MIS|TI
  • About MISTI
    • Overview
    • FAQs
    • Contact Us
    • Careers
    • Instructor Bios
    • Hotel Information
  • Contact

(508) 879-7999

USA EMEA / APAC
  • Linkedin
  • Twitter
  • Facebook
  • Email Newsletter
USA EMEA / APAC

Event Search

Event Search

  • About MISTI
    • Overview
    • FAQs
    • Contact Us
    • Careers
    • Instructor Bios
    • Hotel Information
  • Contact

(508) 879-7999

  • Training
    • Seminars
    • LeaderQuest Training
    • LeaderQuest Course Listing
    • ACL Training
    • Executive Programs
    • Training Weeks
    • Virtual Seminars
    • Certificate Programs
    • Course Evaluation
  • Tailored Training Solutions
  • e-Learning
    • Webinars
  • Content
    • Internal Audit Insights
    • Resource Center
  • Quick Links
    • Training Weeks
    • Expo/Sponsorship Information
    • Ways to Save
    • Request Information
    • Request to Speak
    • Newsletter Sign Up
    • Virtual Classroom Information
    • Course Evaluation Information
    • Event Downloads
  • Event Search
  • Training
    • Seminars
    • LeaderQuest Training
    • LeaderQuest Course Listing
    • ACL Training
    • Executive Programs
    • Training Weeks
    • Virtual Seminars
    • Certificate Programs
    • Course Evaluation
  • Tailored Training Solutions
  • e-Learning
    • Webinars
  • Content
    • Internal Audit Insights
    • Resource Center
  • Quick Links
    • Training Weeks
    • Expo/Sponsorship Information
    • Ways to Save
    • Request Information
    • Request to Speak
    • Newsletter Sign Up
    • Virtual Classroom Information
    • Course Evaluation Information
    • Event Downloads
  • Event Search
  • Linkedin
  • Twitter
  • Facebook
  • Email Newsletter

Event Search

  2. Home
  3. Infosec Insider

Infosec Insider

ft: Network Securityf: 2000-01-01t: 3000-01-02c: 2023-06-03
asdf
2019-07-23 05:38:22
Featured Article:

Cloud Security and Privacy Audits: A 360 Degree Crash Course

By Marcos Colon
July 23, 2019
Doug Barbin, principal at Schellman and Company, discusses the challenges that security professionals face when it comes to security and privacy assessments, but also provides tips on which assessments bring in the most return on investment.
2019-07-16 05:04:49

Attracting, Retaining, and Training in Infosec

By Marcos Colon
July 16, 2019
In this interview with Kelly York, security awareness manager at the McDonald's Corporation, she discusses the state of attracting and retaining talent in information security and also provides some helpful tips that could get you and your business over the hump when it comes to the topic.
2019-07-09 05:49:54

Relentless Resilience Through Renovated Risk Management

By Marcos Colon
July 09, 2019
Updating your risk management program is a critical component of becoming a successful security leader. InfoSec Insider caught up with Argo AI's CSO Summer Craze Fowler who shared her thoughts on the topic, as well as some proven tips.
2019-07-02 05:35:57

Simplicity is Cybersecurity Awareness Training

By Marcos Colon
July 02, 2019
Trend Micro's Vice President of Infrastructure Strategies William Malik shares his take on what simplicity looks like when it comes to cybersecurity awareness training in the business.
2019-06-04 05:53:07

DeMISTIfying Security: Recruiting and Retaining Cyber Talent (Part 1)

By Ed Moyle and Raef Meeuwisse
June 04, 2019
DeMISTIfying Security experts Ed Moyle and Raef Meeuwisse discuss recruitment and retention challenges in cybersecurity and offer up some advice for security leaders on the topic.
2019-05-28 05:44:20

How Security Leaders Should Approach Application Security

By Marcos Colon
May 28, 2019
In the full video interview below, Ted Harrington, keynote speaker and executive partner at Independent Security Evaluators, provides his take on application security and shares tips on the subject with up-and-coming security leaders. 
2019-05-21 05:10:25

Pentesting with Sheepl

By Marcos Colon
May 21, 2019
InfoSec Insider caught up with Trustwave SpiderLabs Principal Security Consultant Matt Lorentzen, who discussed the open source pentesting tool and provided us with a demo.
2019-05-14 05:29:10

The Holistic CISO: How to Increase Organizational Effectiveness

By Marcos Colon
May 14, 2019
The modern-day CISO faces a multitude of challenges they must face head-on to build a sense of leadership and vision within the security and risk department. InfoSec Insider caught up with CISO Spotlight's Todd Fitzgerald, who offered up concrete tips up-and-coming security leaders can leverage when it comes to achieving organizational effectiveness.
2019-05-07 05:23:55

A Guide to Purchasing Cybersecurity Solutions

By Josue Ledesma
May 07, 2019
Knowing how to approach buying cybersecurity vendors is a difficult task. There’s a lot to manage internally (budget, needs, fit) and it’s hard to know what kind of vendors or solutions would serve your organization best. The fear, uncertainty, and doubt (FUD) experienced by cybersecurity vendors are especially troubling.
2019-04-25 05:27:50

The Cyber Impact on Democracy

By Marcos Colon
April 25, 2019
Cybereason CSO Sam Curry shares how “black propaganda” is leveraged by foreign adversaries, why 2016 was a failure of imagination from a cyber standpoint, and what we should be prepared for leading into the 2020 presidential elections.
2019-04-18 05:14:26

Threat Profiling in the ICS World: What You Need to Know

By Marcos Colon
April 18, 2019
There are a slew of threats aimed at industrial control systems, and security warriors in that space need to constantly be on their toes. We caught up with Sergio Caltagirone, vice president of threat intelligence at Dragos, who shared how infosec pros in the ICS world can get started with threat profiling.
2019-04-11 05:07:16

Who Watches the Watchers?: A Discussion on Who Can Be Trusted Today

By Marcos Colon
April 11, 2019
Security departments have evolved tremendously over the years, but so have cyber threats. As organizations become more aware that nearly no one can be trusted, whose job is it to watch the watchers? At this year’s RSA Conference in San Francisco, InfoSec Insider caught up with Forcepoint's Dr. Richard Ford who dives into the topic.
2019-04-09 05:48:15

DeMISTIfying Security: Is the Board to Blame When There's Cyber Shame?

By Ed Moyle and Raef Meeuwisse
April 09, 2019
In the latest edition of InfoSec Insider’s DeMISTIfying Security series, veteran experts Ed Moyle and Raef Meeuwisse discuss the state of cybersecurity as it relates to executive support within the business.
2019-03-28 05:49:26

Must You Rely on Cybersecurity Vendors to Be Secure? Is Do-It-Yourself Cybersecurity a Viable Option?

By Jim Romeo
March 28, 2019
Cybersecurity remains a persistent challenge in information technology, and for IT security professionals, AI and other tools are valuable for organically managing cybersecurity without depending on vendors that might have more sophisticated tools and experience using them.
2019-03-28 05:10:56

Your Weak Physical Security Could Be A Hacker’s Easiest Target

By Brent White & Tim Roberts, Senior Security Consultants, Threat Services, NTT Security
March 28, 2019
While having strong IT security in place to secure sensitive data on devices and networks is critical, ensuring your organization practices strong physical security is equally important. Organizations need to prevent attackers from being able to walk in and walking out with data, systems, physical documents, or worse – a new connection to your network as a persistent threat.
2019-03-21 05:58:48

The State of Passwords in 2019: Will They Ever Go Away?

By Josue Ledesma
March 21, 2019
Password security has undergone a significant transformation over the last few years. As a reaction to the insecure form of identity verification that is logging in with a password, technologies such as two-factor authentication (2FA), multi-factor authentication (MFA), and hardware keys. This begs the question—where does that leave passwords in 2019?
2019-03-19 05:32:51

DeMISTIfying Security: The Impacts of Security Assumptions

By Ed Moyle and Raef Meeuwisse
March 19, 2019
In this follow-up video, the DeMISTIfying Security experts discuss two recent containerization-related issues and how the modern-day security warrior can venture into the unknown to effectively tackle challenges such as this.
2019-03-14 05:52:53

Are Medical Devices Securely Managed Yet?

