The security industry is changing, as is the profile of a successful security executive. Maintaining the status quo is no longer an option, and ignorance of risks is no longer an excuse for not mitigating them. This topic in Security features game-changing security directors or industry leaders in different sectors. So who is breaking new ground in the security industry, making great strides forward in risk management while better supporting the enterprise as a whole? If you know someone (or are someone) who fits this bill – let us know! Send your recommendations and suggestions for future Profiles in Excellence to Security Managing Editor Claire Meyer at firstname.lastname@example.org.
Our personal and business lives have been forever transformed to the digital age, and has significantly and forever redefined business risk. But it also creates entirely new business opportunities that demand responsive business models.
When California Governor Jerry Brown signed Senate Bill 327 on September 28, California became the first state to enact legislation expressly governing cybersecurity measures that must be employed by manufacturers of Internet-connected “smart” devices, collectively known as the Internet of Things (IoT). The law, to be codified at California Civil Code Sections 1798.91.04–06, became effective on January 1, 2020.
As technologies and laws continue to evolve, and more people move into urban centers, cities are looking for ways to become smarter – and safer. Today, more than half of the world’s population lives in an urban area. It is predicted that by 2030, our planet will have 41 mega-cities with more than 10 million inhabitants each. After all, a successful city attracts businesses, fosters innovation and provides incredible opportunities for its citizens. But how do we construct and manage cities so that everything, and everyone, flows smoothly today and in the future? How can we ensure that cities are resilient and continue to succeed as they grow?
The Mass Shooting Tracker reported that in 2019 there were 374 mass shootings in the U.S. Given this reality, it is essential to take all possible steps to protect your employees and visitors from harm. It should be a core requirement of every organization’s security plan to give serious consideration to how they will thwart an active shooter. Putting a security plan in place to guard against on-site violence begins at the perimeter, and security entrances are a strong first line of defense against the threat of an active shooter.
Taking place across the U.S. and the world, cybersecurity conferences can offer unique opportunities for cybersecurity professionals, such as hands-on workshops, networking and certifications. They also provide cybersecurity leaders with greater security awareness of threats, tactics and best practices needed to effectively thwart attacks on the systems and assets they protect. Here, Security brings you a list of the top 20 cybersecurity conferences in the U.S. in 2020.
Back away from the snooze button. This is a $29 million wake-up call you can’t afford to miss. In January 2019, Yahoo’s board agreed to pay the enormous $29 million settlement to its shareholders as the result of cyberattacks that compromised three billion Yahoo user accounts. It was the first time shareholders had successfully held a company responsible for data breaches. And it is a loud warning to corporate boards that they must start paying attention to cyber risks. But are they?
ON DEMAND: With so many recent high-profile breaches accomplished through compromising passwords on privileged accounts, Privileged Access Management is now everyone’s priority (Gartner puts it at the top of their “Top Security Projects” list for 2 years in a row). But where do you start? And how do you know which PAM solution will work best to protect your organization without sacrificing productivity?
ON DEMAND: In today's tumultuous global climate, where corporations span countries and employee travel is essential to doing business, crises are inevitable. This is why corporate security teams must always be ready for the unexpected and have procedures and plans in place to respond quickly and efficiently. A lag in crisis response or an ineffective response can cost money, resources, and even lives.
ON DEMAND:A critical event is defined as an incident that disrupts normal operations, such as severe weather, crime, violence and critical equipment or technology failures. Business continuity and crisis response plans can only go so far if there isn't buy-in across functions, with executive-level support.
ON DEMAND: From extreme weather to cyberattacks to workplace violence, every organization will experience at least one, if not multiple, critical events per year. And in today’s interconnected digital and physical world, the cascading safety, brand, and revenue impacts of critical events are more severe. Organizations need to be prepared through a unified and rapid response to these events.
ON DEMAND: The current novel coronavirus (2019nCov) outbreak has been spreading across the globe infecting thousands of people in dozens of countries. This has created anxiety around the globe, affected company supply chains and caused The World Health Organization to enact the Public Health Emergency of International Concern (PHEIC) designation for only the sixth time since 2005.
This month, Security magazine highlights John McClurg, Senior VP and CISO at Blackberry, and the evolving role of the CISO. Also, we highlight Tim McCreight, Acting CSO for the city of Calgary, Alberta, and discuss if civilians can truly Stop the Bleed and how to calculate ROI for better security. Industry leaders discuss public references and their impact on security careers, information security frameworks and convergence trends in 2020.