Equifax: Too Soon for Lessons Learned?
Body: I am sure most practitioners by now have probably heard about the Equifax breach. If you have not yet, get ready to hear about it nonstop—probably for the next year or 2 at least. Why? Because it...
View ArticleTracking Vulnerability Fixes to Production
Body: As an IT auditor at a software company, I discovered that security vulnerabilities in our bespoke product had not been getting released to clients on a timely basis. We had been doing penetration...
View ArticleSSH: Why You Need to Care
Body: Secure Shell (SSH) is everywhere. Regardless of the size, industry, location, operating systems in use or any other factor, chances are near certain (whether you know about it or not) that it...
View ArticleThe Future Looks Promising for Blockchain Technology
Body: Being a banker, I strongly consider blockchain technology to be a technology juggernaut that is going to transform the financial services sector by increasing transaction efficiency, transparency...
View ArticleExamining the “Compliant, Yet Breached” Phenomenon
Body: Most of us have gone through the shocking realization that compliance certification does not mean that our environment is secure. We are forced to remember that security and compliance are...
View ArticleWhy Privacy by Design Is a Stride Toward Consumercentric Design
Body: Data are emerging as forms of capital in every industry, and data are also the most coveted asset. The forces affecting business operations drive organizations to hunt and gather data, and, in...
View ArticleThe Darkest Moments of a Cybereclipse Are Best Examined Through a...
Body: Having experienced the excitement of a total solar eclipse, I now have an improved awareness of picking the right lens to make the experience worthwhile. Eclipses in the cyber landscape...
View ArticleSteps to Enforcing Information Governance and Security Programs
Body: In my recent Journal article, I covered how organizations can leverage information governance (IG) programs to enable change and instill a culture of security. With today’s reality of increasing...
View ArticleThe Risk of Third Parties
Body: I have developed a risk-based management approach to third-party data security, risk and compliance methodology and published it to provide process guidelines and a framework for enterprises’...
View ArticleThe Role of Certifications in the Hiring Process
Body: Without a doubt, the information security space is experiencing a dramatic increase in hiring. Finding qualified candidates is continuing to get more difficult, and the duties of managers are...
View ArticleCaught in the Act: Targeting Ransomware on the Wire
Body: Ransomware holds a tight grip on its victims and their most valuable data and is a global epidemic reaching all corners of the world. The most commonly used infection vectors used by ransomware...
View ArticleMy First Mobile Device
Body: I cannot remember the date at all (I think it was some time in the mid- to late ‘90s), but I can most certainly remember getting my first mobile (cell) telephone. The reason I remember it so well...
View ArticleCalculating Cloud ROI
Body: The past few years have changed how organizations perceive—and how they use—cloud technologies. If that sounds fairly obvious to you, it should. After all, the cloud has evolved significantly...
View ArticleA Different Approach to Assurance
Body: Assurance is one of the most effective tools to support a risk management approach and framework. Effective risk management is essential to enable the operational success of an organization. In...
View ArticleKrack Attack—Exploiting Wi-Fi Networks
Body: Recently, a vulnerability was discovered in the Wi-Fi Protected Access II (WPA2) protocol that secures most modern public protected Wi-Fi networks. This vulnerability is one that is affected by...
View ArticleTwelve IoT Controls
Body: Not too far in the future, Internet of Things (IoT) devices will carry a white-goods-equivalent rating scale, similar to washing machines and refrigerators. Instead of being measured on energy...
View ArticleEvolving Appreciation for Data Privacy
Body: My work as a systems integrator has allowed me to meet a large number of customers in various industries. It has given me the privilege of seeing various aspects of their businesses. At the very...
View ArticlePrepare Your Substitutes
Body: According to Merriam-Webster, the first known use of the word backup was in 1910, and it has 3 distinct definitions. Not surprisingly, the last of these is the one that an ISACA audience will be...
View ArticleAuditing Data Security
Body: As auditors and security professionals, much of our focus is spent on the network perimeter. However, with the trifecta of porous perimeters, misconfigured cloud environments, and the enormous...
View ArticleCloudifying Malware: Understanding Cloud App Threats
Body: The adoption of cloud applications (apps) and services is accelerating unabated as organizations increasingly look to take advantage of the business, collaboration and productivity benefits these...
View Article
More Pages to Explore .....