Critical thinking, systems thinking and design thinking are important elements missing in cybersecurity education today. In this interview, Dan Faughnan, ex- Canadian Security Intelligence Service, discusses how thinking about cyber as part of a broader threat spectrum relates to national security.
The latest edition of the ISMG Security Report features an analysis of best practices for negotiating a ransom payment. Also featured: Busting Zero Trust myths and the dangers of mythologizing defenders.
In her latest book, "Rhetoric of InSecurity: The Language of Danger, Fear and Safety in National and International Contexts," academic Victoria Baines questions the imagery and rhetoric we use to communicate safety and security issues, and details their unwelcome impact on the workforce.
Speaking about his role as managing director, business information security, at financial giant State Street, TJ Hart says, "I wake up nervous, and I go to bed nervous." But he channels that energy into trying to better understand the threat landscape and use that data to make better business risk decisions.
CISOs need to be open to ideas and suggestions from their peers and other functions and exhibit thought leadership to establish collective defense thinking in fighting threats, says Steven Sim Kok Leong, president of ISACA, Singapore chapter and chair of OT-ISAC Executive Committee.
Leon Ravenna, CISO of KAR Global, starts each day on the job with the expectation that this could be his last. That's how urgent cybersecurity has become, and it's in part why he's driven to dispatch the image of the CISO as the bureaucratic "Dr. No."
It makes sense that automated mainframe software testing would deliver significant business benefits, from increased developer productivity to cleaner code to faster application delivery. But what kind of quantified results and ROI can you expect?
Download this Forrester study commissioned by BMC Compuware and...
The latest edition of the ISMG Security Report features insight from U.S. Sen. Angus King on why the federal government needs to declare a clear response to cybercriminals in order to deter them. Also featured: Ransomware affiliates gain power and promoting diversity of thought in cybersecurity.
While doing digital transformation, CISOs tend to look more at technology and try to adapt it without making the distinction between technologies that are must-have and good to have. Krishnamurthy Rajesh of ICRA says CISOs must analyze risks, update security, and change the mindset of employees.
Four ISMG editors discuss important cybersecurity issues, including law enforcement authorities' disruption of ransomware gang REvil's operations, how to collaborate as an industry to fight the surge in ransomware attacks hitting businesses, and increasing diversity and inclusion in the workplace.
For today’s business, security is a teamwide effort and should involve everyone at your organization, not just IT. All it takes is one slightly out-of-date computer or a reused password for a cybercriminal to gain access to your company's most sensitive data.
Is your security risk management handled only by IT?...
In his second Rant of the Day for the CyberEdBoard Profiles in Leadershop blog, Ian Keller, security director at Ericsson and CyberEdBoard executive member, talks about what a CISO does - and what a CISO should do.
In a report published earlier this week, (ISC)² - the international non-profit association that certifies cybersecurity professionals - says minority security practitioners, including people of color and women, are underrepresented in the field and offers practical steps to address the issues.
Ransomware and nation-state threats are daunting. But the threat that concerns Mustapha Kebbeh the most is supply chain risk. The Brinks CISO discusses how he has tackled this, as well as the challenges of tool complexity and peer collaboration.