Attribution is often regarded as a primary goal within a cybersecurity investigation, but as John McClurg, CISO at Blackberry, explores here, conclusive attribution should at times exist as a secondary consideration - one abandoned if the ROI doesn't justify its expense.

In my December column, I ended with the observation that many CISOs struggle when it comes to first determining and then actually communicating the business value of the security options out there.

2020 heralds a few major shifts that will transform cybersecurity: ransomware attacks, artificial intelligence, facial recognition and mobile cybersecurity.

What is a Defense-in-Depth strategy, and why has it come to be acknowledged as Expense-in-Depth? How can CISO's communicate the business value of this strategy?

The Philosopher Hericlitus once opined – “You can’t step in the same river twice,” implying that no concept remains static but is always churning and evolving.

While VR and AR have different fortes, both enhance and accelerate experiential learning that can help manifest and reinforce a culture of cybersecurity across industries. It is technology implications like this that will help propel cybersecurity awareness into a state of mass awareness.

Anxious feelings towards facial recognition can, if unchecked, reach a point where they undermine common sense and our ability to leverage new technologies in the protection of the innocent and prosecution of the guilty.

On a recent trip to Australia, I appeared on a National morning news show. It wasn’t long until the hosts were trying to get me to weigh in on a debate that was then raging in their legislature.

The confluence of social media, digital mobile devices, sensors and location-based technology is generating unprecedented volumes of information about society and individuals.