As CEO of Terranova Security, an awareness training provider, Lise Lapointe sees an evolution of education programs that used to be merely phishing simulation tests. What are the most effective forms of training?
The ultimate responsibility of every CSO and CISO is to foster culture change and awareness, because that is every organization's single greatest data security and physical security control, says Andrew Rose, CSO of Vocalink, which is a MasterCard company.
Emily Heath is two years into her tenure as CISO at United Airlines. One of her key initiatives is to grow the company's security organization in a manner that emphasizes diversity, inclusion and skills.
Many security leaders recognize the flaws in traditional awareness training, but what is anybody actually doing about it? Keenan Skelly of Circadence describes a new approach that she believes has changed the cybersecurity education paradigm.
The latest edition of the ISMG Security Report features Greg Touhill, the United States' first federal CISO, discussing how "reskilling" can help fill cybersecurity job vacancies. Plus, California considers tougher breach notification requirements; curtailing the use of vulnerable mobile networks.
How can the many job openings for cybersecurity specialists be filled? "Reskilling" can play a critical role, says Greg Touhill, the nation's first federal CISO, who's now president of Cyxtera Technologies. In an interview, he offers a preview of his upcoming presentation at the RSA Conference 2019.
Why are we surprised about the amount and sensitivity of data that mobile apps collect? The online industry has never been forthright about it. That's why we're faced with a yawning gap between user expectations and true privacy. And it's why Facebook, Google, Apple and others have many questions to answer.
The aerospace exhibition Aero India 2019, which is being hosted by the Ministry of Defense Feb. 20-24, for the first time is focusing on showcasing cybersecurity capabilities and associated technologies. Meanwhile, there are other encouraging signs regarding India's efforts to defend against cyberattacks.
Recent data leaks, including the SBI incident that affected millions of customers, have once again stirred up a debate on the role of auditors in cybersecurity. But a bigger issue is the need to invest in appropriate security technologies and implement stronger policies and awareness programs.
The Unique Identity Authority of India, which administers the Aadhaar program, is again facing harsh criticism about its security measures, this time from State Bank of India. But rather than pointing fingers, all government organizations need to collaborate to enhance security.
Apple's conflict with Facebook this week resulted in the most effective and quickest punishment the social network has ever received over a privacy issue. But should a multi-billion dollar tech company like Apple be picking up the slack for the digital privacy enforcement failures of governments?
Special Counsel Robert Mueller's investigation into Russian interference in the 2016 U.S. presidential elections has led to 199 criminal charges, 37 indictments or guilty pleas and four prison sentences so far. But some key questions remain unanswered.
Australian security expert Troy Hunt says an 87 GB compilation of username and password combinations - drawn from more than 2,000 databases - includes 773 million unique email addresses for apparent use in credential-stuffing attacks. Takeaway: Use a unique password for every site, or else.