Equifax: Too Soon for Lessons Learned?
Body: I am sure most practitioners by now have probably heard about the Equifax breach. If you have not yet, get ready to hear about it nonstop—probably for the next year or 2 at least. Why? Because it...
View ArticleTracking Vulnerability Fixes to Production
Body: As an IT auditor at a software company, I discovered that security vulnerabilities in our bespoke product had not been getting released to clients on a timely basis. We had been doing penetration...
View ArticleSSH: Why You Need to Care
Body: Secure Shell (SSH) is everywhere. Regardless of the size, industry, location, operating systems in use or any other factor, chances are near certain (whether you know about it or not) that it...
View ArticleClik here to view.
The Future Looks Promising for Blockchain Technology
Body: Being a banker, I strongly consider blockchain technology to be a technology juggernaut that is going to transform the financial services sector by increasing transaction efficiency, transparency...
View ArticleExamining the “Compliant, Yet Breached” Phenomenon
Body: Most of us have gone through the shocking realization that compliance certification does not mean that our environment is secure. We are forced to remember that security and compliance are...
View ArticleClik here to view.
Why Privacy by Design Is a Stride Toward Consumercentric Design
Body: Data are emerging as forms of capital in every industry, and data are also the most coveted asset. The forces affecting business operations drive organizations to hunt and gather data, and, in...
View ArticleClik here to view.
The Darkest Moments of a Cybereclipse Are Best Examined Through a...
Body: Having experienced the excitement of a total solar eclipse, I now have an improved awareness of picking the right lens to make the experience worthwhile. Eclipses in the cyber landscape...
View ArticleSteps to Enforcing Information Governance and Security Programs
Body: In my recent Journal article, I covered how organizations can leverage information governance (IG) programs to enable change and instill a culture of security. With today’s reality of increasing...
View ArticleClik here to view.
The Risk of Third Parties
Body: I have developed a risk-based management approach to third-party data security, risk and compliance methodology and published it to provide process guidelines and a framework for enterprises’...
View ArticleClik here to view.
The Role of Certifications in the Hiring Process
Body: Without a doubt, the information security space is experiencing a dramatic increase in hiring. Finding qualified candidates is continuing to get more difficult, and the duties of managers are...
View ArticleCaught in the Act: Targeting Ransomware on the Wire
Body: Ransomware holds a tight grip on its victims and their most valuable data and is a global epidemic reaching all corners of the world. The most commonly used infection vectors used by ransomware...
View ArticleClik here to view.
My First Mobile Device
Body: I cannot remember the date at all (I think it was some time in the mid- to late ‘90s), but I can most certainly remember getting my first mobile (cell) telephone. The reason I remember it so well...
View ArticleCalculating Cloud ROI
Body: The past few years have changed how organizations perceive—and how they use—cloud technologies. If that sounds fairly obvious to you, it should. After all, the cloud has evolved significantly...
View ArticleClik here to view.
A Different Approach to Assurance
Body: Assurance is one of the most effective tools to support a risk management approach and framework. Effective risk management is essential to enable the operational success of an organization. In...
View ArticleClik here to view.
Krack Attack—Exploiting Wi-Fi Networks
Body: Recently, a vulnerability was discovered in the Wi-Fi Protected Access II (WPA2) protocol that secures most modern public protected Wi-Fi networks. This vulnerability is one that is affected by...
View ArticleClik here to view.
Twelve IoT Controls
Body: Not too far in the future, Internet of Things (IoT) devices will carry a white-goods-equivalent rating scale, similar to washing machines and refrigerators. Instead of being measured on energy...
View ArticleClik here to view.
Evolving Appreciation for Data Privacy
Body: My work as a systems integrator has allowed me to meet a large number of customers in various industries. It has given me the privilege of seeing various aspects of their businesses. At the very...
View ArticleClik here to view.
Prepare Your Substitutes
Body: According to Merriam-Webster, the first known use of the word backup was in 1910, and it has 3 distinct definitions. Not surprisingly, the last of these is the one that an ISACA audience will be...
View ArticleAuditing Data Security
Body: As auditors and security professionals, much of our focus is spent on the network perimeter. However, with the trifecta of porous perimeters, misconfigured cloud environments, and the enormous...
View ArticleCloudifying Malware: Understanding Cloud App Threats
Body: The adoption of cloud applications (apps) and services is accelerating unabated as organizations increasingly look to take advantage of the business, collaboration and productivity benefits these...
View Article
