Tag: CISO

Certificate revocation is an important, if ill understood, part of enterprise security. In this three-part blog series, I’ll explore why we need it, how you do it, and strategies for maximizing the benefits you get for it. Certificates Everywhere The use of digital certificates is growing exponentially. In particular, the move to a fully encrypted…

Read More

Any CISO who’s been around the block understands Erik’s words. So, let’s roll up our sleeves and get started by understanding the scope of the problem. Understand Needs The first step in any security project is to be sure you have a clear inventory of your asset and applications. Everything flows from them. For most,…

Read More

Most blogs are written in the first person, and this one is for a particular reason. I myself am half Filipino, have had transactions with Filipino government systems, and I am also a security expert. So, my personal insight may be more useful and impactful than a corporate statement. The 2018 Philippine Identification System Act,…

Read More

Nothing makes security look worse than the false negative – when we miss an attack and damage is suffered. As security professionals, it’s something we all obsess a lot about. However, the number two thing that makes us look bad is the false positive. We experience this all the time in the physical world. A…

Read More

Released as open-source software in 2009, Bitcoins are created as a reward for a process known as mining and can be exchanged for other currencies, products, and services. Much has been discussed about its robustness, so, could the notion that a 51% attack on a blockchain could move from ‘theoretical’ to ‘possible’? Read the full…

Read More

In July 2018, F5 released its first annual Application Protection Report. As part of the report, F5 commissioned Ponemon to survey of 3,135 IT security practitioners across the world. The survey collected information about respondent’s application security processes. A key question asked for respondents to name their organization’s primary owner of application risk. In theory,…

Read More

As the world’s ongoing conversion to the digital realm continues, the risks involved with protecting sensitive information will only intensify. For security teams, this means expanding your view of risk and considering factors outside your company when evaluating potential motivations for a breach. Companies have to keep an eye on current events in ways that…

Read More

Managing cybersecurity and protecting the business should be a team effort, so don’t let your CISO become the easy scapegoat when things go wrong. Source link lol

Read More

IoT attacks, budget shortfalls, and the skills gap are among the problems keeping security pros up at night. The world of cybersecurity gets more intriguing every year. In 2017, security professionals saw their share of attacks, but the increasing sophistication of the skirmishes is notable — with almost machine-like weaponization of code on the attackers’…

Read More

Say you’ve got a hundred attacks coming into your organization at a given moment. Control Number One filters out 80% of threats to give us only 20 attacks to worry about. Not bad. And then Control Number Two whacks nearly a third of those. Now the total has dropped to 13. Not a great control,…

Read More