By Jim Romeo
March 14, 2019
Recent incidents illustrate the risks that healthcare networks are subject to in today's ever-expanding cybersecurity threat landscape. In particular, securing networked medical devices in this environment can be challenging. 
2019-03-12 05:10:01

How Moving Away From Traditional Academia Has Changed Cybersecurity Education

By Paul Rohmeyer, Program Director MS Information Systems, Stevens Institute of Technology
March 12, 2019
Today, there are highly specialized training options offered both in-person and online in the form of meetups, webinars, formal courses, and in-house and external conferences. The attractiveness (cost, convenience, and specialty) of these alternative options has driven cybersecurity talent to steer towards education avenues outside of traditional academia.
2019-03-07 05:08:13

Why Your Cybersecurity Comms Need to Evolve

By Dawn Papandrea
March 07, 2019
When you’re talking information security among your peers, it sounds like a totally different language than the rest of your organization speaks. This puts infosec professionals in a bind. On the one hand, security vulnerabilities exist throughout the company. Yet you, alone, are carrying the burden of knowing just how serious it can get. That’s why it’s up to you to create an information security communication strategy.
2019-02-19 05:40:25

DeMISTIfying Security: Getting a Jump on Zero Trust in Your Environment

By Ed Moyle
February 19, 2019
Last week the DeMISTIfying Security hosts explored the Zero Trust model. This follow-up segment takes things one step further as security veteran Ed Moyle explains how you can get a jump on kickstarting Zero Trust within your organization.
2019-02-14 05:25:09

How to Get Started with Secrets Management

By Ed Moyle
February 14, 2019
The only thing worse than having a huge problem is having a huge problem and not realizing it. Believe it or not, many organizations are in the latter boat right now. Specifically, many organizations are undergoing a proliferation of secrets at a scale and scope that eclipses the ability of mechanisms and controls they may have in place to keep them protected.
2019-02-12 05:59:59

Glimpsing Inside the Trojan Horse: An Insider Analysis of Emotet

By Max Heinemeyer
February 12, 2019
Emotet is a highly sophisticated malware with a modular architecture, installing its main component first before delivering additional payloads. In this contributed article, Darktrace's Max Heinemeyer, director of threat hunting, breaks down the threat.
2019-01-24 05:18:57

Lessons Learned: How to Defend Your Organization Against Social Engineering

By Josue Ledesma
January 24, 2019
Social engineering is unique in the cybersecurity world as its scope of influence can vary widely on the software, hardware, and even psychological level. In this article, we’ll cover social engineering attacks and help you learn from recent developments in the space.
2018-12-25 05:19:29

Know Your Inventory: A CISOs Guide to Asset Management

By Josue Ledesma
December 25, 2018
A CISO’s list of responsibilities are vast. They need to protect, defend, and identify any risks and potential attacks that may hit their company’s environment. However, knowing what needs protection is its own challenge.
2018-12-13 05:11:50

The Blockchain Revealed: How InfoSec Can Benefit from the Protocol

By Marcos Colón
December 13, 2018
InfoSec Insider catches up with Debbie Hoffman, CEO of Symmetry Blockchain Advisors at the CSA Congress event, who clarifies what blockchain means to security leaders today, and any privacy implications they should be aware of.
2018-12-04 05:42:01

Cybersecurity 101: A Discussion on the Basics and Fundamentals

By Ed Moyle and Raef Meeuwisse
December 04, 2018
InfoSec Insider SMEs Ed Moyle and Raef Meeuwisse are back, but this time they're talking fundamentals. If you're an up-and-coming security warrior, you'll definitely want to heed this advice from the two infosec experts.
2018-11-22 05:33:26

When Is It Time to Share Your Secret Sauce?

By Marcos Colón
November 22, 2018
When is it time for your organization to share cybersecurity information with its competitors and how much should you be sharing? We interview two industry experts that provided us with their take on the topic in this featured video interview.
2018-11-01 05:54:15

Common Application Vulnerabilities You Should Know About

By Marcos Colón
November 01, 2018
While patching vulnerabilities seems like a “low-hanging fruit” task for many security practitioners, it seems as though many still fail to do so. In this interview with application security expert Chris Eng, he highlights the common blind spots associated with vulnerability management.
2018-10-30 05:39:26

2018 Midterm Election Security: Thoughts from Security Experts

By Marcos Colón
October 30, 2018
InfoSec Insider catches up with cybersecurity experts on the lessons learned from the 2016 election hacks, and what the security practitioner of today could learn from those events. With early voting already in full swing, we take a brief look back at what occurred.
2018-10-25 05:59:24

So, How Strong Are Your Organization's Passwords?

By Marcos Colón
October 25, 2018
Ntrepid Corporation’s Chief Scientist Lance Cottrell chats with InfoSec Insider and offers up the major dos and don’ts tied to password management, as well as pinpoints the significant weaknesses in some of the systems we’ve come to rely on heavily.
2018-10-18 05:30:25

Are You Investing in the Right Cybersecurity Tools?

By Marcos Colón
October 18, 2018
NSS Labs CEO Vikram Phatak speaks with InfoSec Insider and offers up tips to up-and-coming security professionals on how to make smart and effective cybersecurity solution purchasing decisions. From blocking out buzzwords and marketing jargon to building a great team, here’s what you need to know.
2018-10-04 05:13:15

Security Automation is Here. Now What?

By Marcos Colón
October 04, 2018
enSilo CEO Roy Katmor sits with InfoSec Insider to discuss how security automation is impacting the time and duties of the modern day security professional, and how the skills they need to succeed will change as a result of the technology.
2018-09-27 05:15:45

Creating the Perfect Incident Response Playbook

By Marcos Colón
September 27, 2018
Arctic Wolf's Sam McLane sits with InfoSec Insider at the Black Hat Conference in Las Vegas to discuss the major dos and don'ts when it comes to incident response, in addition to some misconceptions that some security practitioners may have on the topic.
2018-09-20 05:06:17

A Discussion on Dark Web Threats in 2018

By Marcos Colón
September 20, 2018
InfoSec Insider catches up with Digital Shadows CISO Rick Holland, who discusses the latest dark web threats this year, and what security practitioners should have on their radar.
2018-09-18 05:47:59

A Look at the Windy City’s Newest Cyber Command Center

By Marcos Colón
September 18, 2018
InfoSec Insider takes a first-hand look at Trustwave’s new SpiderLabs Fusion Center in Chicago and speaks with Chris Schueler, senior vice president of managed security services, on the purpose behind its creation.
2018-09-11 05:44:08

Disable PowerShell? How about control it instead?

By Ed Moyle
September 11, 2018
At the end of the day, PowerShell is an enormously flexible, valuable, and helpful tool in any enterprise administrator’s toolbox, so “turning it off” isn’t really a viable option for most shops. In this informative feature, subject matter expert Ed Moyle explains why.
2018-09-06 05:58:29

Back to the Basics: The State of Cyber Hygiene in 2018

By Marcos Colón
September 06, 2018
Tripwire's Tim Erlin chats with InfoSec Insider on the state of cyber hygiene in 2018, where we are, why we're there, and highlights different areas that security practitioners are failing to cover as it relates to securing the business.
2018-08-30 05:19:15

More Humans Needed: Closing the Cybersecurity Talent Gap

By Marcos Colón
August 30, 2018
Cybrary COO Kathie Miley pinpoints the real issues organizations face when it comes to the cybersecurity talent shortage, why employers are doing a good job of finding the right talent only in certain circumstances, and the impact the cybersecurity solutions market is having on the talent shortage.
2018-08-28 05:53:56

The Evolved Perimeter: IoT Identity and Integrity

By Jackson Shaw, VP of Product Strategy, One Identity
August 28, 2018
The rise of IoT has introduced new challenges to security in the enterprise. Like most security challenges, protecting against threats is the basic work of good IT hygiene. Organizations can adopt existing identity management best practices to meet this new challenge.
2018-08-21 05:49:30

Understanding Zero Trust: A New Strategy for Cyber Defense

By Pravin Kothari, CEO, CipherCloud
August 21, 2018
The idea that all internal networks should be considered trusted while external networks should be trusted was fundamentally wrong. This featured article describes why the move to the cloud has also accelerated the movement to Zero Trust.
2018-08-07 05:09:54

Blockchain: What It Is and What It Means for InfoSec

By Josue Ledesma
August 07, 2018
Blockchain has become the new buzzword of choice across a wide spectrum of industries, such as finance, tech, and the information security industry. However, what blockchain is and what its applications are still seem to be unclear. This article sets the record straight.
2018-07-26 05:44:21

The Cyber Threat Alliance: Making Cybersecurity Collaboration Work

By Marcos Colón
July 26, 2018
The Cyber Threat Alliance’s Chief Analytic Officer Neil Jenkins provides update on the state of information sharing in 2018 and provides some insight on the steps security practitioners can take if they’re interested in sharing their threat data. 
2018-07-12 05:32:55

Are Security Professionals Doing Enough?

