Cybersecurity Executive Insight, opinions and analysis l SC Media

Executive Insight

Nowhere to turn for middle market companies decimated by cybercrime

Middle-market companies are facing the bleak reality that they must increasingly combat cyber threats on their own – with little help and fewer resources than their larger counterparts. Many are finding that they are prime targets ready for ambush by cybercriminals. Because of their modest size, limited resources and long-held perceptions that midsize companies are…

Mobile Device Security for Blue Collar Workers

From blue-collar to new-collar When we picture the typical technology worker, many of us naturally think of an office worker who spends most of their day chained to a desk, sitting in a home office or getting WiFi at a Starbucks. But that view of the tech worker is increasingly too limited. These days, with…

How to build a successful offensive security research team

Over the last several years, as the threat landscape has continually evolved, the severity and sheer volume of security vulnerabilities and attacks has accelerated dramatically, causing the tech industry across the world to look for new ways to prevent crippling cyber attacks. In an effort to outthink and outmaneuver attackers, organizations have begun creating offensive…

The Freakonomics of malware: What security leaders can learn by studying incentives

In the best-selling series of pop-economic books Freakonomics, a ‘rogue’ economist Stephen Levitt partners with veteran journalist Stephen Dubner to uncover the hidden side of everything. Posing such provocative questions as ‘why do drug dealers still live with their moms?’ and ‘how are the Ku Klux Klan like a group of real estate agents?’ the…

Cyber leaders must take ownership of cyber skills gap

We’ve all heard about the cyber skills gap by now. As cyber adversaries grow more advanced and organizations struggle to manage these evolving threats, cybersecurity jobs are getting harder to fill. There are an estimated 2.9 million unfilled openings worldwide, with half a million in North America alone. Meanwhile, 60% of organizations say it takes…

Creating a next-gen cybersecurity roadmap

As many of today’s enterprises are struggling to get their arms around cybersecurity, our world has seen an explosion in the number of solutions, providers and recommended steps to take to secure a company’s environment and protect it against cyber incidents.  With so many options and no standardized solution, it is difficult to know where…

Adapting the classical art of penetration testing to the cubist world of cloud

Many technical practitioners may believe that, at the end of the day, penetration testing is penetration testing. Proper penetration testing, however, is an art that must adapt over time. As an artist’s tools, materials, and media evolve, art evolves. With this evolution in “technology, techniques and approaches must change as well. Our “IT medium” has…

How to craft a U.S. privacy law fit for a tech company

Facebook, Google, IBM, and Microsoft have all reportedly “aggressively lobbied” the current administration to start developing a federal privacy mandate. Recently, Cisco joined that chorus of tech giants (“Big Tech”) calling for stronger American privacy laws. Intel has gone a few steps further, drafting its own version of a U.S. privacy bill and opening an…

Part 5 – Cooperative cybersecurity protection for large-scale infrastructure

Developing your own infrastructure protection solution The era of governments protecting business and citizens from serious attacks, including from foreign adversaries, may have already passed – at least in the context of cybersecurity. That is, while it remains reasonable to expect government protect against physical attacks such as from bombs and missiles, as a general…

Part 4 – Cooperative cybersecurity protection for large-scale infrastructure

Building a collective platform Any commercial platform to support collective security operations must have certain functional attributes and operational capabilities to work properly in practice. In this section, we lay out the salient aspects of such a platform, trying to maintain some degree of generic design. Enterprise security teams considering use of a platform supporting…

Next post in Executive Insight