

Even at their most basic, information security programs are complex and include a seemingly endless combination of controls to detect, prevent and respond to data loss.

Bug Bounty Programs: An Emerging Best Practice

Steven Chabinsky

September 1, 2018

No Comments

Want to proactively detect and resolve cyber vulnerabilities? Maybe it's time to crowdsource your intelligence through a bug bounty program…

Managing Supply Chain Risk

Steven Chabinsky

July 1, 2018

No Comments

When NIST recently updated its Cybersecurity Framework, it added only one new core category: Supply Chain Risk Management (SCRM). Placed within the Framework’s “Identify” function, SCRM encompasses, but typically extends beyond, traditional vendor management approaches. That’s because the supply chain typically extends beyond suppliers to include other external parties, such as integrators and even third-party communications providers.

Revised NIST Cyber Security Framework - Security Magazine

5 Things You Need to Know about the Revised NIST Cybersecurity Framework

Steven Chabinsky

June 1, 2018

No Comments

To get you quickly up to speed, here’s a list of the five most significant Framework clarifications and revisions.

GDPR: Will Your Company Be Fine or Fined?

Steven Chabinsky

May 1, 2018

No Comments

The GDPR restricts how organizations can collect, use and retain personal data, and provides Europeans with certain rights to halt collection, and to obtain copies, correction and, at times, destruction of their data.

Is Your Vendor Risk Management Program Working?

Steven Chabinsky

April 1, 2018

No Comments

Companies remain on the hook for ensuring their vendors are up to task when it comes to cybersecurity, privacy compliance and continuity of operations. This checklist can help determine the maturity of your vendor risk management program.

Please Forget to Change Your Password Every 90 Days

It's Time to Rethink Password Management Best Practices

Steven Chabinsky

March 1, 2018

No Comments

Some of the most basic tenets of password account management have failed, leaving us with a dreadful combination of poor user experience and inadequate security.

Multi-Factor Authentication - Security Magazine

Multi-Factor Authentication Should Be HARD

Steven Chabinsky

February 1, 2018

No Comments

How difficult is it for a computer (or a complete stranger) to validate the true identity of a person they don’t know? Very difficult, it turns out, especially when others may be trying to imitate them.

With the coronavirus pandemic adding to an evolving set of risks to already challenged security operations and budgets, reducing enterprise risk is more complex than ever.

Risk impacts every organization, and critical events and can cripple your operations if they’re not properly managed. For organizations focused on risk resiliency, the command center is quickly becoming the operational hub of risk management within an organization: the nerve center for risk.

Poll

Emergency Communications

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Security Magazine

2020 April

This month in Security magazine: meet the global security team at Boston Scientific - five female professionals with diverse background and skills who are creating a best-in-class enterprise security team while ensuring the safety and security of employees, customers and patients. Also this month, we highlight Kristin Lenardson and her successful career in protective services. Security experts discuss whistleblowing, the CCPA and more.

View More Create Account

ARTICLES