By Marcos Colón
July 12, 2018
Cybereason’s Israel Barak discusses the approach that far too many businesses take when it comes to their security strategy and highlights the steps that security professionals should be seeking to rethink the programs and challenges they face tied to measurably reducing risk within the business.
2018-07-05 05:45:08

How Hacked Elections Impacted the Security Industry

By Marcos Colón
July 05, 2018
CA Veracode’s Chris Wysopal discusses how the 2016 presidential election hack broadened the horizon on how security warriors think about defending their data and offers up advice on what they should consider when it comes to protecting sensitive information.
2018-06-19 05:14:31

Imagine If Security Solutions Understood Our Language

By Vijay Dheap
June 19, 2018
It's up to security professionals to infer security significance of all the events security solutions report. The first step to arriving at an answer to this intractable problem is teaching our security tools to understand us. Advancements in Natural Language Processing could help.
2018-04-03 06:16:00

Five Cyber Risks Your Organization is Likely to Encounter

By Katherine Teitler
April 03, 2018
Today's threat landscape is like a tentacled sea monster that security practitioners have to battle on a daily basis. In this feature story, we highlight the top five most likely cyber risks to organizations today.
2018-03-15 06:16:00

A Brief Guide to Cybersecurity for SMBs

By Katherine Teitler
March 15, 2018
Small- and medium-sized companies must be vigilant about cybersecurity--even if they don't have the staff to handle it internally.
2018-03-13 06:16:00

Zero Trust: Not New, but Breaking into the Security Scene in a Big Way

By Katherine Teitler
March 13, 2018
Zero trust networking was introduced by Forrester Research back in 2009, but only recently has it gained great strides.
2018-03-12 06:16:00

Surviving the Walking Dead: Fending off Social Zombies at InfoSec World

By Tom Eston
March 12, 2018
IoT, home automation, government surveillance, and new privacy regulations all pose a challenge to your organization, but you don't have to let those challenges eat you alive.
2018-01-24 06:16:00

From Trapping to Hunting: Intelligently Analyzing Anomalies to Detect Network Compromises

By Giovanni Vigna
January 24, 2018
Is your organization adequately equipped to identify anomalous patterns across the network? If you're doubtful, it may be time to try out alternative models that will help you detect previously unknown attacks.
2018-01-09 06:16:00

The Latest Infosec Vulnerability Meltdown: From the Viewpoint of a Cloud Researcher

By Katherine Teitler
January 09, 2018
In this follow-up article, cloud researcher Mark Nunnikhoven gives us his take on the Meltdown and Spectre vulnerabilities, which can exploit flaws in modern processors. Nunnikhoven provides us with the potential implications that you should take note of.
2018-01-08 06:16:00

The Latest Infosec Vulnerability Meltdown: From the Viewpoint of a Security Consultant and Entrepreneur

By Katherine Teitler
January 08, 2018
An interview with industry veteran Aaron Turner that helps demystify the probable consequences of Meltdown and Spectre, the two headline-grabbing security vulnerabilities capable of exploiting critical vulnerabilities in modern processors. Turner breaks down what you should do.
2018-01-04 06:16:00

Security New Year’s Resolutions

By Katherine Teitler
January 04, 2018
Working in the field of cybersecurity can be extremely rewarding, but it can also be extremely stressful and lead to burnout, if you let it.
2017-12-29 06:12:00

News in a Minute Weekly Roundup | Dec. 29

By Marcos Colón
December 29, 2017
Here’s a look at some of the top news stories that wrapped up 2017. Major items included a critical vulnerability patched by Mozilla, Nissan Canada announcing a data breach that impacted more than one million customers, and hackers targeting a zero-day vulnerability in Huawei home routers. 
2017-12-28 06:30:00

6 Things Security Practitioners Should Know About the SOC

By Katherine Teitler
December 28, 2017
The security operations center is a critical element of running a situationally aware security organization. Unfortunately, many companies today don’t have the resources to form one.
2017-12-22 06:12:00

News in a Minute Weekly Roundup | Dec. 22

By Marcos Colón
December 22, 2017
With so much going on in the office last week, here’s a look at some of the top stories you may have missed, including claims that Uber may have illegally accessed its competitors’ networks, Kaspersky Lab asking a court to overturn the Trump Administration’s ban of its software, and more.
2017-12-15 06:12:00

News in a Minute Weekly Roundup | Dec. 15

By Marcos Colón
December 15, 2017
A roundup of the top news stories in information security this week, including researchers exploiting a critical vulnerability that easily unlocks a popular gun safe, and a new bill threatening jail time for failing to disclose a data breach within 30 days.
2017-12-12 06:16:00

Hacked Websites: How Weak Security Impacts Us All

By Todd O'Boyle
December 12, 2017
Attackers are increasingly targeting vulnerable WordPress websites to prey on innocent users...because it's easy.
2017-12-11 07:46:00

Choosing the Infosec Career Path That’s Right for You

By Katherine Teitler
December 11, 2017
Choosing the right infosec career path might not be cut and dried, but certain personalities may be a better for for some roles.
2017-12-08 06:12:00

News in a Minute Weekly Roundup | Dec. 8

By Marcos Colón
December 08, 2017
A roundup of the top news stories in information security this week, including the UK warning its government agencies to steer clear of Kaspersky Lab products, PayPal dealing with a data breach, and NIST's latest Cybersecurity Framework draft.
2017-12-01 06:12:00

News in a Minute Weekly Roundup | Dec. 1

By Marcos Colón
December 01, 2017
A roundup of the top news stories in information security this week, including an emergency security patch issued by Apple, a new variant of Mirai making the rounds, and a data breach impacting 1.7 million accounts.
2017-11-24 06:12:00

News in a Minute Weekly Roundup | Nov. 25

By Marcos Colón
November 24, 2017
A roundup of the top news stories in information security this week, including a massive data breach that Uber disclosed after nearly one year after attempting to conceal it and a new reporting detailing the increasing damage costs tied to ransomware.
2017-11-17 06:12:00

News in a Minute Weekly Roundup | Nov. 17

By Marcos Colón
November 17, 2017
A roundup of the top news stories in information security this week, including a slew of vulnerabilities addressed by Microsoft and Adobe, researchers claim to have cracked the new iPhone X's Face ID, and more.
2017-11-16 07:46:00

SSL/TLS Assurance

By Ed Moyle
November 16, 2017
TLS is the cornerstone of secure communications for networked communications, but are you implementing and maintaining it correctly?
2017-11-10 06:12:00

News in a Minute Weekly Roundup | Nov. 10

By Marcos Colón
November 10, 2017
A roundup of the top news stories in information security this week, including a phony version of WhatsApp being downloaded more than one million times from Google Play, a big acquisition in the security space, and an Anonymous hacker seeking asymlum in Mexico.
2017-11-06 05:08:21

Upstream Disconnect: Why CISOs and the Board Aren’t Seeing Eye to Eye

By Marcos Colón
November 06, 2017
After conducting 80 interviews with security leaders and board members, these two experts discuss the findings of their research and offer a rare window into how each group viewed progress and setbacks in their oversight of cyber risk.
2017-11-03 06:12:00

News in a Minute Weekly Roundup | Nov. 3

By Marcos Colón
November 03, 2017
A roundup of the top news stories in information security this week, including a USB stick containing sensitive Heathrow security data found on the street, FireEye releases a password cracking tool for free, and Apple finally addresses the KRACK flaw.
2017-11-02 07:46:00

The ACDC Act Would Take Defenders’ Eyes Off Real Cyber Defense

By Katherine Teitler
November 02, 2017
The Active Cyber Defense Certainty Act could have negative impacts on defenders' security efforts.
2017-10-27 06:12:00

News in a Minute Weekly Roundup | Oct. 27

By Marcos Colón
October 27, 2017
A roundup of the top news stories in information security this week, including Kaspersky Lab conceding to obtaining hacking tool source code and a new attack group setting its sights on cybersecurity pros.
2017-10-26 07:46:00

How I Became a CTO

By Katherine Teitler
October 26, 2017
Infosec Insider learns how practitioners from across the cybersecurity industry came into their current security role.
2017-10-25 06:02:00

