IT Security Opinions | SC Media

Opinion

The Freakonomics of malware: What security leaders can learn by studying incentives

In the best-selling series of pop-economic books Freakonomics, a ‘rogue’ economist Stephen Levitt partners with veteran journalist Stephen Dubner to uncover the hidden side of everything. Posing such provocative questions as ‘why do drug dealers still live with their moms?’ and ‘how are the Ku Klux Klan like a group of real estate agents?’ the…

Cyber leaders must take ownership of cyber skills gap

We’ve all heard about the cyber skills gap by now. As cyber adversaries grow more advanced and organizations struggle to manage these evolving threats, cybersecurity jobs are getting harder to fill. There are an estimated 2.9 million unfilled openings worldwide, with half a million in North America alone. Meanwhile, 60% of organizations say it takes…

Creating a next-gen cybersecurity roadmap

As many of today’s enterprises are struggling to get their arms around cybersecurity, our world has seen an explosion in the number of solutions, providers and recommended steps to take to secure a company’s environment and protect it against cyber incidents.  With so many options and no standardized solution, it is difficult to know where…

Adapting the classical art of penetration testing to the cubist world of cloud

Many technical practitioners may believe that, at the end of the day, penetration testing is penetration testing. Proper penetration testing, however, is an art that must adapt over time. As an artist’s tools, materials, and media evolve, art evolves. With this evolution in “technology, techniques and approaches must change as well. Our “IT medium” has…

How to craft a U.S. privacy law fit for a tech company

Facebook, Google, IBM, and Microsoft have all reportedly “aggressively lobbied” the current administration to start developing a federal privacy mandate. Recently, Cisco joined that chorus of tech giants (“Big Tech”) calling for stronger American privacy laws. Intel has gone a few steps further, drafting its own version of a U.S. privacy bill and opening an…

Part 5 – Cooperative cybersecurity protection for large-scale infrastructure

Developing your own infrastructure protection solution The era of governments protecting business and citizens from serious attacks, including from foreign adversaries, may have already passed – at least in the context of cybersecurity. That is, while it remains reasonable to expect government protect against physical attacks such as from bombs and missiles, as a general…

Part 4 – Cooperative cybersecurity protection for large-scale infrastructure

Building a collective platform Any commercial platform to support collective security operations must have certain functional attributes and operational capabilities to work properly in practice. In this section, we lay out the salient aspects of such a platform, trying to maintain some degree of generic design. Enterprise security teams considering use of a platform supporting…

Part 3 – Cooperative cybersecurity protection for large-scale infrastructure

Cybersecurity analytics for large-scale protection Click here for part 2. Most modern security analytic methods and tools are best suited to larger infrastructure with large data sets. That is, it is unlikely that one would use real-time, telemetry-based monitoring with 24/7 coverage for a personal computer, unless that personal computer was connected to a larger…

Part 2 – Cooperative cybersecurity protection for large-scale infrastructure

Cyberthreats to infrastructure Click HERE for Part One Any cooperative effort that supports large-scale infrastructure protection must begin with an accurate perception of the real cyber risks that must be addressed. Experts understand that risk is measured by combining the probability of bad outcomes with the consequences of such outcomes. In the context of infrastructure…

Next post in Executive Insight