Increasingly, a physical security director's role, the branch of computer security that is specifically related to the Internet, with issues involving fraud and the protection of transfer of data and a company's brand.
As security leaders gain increasing responsibility for cybersecurity, Security columnist John McClurg – Vice President and Ambassador-At-Large in Cylance’s Office of Security & Trust and former CSO at Dell; Vice President of Global Security at Honeywell International, Lucent Technologies/Bell
Laboratories – guides enterprise security executives through cybersecurity standards, frameworks, risks and management techniques.
As much of the world continues to hunker down at home in response to COVID-19, threat actors continue to find ways of exploiting the crisis to gather sensitive and valuable information from individuals. But while we’re busy making sure that our primary computers and cloud-based accounts are locked down, it’s often the devices we least suspect – our smartphones – that provide the opening that hackers need. The 2018 hacking of Jeff Bezos’s iPhone X, perhaps the most famous example of smartphone hacking, provides an important reminder that these most personal of devices should be used with appropriate caution, especially in this time of upheaval.
The National Security Agency released a Limiting Location Data Exposure Cybersecurity Information Sheet (CSI) to guide National Security System (NSS) and Department of Defense (DoD) mobile device users on how they might reduce risk associated with sharing sensitive location data.
The Cybersecurity and Infrastructure Security Agency (CISA) released the Cyber Career Pathways Tool, an interactive approach for current and future cybersecurity professionals to envision their career and navigate next steps within the NICE Cybersecurity Workforce Framework.
Today's challenging reality presents an opportunity for CISO’s to reevaluate the economics and efficiencies of their current infosec program. To do so, CISO’s must narrow their focus on maximizing their return on investments and shift to a risk-based prioritization strategy. No matter the situation, CISO’s are always expected to meet goals and drive results. Even though security professionals cannot reduce risk to zero, they can reduce risk significantly by first eliminating the most impactful risks facing their organization. Below, I discuss the four critical steps of leading an economical and efficient information security program while following a risk-based approach.
Countless businesses export data from the European Union to the United States. Does your human resources office have information on European employees? The sales department information on European clients? That is personal data. The question is if data exports can continue in the wake of the Court of Justice of the European Union’s (CJEU) ruling in the “Schrems II” case.
Before COVID, cybersecurity was a concern for businesses everywhere. In fact, in Microsoft’s 2019 Global Risk Perception Survey, 57 percent of companies ranked cybersecurity as a higher risk than economic uncertainty and brand reputation or damage. Looking ahead, what does all of this mean for the role of the Chief Information Security Officer (CISO)? Not only is it more important than ever before, but the role has shifted since the start of COVID.
Twenty years ago, almost everything in the IT world was on-premises: hardware and software, including the tools you used to verify who your users were and what they could do in your systems. In today’s cloud-native world, almost nothing is on-prem, and because of the explosion of apps, remote users and devices, it has become a considerably more complicated task, by orders of magnitude, to verify the identity of a user — or a service — and determine policies that say what they are and aren’t allowed to do.
Organizations need to evolve their thinking around cybersecurity to stay ahead of these changing threats. A holistic approach that effectively builds security into all infrastructure and processes from the ground up is cost-effective and necessary to safeguard valuable employee and customer data. This requires an overall shift in philosophy – and adopting the concept of security by design is a key first step.
ON DEMAND: The physical security industry adopts datacenter information technology in bits and pieces, but not to the extent possible. This prevents organizations from making strides in reducing costs and complexity, rapidly responding to change, and delivering on the prime security directives of keeping people and property safe.
ON DEMAND: The security ecosystem protects digital assets, physical assets, and people - the newly distributed workforce creates new and increased physical and cybersecurity risks. Situational and security awareness is a role every employee must play, and you’ll help get them there with awareness, cybersecurity hygiene and security practices that help keep company, employee and customer information safe.
The event will look at the in-car and off-board infrastructure cybersecurity policies, technologies, services, and products that will enable top OEMs and suppliers to strengthen their products’ defenses, mitigation, and resilience. Read More
Right now, in the pandemic environment, business leaders are balancing internal priorities – managing cost and impacts to productivity – with market and external priorities like government requirements, customer needs, and perceived standards of safety and health. Read More
This month in Security magazine, we examine how physical security leaders are being propelled into a unique position of revenue preservers and risk managers for their businesses. In addition, we profile Scott Ashworth, Director of Security for Atlanta United. Also, security leaders discuss how to develop cybersecurity careers, election security, data protection strategies, measuring and reporting security operations maturity and more!