The Problem with Network Monitoring

By Katherine Teitler
October 25, 2017
Ixia Director of Application and Threat Intelligence, Steve McGregory, discusses how cyber attackers are evading network detection, and shares tips on how organizations can move towards better prevention and detection. 
2017-10-20 06:12:00

News in a Minute Weekly Roundup | Oct. 20

By Marcos Colón
October 20, 2017
A roundup of the top news stories in information security this week, including the Locky ransomware making a comeback, Adobe releasing a rare out-of-band patch, and tech giants scrambling to patch a nasty WPA2 vulnerability.
2017-10-17 06:42:37

The Obsolescence of Passwords: How to Leverage Behavior-Based Security

By Marcos Colón
October 17, 2017
Aetna CSO Jim Routh discusses why he believes passwords are obsolete, how he’s done away with them at Aetna, and why and how security managers can take a similar approach.
2017-10-16 07:46:00

SMBs' Cyber Attack Woes are Rising

By Katherine Teitler
October 16, 2017
The "2017 State of Cybersecurity in Small & Medium-Sized Businesses" report reveals what we already know about security, but what will companies do about it?
2017-10-13 06:12:00

News in a Minute Weekly Roundup | Oct. 13

By Marcos Colón
October 13, 2017
A roundup of the top news stories in information security this week, including consulting firm Accenture leaving servers containing personal information completely unprotected and Patch Tuesday addressing a slew of vulnerabilities including a zero-day flaw.
2017-10-06 06:12:00

News in a Minute Weekly Roundup | Oct. 6

By Marcos Colón
October 06, 2017
A roundup of the top news stories in information security this week, including Equifax stalling on installing a patch that ultimately resulted in its data breach, Yahoo revealing that their 2013 data breach was much bigger than expected, and updates to Netgear products.
2017-10-05 07:46:00

How I Became a Trust and Security Engineer

By Katherine Teitler
October 05, 2017
Infosec Insider learns how practitioners from across the cybersecurity industry came into their current security role.
2017-09-29 06:12:00

News in a Minute Weekly Roundup | Sept. 29

By Marcos Colón
September 29, 2017
A roundup of the top news stories in information security this week, including the Sonic drive-in chain announcing a data breach impacting millions, Whole Foods disclosing an additional breach, and Oracle patching a critical Apache Struts bug.
2017-09-22 06:12:00

News in a Minute Weekly Roundup | Sept. 22

By Marcos Colón
September 22, 2017
A roundup of the top news stories in information security this week, including a new Apache vulnerability that's similar to Heartbleed, and a new study sheds light on the costs of data breaches for U.S. enterprises.
2017-09-20 07:46:00

Who Cares About Infosec Anyway?

By Katherine Teitler
September 20, 2017
Security awarness programs that focus on what's important to security practitioners are less effective than those than focus on employee interests.
2017-09-09 02:41:00

News in a Minute Weekly Roundup | Sept. 8

By Marcos Colón
September 09, 2017
A roundup of the top news stories in information security this week, including a massive data breach impacting up to 148 million Americans and a vulnerability affecting 465,000 pacemakers.
2017-09-01 06:41:00

News in a Minute Weekly Roundup | September 1

By Marcos Colón
September 01, 2017
A roundup of the top news stories in information security this week, including researchers discovering the largest spambot to date and cybercriminals taking advantage of the Hurricane Harvey news.
2017-08-30 06:00:26

How to Face IoT Threats Head On

By Marcos Colón
August 30, 2017
A discussion on the impact that IoT attacks have had on enterprises, and tips on what security managers can do to face these challenges head on.
2017-08-25 06:41:00

News in a Minute Weekly Roundup | August 25

By Marcos Colón
August 25, 2017
A roundup of the top news stories in information security this week, including a LinkedIn flaw that could impact millions, President Trump spinning off the U.S. Cyber Command from the NSA, and more.
2017-08-24 07:46:00

How to Buy Security Products

By Katherine Teitler
August 24, 2017
How do you choose the right security products for your environment when the market is overcrowded and intentionally noisy?
2017-08-23 05:27:00

Security is a Skill Set, Not a Tool

By Katherine Teitler
August 23, 2017
Adrian Sanabria shares why tools acquisition isn't the answer to your information security woes, and explains how teams can increase efficacy without increasing expenditures.
2017-08-18 06:41:00

News in a Minute Weekly Roundup | August 18

By Marcos Colón
August 18, 2017
A roundup of the top news stories in information security this week, including APT28 targeting hotel Wi-Fi networks and the State Department quietly launching a new cybersecurity office.
2017-08-16 06:02:35

The Growing Professionalism of Cybercrime

By Marcos Colón
August 16, 2017
How the professionalism surrounding cybercrime has grown evolved, and what you can do to prepare.
2017-08-11 06:41:00

News in a Minute Weekly Roundup | August 11

By Marcos Colón
August 11, 2017
A roundup of the top news stories in information security this week, including security updates issued by Microsoft, Adobe and Google, a new vocabulary framework released by NIST, and a study that points to women in infosec feeling empowered in their roles.
2017-08-09 07:27:00

What Happens When In-Network Traffic is Your Biggest Threat?

By Katherine Teitler
August 09, 2017
In a network perimeter-less world, enterprise security practitioners need ways to verify the authenticity of applications and the devices and users running those applications; firewalls just fall short.
2017-08-08 07:00:00

Firewalls: No Simple Solution to Network Security but an Essential Element Nonetheless

By Katherine Teitler
August 08, 2017
Marcus Ranum talks current firewall capabilities, what micro segmentation will solve (and what it won't), and the future of network security.
2017-08-04 07:41:00

News in a Minute Weekly Roundup | August 3

By Marcos Colón
August 04, 2017
A roundup of the top news stories in information security this week, including voting machine hacks, Anthem reporting yet another data breach, and spoilers being released after episodes of everyones favorite medieval HBO were leaked.
2017-08-03 07:46:00

Will the Latest (Proposed) IoT Legislation Make a Difference?

By Katherine Teitler
August 03, 2017
The proposed "Internet of Things Cybersecurity Improvement Act of 2017" signals a shift in attitudes about cybersecurity's impact on public safety.
2017-07-31 08:30:00

Key Hiring Questions to Ask During Infosec Interviews

By Katherine Teitler
July 31, 2017
We’ve all heard about the security staffing shortage; it attracts a lot of press and is hard to ignore. If you’re currently working for an organization that is not hiring, you, yourself, might be receiving regular calls from recruiters about one of the estimated 1 million open positions. Maybe you’re even covertly scoping out your next job opportunity. 
2017-07-28 07:41:00

News in a Minute Weekly Roundup | July 28

By Marcos Colón
July 28, 2017
A roundup of the top news stories in information security this week, including a massive security breach that resulted in more than 5 million stolen Social Security numbers.
2017-07-27 07:48:16

How to Tackle the Expo Floor at Infosec Conferences

By Marcos Colón
July 27, 2017
In this exclusive video interview, Mike Spanbauer, VP of Security Test and Advisory, provides some helpful tips to security professionals when it comes to vetting security technology.
2017-07-21 07:41:00

News in a Minute Weekly Roundup | July 21

By Marcos Colón
July 21, 2017
A roundup of the top news stories in information security this week, including the largest security update that Oracle has issued to date.
2017-07-20 07:46:00

8 Tips for Submitting an Outstanding Conference Talk Proposal (part 2)

By Katherine Teitler
July 20, 2017
Now that we've looked at the basics for submitting an outstanding CFP, we'll look at a few more tips and tricks for getting your submission picked.
2017-07-18 07:46:00

8 Tips for Submitting an Outstanding Conference Talk Proposal (part 1)

By Katherine Teitler
July 18, 2017
Submitting a great call for presenters proposal is about more than simply writing about your expertise.
2017-07-14 07:41:00

News in a Minute Weekly Roundup | July 14

By Marcos Colón
July 14, 2017
A look at some of the top news stories in information security this week, including President Trump proposing a cybersecurity alliance with Russia, breaches impacting Verizon and Hard Rock Hotel and Casinos, and Microsoft, Adobe and SAP all addressing security flaws.
2017-07-13 07:46:00

New Attacks Mean Back to Basics…Again

By Katherine Teitler
July 13, 2017
Information security cannot be bought; organizations need to focus on security fundamentals to ward off the latest and greatest cyber attacks.
2017-07-07 07:41:00

News in a Minute Weekly Roundup | July 7

By Marcos Colón
July 07, 2017
A look at some of the top news stories in information security this week, including U.S. Senators being suspicious of Kaspersky Lab, and Mozilla analyzing the security posture of the top one million websites. 
2017-07-06 07:00:00

How Far Should You Go with Employee Monitoring?

By Katherine Teitler
July 06, 2017
Depending on your source, insider threat accounts for anywhere from 27% - 77% of all breaches. Despite the disparity in agreement about size of the problem, most security practitioners agree that the difficulty identifying insider threat is greater than identifying external threats.  
2017-06-28 07:46:00

PetyaWrap is Wannacry’s Honey Badger Upgrade

By Adrian Sanabria
June 28, 2017
A honey badger, like the Petya ransomware, waits to see if you make the mistake of underestimating it.
2017-06-26 07:46:00

The “Best Practice” Parable

By Joshua Marpet
June 26, 2017
"Best practices” are subjective, of course, though the phraseology leads people to believe that these “best practices” are, in fact, the best. 
2017-06-22 07:47:05

These Are the Three Exploit Kits You Should Know About

By Marcos Colón
June 22, 2017
A look at three cyber threats that are keeping the exploit market alive, with advice on what you can do to protect your organization and employees from them.
2017-06-21 07:46:00

How to Combat Alert Fatigue

By Katherine Teitler
June 21, 2017
A recent report by the Cloud Security Alliance and SkyHigh Networks says that 50% of organizations are using six or more security tools that generate constant alerts. 
2017-06-19 07:46:00

Incident Response is About More Than Responding to Incidents

By Katherine Teitler
June 19, 2017
Incident response preparedness is an integral part of every organization’s cybersecurity program. 
2017-06-14 07:46:00

Survey Says: Security Tech Investments Aligned with Strategy

By Katherine Teitler
June 14, 2017
Earlier this month Scale Venture Partners released a survey report on The State of Cybersecurity Priorities and Strategies 2017, based on the opinions of 200 security leaders in the United States.
2017-06-07 11:22:02

IoT Blindspots: The Four Devices That Should be on Your Radar

By Marcos Colón
June 07, 2017
Connected devices are trickling into the enterprise. While these four devices should be monitored by security managers, they may not currently be on their radar.
2017-06-06 07:46:00

5 Ways to Find the Low-Hanging Fruit on Your Network

By Katherine Teitler
June 06, 2017
When it comes to securing an organization’s network, there is no shortage of basic blocking and tackling to be done. 
2017-05-17 07:46:00

WannaCry: A Media Maelstrom Without Much Actionable Advice

By Katherine Teitler
May 17, 2017
Touted as the largest Ransomware attack in history by the media, WannaCry is certainly on the tips of tongues of corporations and consumers everywhere. 
2017-05-11 07:46:00

FTC Launches New Small Business Cybersecurity Website, But…

By Katherine Teitler
May 11, 2017
Earlier this week the Federal Trade Commission (FTC), the self-proclaimed consumer protection watchdog, launched a new website aimed at helping small businesses buff up cybersecurity practices. 
2017-05-09 07:56:24

A Needle in a Haystack: Behavioral-Based Detection to Identify Anomalies

By Marcos Colón
May 09, 2017
In this video interview Josh Pyorre, security researcher at OpenDNS, discusses his approach to detecting threats.
2017-05-02 18:02:02

Why Secure Data Logistics Provides Optimum Visibility

By Marcos Colón
May 02, 2017
Security experts David Etue and Christopher Ensey discuss their research into secure data logistics.
2017-05-01 07:46:00

Speaking to Malware: A New Approach to Combat Attacks

By Todd O’Boyle
May 01, 2017
Cyber attackers need persistent access to your company’s network, systems, and users to steal from you. The good news is that persistence can also be used against attackers.
2017-04-28 11:05:00

Why Innovation is the Key Ingredient to Establishing a Resilient Enterprise

By Marcos Colón
April 28, 2017
Jim Routh, CSO at Aetna, discusses the importance of focusing on the "three Ts of security" and highlights the most important things security executives must do to succeed.
2017-04-25 07:46:00

A Look at Security Leaders’ Priorities

By Katherine Teitler
April 25, 2017
There’s a phrase that’s oft repeated when a person is trying to understand what’s on the mind of and what motivates another person: What keeps you up at night?
2017-04-24 13:46:00

Running Security Operations Agilely

By Kristy Westphal
April 24, 2017
How, then, do security operations run better with Agile? DevOps, DevSecOps, and Agile all imply pretty big changes to your organization.
2017-04-04 07:00:00

Why Visibility is The CISOs Biggest Challenge

By Marcos Colón
April 04, 2017
The hurdles chief information security officers face today are more daunting than ever, given the evolving threat landscape, but most importantly, the current state of technology within the enterprise.
2017-03-30 08:00:00

End User Security Habits Aren’t Bound to Help your Corporate Program

By Katherine Teitler
March 30, 2017
Americans’ online security habits are just as bad as you’ve imaged, according to a recent survey of more than 2,000 respondents.
2017-03-21 08:00:00

What is the Best Security Framework for your Business?

By Dominic Vogel
March 21, 2017
Cybersecurity frameworks are quite similar to relationships—you get out of them what you put into them. To some extent, we have all waded into the waters of cybersecurity frameworks.
2017-03-16 08:00:00

What Keeps a Chief Privacy Officer Up at Night

By Katherine Teitler
March 16, 2017
The majority of people don’t even know every place their personal information has been provided or acquired, and it’s this quagmire that keeps privacy officers up at night.
2017-03-13 08:00:00

Executives and IT Decision Makers Don’t See Eye-to-Eye on Security

By Katherine Teitler
March 13, 2017
A new study published by BAE Systems highlights the disconnect between C-level executives and IT Decision Makers when it comes to perceptions of cybersecurity within the enterprise.
2017-03-03 22:19:01

Ransomware 101: What Security Managers Need to Know

By Marcos Colón
March 03, 2017
In this full video interview, Simon Crosby, co-founder and CTO at Bromium not only discusses the ins and outs of ransomware but offers up best practices for security practitioners.
2017-03-02 14:30:00

A Look at NY’s Stricter Cybersecurity Rules for Financial Institutions

By Katherine Teitler
March 02, 2017
Though the rules took effect at the beginning of the month, affected enterprises have transition periods ranging from 180 days to 18 months to comply with varying aspects of the law.
2017-02-28 08:30:00

Ransomware: Show Me the Money

By Ben Rothke
February 28, 2017
The effects of ransomware have been devastating to organizations, from locking hospitals out of patient data to police departments that have lost years’ worth of evidence.
2017-02-22 08:30:00

The Three T’s of Cyber Security: Talent, Tools, and Techniques

By Katherine Teitler
February 22, 2017
When I started working in security I was taught, like most of us, to adopt a risk management control framework such as NIST, ISO, PCI, etc. and measure the alignment of security practices with control standards, procedures, and policies from the framework. 
2017-02-09 09:00:00

Ridiculously Obvious Phishing Scams are Still Active

By Katherine Teitler
February 09, 2017
Just when you thought the infamous “Nigerian Prince” was a ubiquitously understood joke, it seems the security industry still has a long way to go when it comes to phishing. 
2017-02-08 09:00:00

House of Representatives Passes an Important Privacy Bill

By Katherine Teitler
February 08, 2017
It would be somewhat of an understatement to say that methods of communication have changed over the last 31 years. Yet in that time, laws pertaining to the privacy of those new types of communication have remained stuck in the past.  
2017-02-08 08:31:00

The Phishing Kill Chain

By Ira Winkler
February 08, 2017
As a person who currently focuses on security awareness, hearing about or witnessing successful phishing attacks is frustrating. What is more frustrating is listening to security professionals blame users for falling for a phishing message instead of looking at themselves. 
2017-02-07 08:31:00

Leadership Lessons from the Orchestra

By Katherine Teitler
February 07, 2017
Leadership is a lot like playing in an orchestra. For those less familiar with an orchestra setting, let me explain. The basics: A traditional orchestra is made up of strings, woodwinds, brass, and percussion, plus keyboards. 
2017-02-02 08:31:00

Signs You’ve Been Breached

By Katherine Teitler
February 02, 2017
It’s true that cyberspace is growing by the day, and as companies and individuals add more information to internet-accessible sources, the risk of compromise of that data grows in parallel. With this greater risk comes more responsibility. 
2017-01-30 08:31:00

Why Security Managers are Failing at Password Security

By Katherine Teitler
January 30, 2017
The idea of a password as a security mechanism is sound: One user with an individual identity plus a unique, secret password. In the physical world, this combination often works as it should, since the user’s identity travels with the user (in effect, adding a second factor of identification).
2017-01-20 13:31:00

Will The Government Affect Cybersecurity in the Near Future?

By Katherine Teitler
January 20, 2017
On this first day of a Donald Trump presidency, many people around the world are watching and wondering what is going to happen in corporate America. The speculation is no less prevalent in the security industry.
2017-01-19 13:31:00

Can Security and Compliance Coexist Happily?

By Katherine Teitler
January 19, 2017
Security staff are infamous for declaring “security does not equal compliance” whenever the topic of compliance is mentioned by a non-security person. The reasoning behind this is sound: Compliance is a set of minimum requirements and auditable actions or technologies.
2017-01-17 13:31:00

Tackling Government Cybersecurity Staffing Challenges

By Katherine Teitler
January 17, 2017
Cybersecurity staffing—and the industry shortage—is a frequent topic of conversation among security practitioners. But as nation state competition heats up, government and civilian agencies need to develop alternative hiring strategies if the U.S. wants to compete on a global scale.
2017-01-05 13:31:00

Maximizing Your Security Conference Experience in 2017 (part 2)

By Katherine Teitler
January 05, 2017
In part one of this series on “Maximizing Your Security Conference Experience in 2017” we explored how preparing to attend an industry conference can yield positive results in terms of extracting value onsite. It’s not enough, though, to create a plan then sit back and wait for it to unfold. 
2017-01-04 13:31:36

Maximizing Your Security Conference Experience in 2017

By Katherine Teitler
January 04, 2017
Jumping back into work at the start of a new year propels many to evaluate plans and commit to better habits, greater value, and generally getting the most out of work and/or life. It’s good to take a step back and think through what worked during the past year, what didn’t, and muse on how to maximize one’s efforts.
2016-12-29 08:00:00

Under Pressure: The Modern Day Security Practitioner

By Katherine Teitler
December 29, 2016
Earlier this year, Forbes published its view of the “10 Most Stressful Jobs in 2016.” Admittedly, the security profession isn’t as physically dangerous as fighting fires or piloting an airplane, but security comes with its own unique set of threats that make day-to-day work incredibly stressful.
2016-12-23 07:45:00

The Best of InfoSec Insider in 2016

By Marcos Colón
December 23, 2016
As we continue to ramp up our efforts in providing you with a resourceful library of content you can rely on, we’ve decided to reflect on some of the top InfoSec insider articles of 2016, based on the engagement we’ve received from our readers.
2016-12-22 08:00:00

Security and Privacy in 2017 (+3)

By Katherine Teitler
December 22, 2016
Many uncertainties await the world when the new United States administration takes office on January 20, 2017. The President-elect, while extremely vocal on the campaign trail, has been disconcertingly cagey in the weeks leading up to inauguration. 
2016-12-21 08:00:00

Security Resolution: Better Communication for the New Year

By Katherine Teitler
December 21, 2016
The New Year is close upon us and many security firms and media outlets are busy publishing 2017 predictions or “the year in review.” Rather than following suit, we’d like to propose a New Year’s resolution to all security practitioners (and office workers, in general, really).
2016-12-16 08:00:00

How Well Will Your Organization Withstand a Cyber Attack?

By Katherine Teitler
December 16, 2016
While security practitioners are thinking about exploits, vulnerabilities, controls, and threat actors’ TTPs, what executives really want to know is, “When the company is the victim of an attack, what effect will that have on the rest of the company, and how quickly can employees resume?"
2016-12-02 08:00:00

Has the CISO Finally Earned a “Seat at the Table”?

By Katherine Teitler
December 02, 2016
Over the past few years the security industry has seen a rise in the number of appointed CISOs. At companies where previously the security team was small, secluded, and likely managed by the CIO, it is refreshing that mention of a CISO is no longer followed by puzzled looks or blank stares.
2016-11-29 08:00:00

Inclusion is the Key to Security Staffing

By Katherine Teitler
November 29, 2016
Depending on your media outlet of choice, the current cybersecurity staffing shortage is either pressing or catastrophic. In either case, a staffing shortage exists and the industry needs to take more proactive steps to look beyond current talent pools to fill open positions, as well as positions that will be created as the industry continues to expand. 
2016-11-16 08:00:00

What the Board Wants to Know about Security and Risk

By Katherine Teitler
November 16, 2016
Today, many organizations’ executive teams and boards of directors conflate cybersecurity and risk. Risk management is a broader practice than security alone, but cybersecurity is an increasingly “big ticket item” on boards’ agendas—alongside other more traditional risk discussions—since it’s clear that a major breach can impact the organization in meaningful ways. 
2016-11-07 08:00:00

Redefining “Winning” and “Losing” in Security

By Katherine Teitler
November 07, 2016
Cybersecurity is a lot like driving; towns and cities and their respective road crews can keep roads in ace condition and post all kinds of clearly marked signs for speed limits, road hazards, dangerous curves, blind driveways, and the like. Police can patrol the roads for dangerous or illegal driving.
2016-11-03 08:00:00

How Security Directors Can Combat DDoS Attacks

By Katherine Teitler
November 03, 2016
With the recent Dyn distributed denial of service (DDoS) attack lighting up media headlines, enterprise security practitioners are being asked how to ensure that the organizations for which they work aren’t the next DDoS victims.
2016-10-28 08:00:00

A Big Win for Privacy Could Increase Security Awareness

By Katherine Teitler
October 28, 2016
Yesterday morning the Federal Communications Commission (FCC) passed new—and controversial—rules regarding how internet service providers (ISPs) may use customers’ “sensitive” personal data.
2016-10-26 08:00:00

Please, Stop with the FUD Already

By Katherine Teitler
October 26, 2016
Last week, as much of the U.S. was inconvenienced by the widespread DDoS attack on many popular websites, Joomla! casually released a notice warning of a critical patch to its software.
2016-10-21 08:00:00

The Allure of (Insecure) WiFi

By Katherine Teitler
October 21, 2016
Employee mobility is no longer a privilege or nice-to-have, but a given in today’s workplace. At even very small organizations, it’s not uncommon to find executives or sales people who are on the road more often than they are settled in the office, and gone are the days when working remotely is considered the entitlement of a select few. 
2016-10-17 08:00:00

Security’s Message is Getting Lost in the Hype

By Katherine Teitler
October 17, 2016
Remember the “telephone game” played at parties when you were a kid? One person would make up a sentence or phrase which she or he then whispered into the ear of the person sitting next to him/her in a circle. That person would, in turn, whisper what he/she had heard into the ear of the next person in the circle.
2016-10-14 08:00:00

Developing the Super CISO

By Katherine Teitler
October 14, 2016
Defining a “good” chief information security officer is difficult. On one side, many CISOs have risen through the security ranks due to their technical prowess and were thus handed a “business position,” asked to manage a team, and required to start briefing the executive suite on the state of the company’s security.
2016-10-07 08:00:00

Where is all the Security Talent?

By Katherine Teitler
October 07, 2016
Rumblings about the security talent deficit are pervasive. Just like news of recent breaches, it’s hard to get through a week without reading an article, viewing a webcast, or attending a conference during which the subject is not addressed. 
2016-09-29 13:00:00

Security and Ops Coordination Hinges on Communication

By Katherine Teitler
September 29, 2016
Rifts between the security team and other groups lead to inefficiency and reduced effectiveness. Information security isn’t getting as much done as is necessary in our breach-of-the-day world, yet old problems like failure to collaborate persist.
2016-09-27 09:00:00

Learning Lessons of Security Failures Ensures Future Success

By Katherine Teitler
September 27, 2016
As a first time DerbyCon goer, I didn’t quite know what to expect. In its sixth year, DerbyCon is well known throughout the security community, and I’ve worked with several of the speakers, a few of the organizers, and met many security vendor representatives at MISTI and past-job events.
2016-09-26 17:00:00

Be a Better Social Engineer and Security Manager

By Katherine Teitler
September 26, 2016
Twenty minutes before the talk was scheduled to begin, attendees anxiously queued up outside the center ballroom to hear Chris Hadnagy present Mindreading for Fun and Profit Using DISC. Hadnagy, a renowned social engineer and DerbyCon staple, promised to share with the audience “how to use a quick and easy profiling tool to make targets feel as if you can read their minds.”
2016-09-16 08:00:00

Securing Security’s Future Through Better Hiring

By Katherine Teitler
September 16, 2016
Hiring security staff is a big challenge. Not only does the industry need more people to fill the open positions than it currently has, but to complicate matters further, hiring managers aren’t necessarily security professionals themselves; many organizations’ security teams report to IT, operations, or even finance.  
2016-09-14 08:00:00

Do Security Certs Matter to You?

By Katherine Teitler
September 14, 2016
By many estimates, the demand for information security practitioners far exceeds availability. As security becomes an appreciable concern for large and small companies alike, it stands to reason that the industry is going to face a serious shortage in the coming years if new practitioners aren’t found or cultivated.
2016-09-08 10:00:00

Interested in Becoming an InfoSec Pro? Here’s Some Sage Advice

By Marcos Colón
September 08, 2016
Unless you're oblivious to the news, you're well aware that the information security industry is getting a lot of attention. Be it the headline-grabbing breaches taking place on a seemingly frequent basis, or the fact that the number of digital internet-connected devices per capita is increasing constantly.
2016-09-06 08:00:00

Security Budgeting Season is Upon Us

By Katherine Teitler
September 06, 2016
Like it or not, fall is right around the corner, and for many private enterprises, fall means Q4 which means facing the dreaded budgeting season. If budgeting itself weren’t cumbersome enough, cybersecurity budgets—even if they stand alone—are often part of a larger function. 
2016-08-30 08:00:00

Securing Applications; Creating Business Opportunities

By Katherine Teitler
August 30, 2016
Applications have become the technological underpinnings which enable employees to do their jobs faster, more accurately, and with greater ease. Applications have become so ubiquitous within organizations that most employees don’t even consider the tools with which they are working “applications” at all. 
2016-08-19 08:00:00

Security Teams Suffer from lack of Visibility

By Katherine Teitler
August 19, 2016
Information security teams face a serious problem when they are unable to detect the presence of a threat actor inside organizational systems. Knowing who has access to key applications is an imperative for trying to protect the company, yet according to a new report published by Okta that may not be a case.
2016-08-17 08:00:00

The CFP Process Isn’t as Scary as you Think

By Katherine Teitler
August 17, 2016
Calls for presentations: Depending on whom you ask, CFPs are either a great opportunity for subject matter experts to display knowledge and vie for a coveted spot on a conference program, or an absolute nightmare, as the intended speaker carefully calculates the best topic to submit.
2016-08-15 08:00:00

Hacking the Term “Hacker”

By Katherine Teitler
August 15, 2016
The term “hacker” is thrown around liberally nowadays. It’s a surefire traffic-boosting headline, and the media seizes any opportunity to publish a story with a hacker connection, often positioning the word as a synonym for “malicious attacker.”
2016-08-12 08:00:00

Countering the “Security is Winning When Nothing Happens” Misconception

By Katherine Teitler
August 12, 2016
Many in the security industry, myself included, are guilty of falling into the trap of saying that security is a discipline in which the big “wins” come when “nothing happens.” It’s an easy statement to make, especially when working with business leaders who see only the end result (i.e., no breach, no media headline) and make this claim.
2016-08-11 08:00:00

Digital Trust: How do your Business Partners Affect Risk?

By Katherine Teitler
August 11, 2016
“We’ve seen breaches where the ‘partner effect’ has played a major role, but have you noticed that nobody seems to really know how to manage that risk well,” poses Pete Lindstrom, Vice President of Security Research at IDC. 
2016-08-04 08:00:00

When Governments Try to Control the Internet

By Katherine Teitler
August 04, 2016
Totalitarians need to control everything they can—it’s a deep-seated need that stems from the (occasionally true) fear that someone, somewhere, is plotting their overthrow. It seems that the totalitarian impulse to control extends to communications first, whether it’s mail, telegraph, telephone, or Twitter.  
2016-08-03 07:00:00

3 Quick Tips to Help Healthcare Security Managers Lower Cyber Risk

By Marcos Colón
August 03, 2016
There’s progress being made in the healthcare industry as it relates to information security. Yes, recent studies indicate that 90 percent of all healthcare organizations have been the victim of a data breach in the last two years.
2016-07-29 08:00:00

Talking Security: Your Words and Tone Matter

By Katherine Teitler
July 29, 2016
Listening to the political conventions these past two weeks, I couldn’t help but think about security: the conversations security practitioners have with senior management and other business units, the conversations practitioners have amongst themselves, and yes, even talks given at conferences. 
2016-07-27 08:00:00

The Feds are Seriously Taking Cybersecurity Seriously

By Katherine Teitler
July 27, 2016
On Tuesday, the White House issued its Presidential Policy Directive-41 (PPD-41), or “United States Cyber Incident Coordination” plan. The PPD follows on the heels of the Cybersecurity National Action Plan, the Obama administration’s attempt to button up cybersecurity efforts in the face of growing threats against U.S. entities.
2016-07-22 08:00:00

Tech Companies Assist the FBI in Criminal Takedown

By Katherine Teitler
July 22, 2016
After last winter’s frosty standoff, Apple and Facebook are now making headlines for being in cahoots with the FBI. For a few years, the bureau has been tracking Kickass Torrents, a very popular file sharing site, and trying to link illegal reproduction and distribution of online media, including movies, TV shows, music, and video games. 
2016-07-21 08:00:00

Video: Why spending more on security technology is not the answer

By Marcos Colon
July 21, 2016
  The evolving threat landscape makes it incredibly difficult for security professionals to protect their organizations. You’d think that with the abundance of security solutions deployed they’d be able to manage cyber risk effectively, yet, the technology that’s intended to protect their organizations may be causing more problems.
2016-07-20 08:00:00

Consumerization of Robo-Services Will Push Enterprise Automation

By Katherine Teitler
July 20, 2016
Betterment, an online investment robo-advisor, is the first of its kind to surpass $5 billion in assets under management. Robo-advisors, for those unfamiliar, are automated, algorithm-based finance portfolio management services. 
2016-07-19 08:30:00

CISOs Need to be More Than Business Leaders

By Katherine Teitler
July 19, 2016
The role of the CISO is changing. We hear about it every day: CISOs must become more business oriented and fine-tune communication skills so other executives consider heads of security business equals.
2016-07-08 08:00:00

The Evolution of Cybersecurity

By Katherine Teitler
July 08, 2016
“A lot of security departments are swimming in the wrong direction,” says Raef Meeuwisse, Director of Cybersecurity at Cyber Simplicity Ltd. By this, Meeuwisse means that companies haven’t yet redirected the scope of their security programs—the tools, technologies, and processes—to reflect current threats. 
2016-07-07 08:00:00

Password Sharing Gets its Day in Court

By Katherine Teitler
July 07, 2016
Security practitioners have long decried the practices of password sharing. Now an appellate court has bolstered that sentiment by handing down a decision in United States v. Nosal, ruling that a former employee of executive search firm Korn/Ferry International has violated the Computer Fraud and Abuse Act.
2016-07-06 08:00:00

Are Your Third-Party Risk Assessments up to Snuff?

By Katherine Teitler
July 06, 2016
Even small, home-spun businesses have a handful of third-party vendors with which they must connect to keep the lights on and the money flowing. Larger organizations might have hundreds or thousands of partners in the supply chain. 
2016-06-29 09:00:00

Third Party Risk Management: The Russian nesting doll of infosec challenges

By Marcos Colon
June 29, 2016
For security practitioners, the name of the game is risk management. These risks come in all shapes and sizes, from system vulnerabilities and the onslaught of evolving malware, to threats posed by insiders.
2016-06-27 08:00:00

How Baylor University Approaches Its Security Challenges

By Katherine Teitler
June 27, 2016
Colleges and universities are generally considered settings for learning, openness, and ideas. Students and professors alike are encouraged to explore new thinking and push boundaries. The best academic universities on the planet have entire departments focused on researching subjects unconsidered universally.
2016-06-24 08:00:00

A Deeper Look at the Ponemon 2016 Cost of a Data Breach Study

By Katherine Teitler
June 24, 2016
The 2016 Cost of a Data Breach Study conducted by Ponemon Institute and sponsored by IBM was released in mid-June. One thing the report fails to do is focus on how organizations are improving or declining year over year. Luckily, past reports are still available, enabling a side-by-side look at a few of the key findings.
2016-06-21 08:00:00

The Security Practitioner’s Future

By Katherine Teitler
June 21, 2016
Several years after the introduction of DevOps, the security community continues to laud the method while scant few developers are hopping on the bandwagon. One of the issues is that “security” isn’t part of DevOps. 
2016-06-13 08:00:00

The “War” on Cybercrime isn’t Helping

By Katherine Teitler
June 13, 2016
Security is often a battle. In one corner we have the security team warning the rest of the business of the dangers of “X” or fighting to implement new policies and technologies that will help keep the business secure. In the other corner we have lines of business wanting and needing faster, better, more profitable enablement tools and processes.
2016-06-07 08:00:00

Avoid Being the Infosec Scapegoat

By Katherine Teitler
June 07, 2016
During the recent EuroCACS conference Raef Meeuwisse, Director of Cybersecurity & Data Privacy Governance at Cyber Simplicity Ltd., referred to the CISO as the “Chief Information Scapegoat Officer,” based on an article posted on Infosecurity Magazine. 
2016-06-02 08:00:00

Wish You Were Here: China Proposes Contentious Cybersecurity Rules

By Katherine Teitler
June 02, 2016
China is once again making it more difficult for international organizations to conduct business in the country. Last year, the China Insurance Regulatory Commission (CIRC) announced draft rules that would require insurance carriers to buy and utilize “secure and controllable” solutions for IT.
2016-05-27 08:00:00

I Still Haven’t Found What I’m Looking For

By Katherine Teitler
May 27, 2016
  The Internet of Things (IoT) is transforming the world in ways unimaginable 5-10 years ago. For many of us, IoT extends to the innovation of smartwatches, connected cars, and smart home devices, which have substantially changed the way we live.
2016-05-26 08:00:00

A Change Would do you Good

By Katherine Teitler
May 26, 2016
Apple’s highly guarded and stringent software development process may start to chill out this summer, according to a report in The Information. The company is well known for its rigorous development practices, which helped it climb to the top of security practitioners’ lists as the platform of choice when selecting smartphones and mobile devices in recent years. 
2016-05-13 08:00:00

All I do is Win

By Katherine Teitler
May 13, 2016
The decline in TalkTalk's profits is undoubtedly due to the aftereffects of a cyberattack in which the names, phone numbers, and email addresses of a reported 157,000 customers were lost. In addition, during the same incident 21,000 bank account numbers were accessed. 
2016-05-05 08:00:00

What Are You Waiting For?

By Katherine Teitler
May 05, 2016
WhatsApp, a popular encrypted messaging app, was briefly shut down throughout Brazil earlier this week after a regional judge ordered the country’s telecom providers to temporarily block the app.
2016-05-03 08:00:00

You’re Out of Touch, I’m Out of Touch

By Katherine Teitler
May 03, 2016
Spy movie aficionados know that the most secure rooms and hiding places are protected by biometric authentication, requiring thieves to go to great lengths to gain entry. When the tables are turned, however, and the government needs access to information about said criminals, all they need to do is ask! 
2016-04-29 08:00:00

Where You Lead, I Will Follow

By Katherine Teitler
April 29, 2016
Recently I was having a conversation with a good friend, a good friend who also happens to be a leadership and communication expert. We were discussing the topic of leadership in the security industry and how, while there are many bosses and executives, there are few truly excellent leaders in security today.
2016-04-19 08:00:00

Don’t Fall in Your FUD

By Katherine Teitler
April 19, 2016
Have you ever slowed your car while driving to gawk at an accident on the side of the road, or been frustrated by the car in front of you that did? Have you caught yourself mesmerized by a ridiculous YouTube video?
2016-04-13 08:00:00

Where Will You Find Your Next-Generation Workforce?

By Katherine Teitler
April 13, 2016
The entire security industry knows we have a staffing problem. With demand for security talent far greater than supply, companies with the right resources are positioned to lure top talent from competitors while everyone else is scrambling to find anyone with adequate technical acumen to learn the craft.
2016-04-11 08:00:00

That’s A Wrap: InfoSec World 2016 Highlights in Hindsight

By Katherine Teitler
April 11, 2016
InfoSec World 2016 is now in the books. For the better part of a week, infosec pros took over The Contemporary Resort to discuss everything from building an incident response plan to leadership skills to active defense and trust.
2016-04-07 08:00:00

InfoSec World 2016 Attendees’ Top Interests

By Katherine Teitler
April 07, 2016
You know the saying: Bigger isn’t necessarily better. When it comes to conferences, however, knowing your audience’s interests and preferences is key to putting on a great event.
2016-03-28 05:00:00

Selecting an eGRC Software Tool and Not Living to Regret it

By Ben Rothke
March 28, 2016
If you are going to be in Orlando in the beginning of April and are an information security professional, why wait in humid 90-minute long Disney lines when you can enjoy Orlando indoors at the Infosec World 2016 conference? Another benefit of the conference is that vendors at the expo give you t-shirts. This is the only free thing you'll find at Disney.
2016-03-22 08:00:00

Under Control

By Katherine Teitler
March 22, 2016
Major technology providers are not the only ones thinking about how to best protect user data. Users, too, are becoming increasingly concerned, and when those users are PhDs and professors at some of the world’s top universities, innovation is spawned.
2016-03-22 05:00:00

So, How is that Risk Management Thing Workin’ For Ya?

By Jeffrey Ritter
March 22, 2016
We are currently engaged in a war to achieve victory over risk. Okay, perhaps "war" is not the right way to describe the status quo. None of us can ever achieve total victory over risk. Any expert will say some risk always persists in any activity we undertake.
2016-03-21 05:00:00

Why Security Leaders Need to Communicate Value More Effectively

By Michael Santarcangelo
March 21, 2016
How effective is your communication? How do you fare when asked to explain security risks? What about when defending the need for investment? Are you effective? How do you know? How do you measure your communication efforts?
2016-03-16 05:00:00

Advancing Your Security Leadership Journey

By Michael Santarcangelo
March 16, 2016
Are you valued as much a leader as you are a security resource (with a team)? It's the gut check question I ask of security leaders. In most cases, the answer is no. Most security leaders say they receive recognition for technical prowess, not for leadership.
2016-03-15 08:00:00

Love ‘em and Lead ‘em!

By Retired Colonel Jill Morgenthaler
March 15, 2016
U.S. Army Major General John H. Stanford was asked about how one becomes a leader. "When anyone asks me that question, I tell them I have the secret to success in life. The secret to success is to stay in love. Staying in love gives you the fire to really ignite other people."
2016-03-07 08:00:00

Happy Anniversary, RSA 2016

By Katherine Teitler
March 07, 2016
Over 40,000 attendees and nearly 550 vendors are getting back to their inbox this week after having attended the gargantuan vendor show otherwise known as RSA. It was RSA’s silver anniversary, and as with each passing year, it gets BIGGER with age!
2016-03-07 08:00:00

Are you Trusted to be a Security Leader?

By Michael Santarcangelo
March 07, 2016
There is no shortage of quotes to capture the importance of trust: hard to earn, easy to lose, and essential to our success as security leaders. Yet a troubling trend is emerging: the trust we need to be successful as security leaders is eroding.
2016-02-23 08:00:00

Bridging the Gap between Enterprise Information Security and the Business

By Dave McPhee, Information Security Manager, Caterpillar
February 23, 2016
Information security and the business need to be in a partnership, not a dictatorship with one party demanding the other follow certain rules and guidelines. Through a true partnership, information security risks can be mitigated and business disruptions limited, thereby creating an improved relationship and organizational efficacy. 
2016-02-17 08:00:00

Where the Security Things Are

By Katherine Teitler
February 17, 2016
The security field needs more practitioners. The insanity that is our “always-connected” world necessitates more resources to manage, monitor, and maintain personal and enterprise data – from email accounts to mobile phones to chock-full-of-tech refrigerators. 
2016-02-12 12:00:00

Lookin’ Out My Backdoor

By Katherine Teitler
February 12, 2016
As debates about privacy versus encryption rage on, with the US, UK, and France on one side and Germany and the Netherlands on the other, Bruce Schneier, Kathleen Seidel, and Saranya Vijayakumar decided to take a look at the encryption products market and replicate a study conducted in 1999.
2016-02-03 03:28:00

Web-blindness: Why Website Security Needs Our Attention

By Katherine Teitler
February 03, 2016
Security professionals spend a lot of time thinking about protecting their back end systems and the information contained therein. They think about the scariest and sneakiest vulnerabilities and what an exploit means in real terms: will this disrupt business operations? Will our company lose sensitive data? Will I be fired?

CPE imageMIS Training Institute is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.  

Copyright ©2019 MIS Training Institute Holdings, Inc. All rights reserved.  
Contact Us | Privacy | Terms and Conditions | Cookie Policy | Site Map Regional Preference