Cybersecurity Executive Insight, opinions and analysis l SC Media

Executive Insight

Four attributes that make for a valuable pen tester

There is an increased industry demand for penetration testers (pen testers) as enterprises shift from reactive to proactive security. With that demand shift, I’m often asked by prospective cybersecurity candidates, “How do I break into penetration testing?” Before answering, I always want to make sure the person that asks understands what a pen tester actually…

Career advice for current and future CISOs

Cybersecurity professionals have a unique opportunity to make the world a safer place. Our work protects important economic and public interests from real threats. It’s a high-stress, high-reward job career path that can provide life-long satisfaction. Wise security professionals strategically take on roles that have increasing impact over time and demonstrate value to employers. This…

Harmonization of the NIST framework for risk, security and privacy

Amidst rising concern around consumer data privacy, NIST is currently developing a data privacy framework that is similar in spirit to the popular Cybersecurity Framework (CSF). Like the CSF, the upcoming privacy Framework will be a close inter-collaboration between public and private sector stakeholders to create a gold-standard, voluntary framework. The great challenge will likely…

Should companies based in authoritarian countries be permitted to invest in sensitive areas of another country’s economy?

5G technology promises to be truly revolutionary. Not only will it make communications virtually instantaneous, but it has the potential to unlock the ‘Internet of Things’. 5G could connect super high-speed internet, with almost no time lag, to physical objects so that they can be remotely controlled or even work autonomously. This could include anything…

What can be done about the growing threat of spoofing?

Robocalls and “spoof” calls are much more than just annoyances. They’re also a lucrative underworld business that poses significant security and privacy threats to businesses and consumers. Between March 2017 and March 2018, nearly 25 million Americans lost almost $9 billion to scam phone calls. If any doubt remains how insidious the business is, just…

Securing multi-cloud environments: assurance through consistency

Meeting the security and compliance needs across different cloud service providers (CSP), and an organization’s own data center, remains a thorny challenge. Today, many enterprises are migrating business-critical workloads to the cloud, or have done so recently. Others are taking a ‘lift-and-shift’ approach for select applications, leveraging new integrations for legacy systems. This journey may…

Why vendors who achieve ISO 27001 are important for audio/video buyers

Accreditations may seem like promotional mechanisms that appear on a vendor’s marketing material. Think again and take a closer look. As data compliance impacts organizations, enterprise leaders need to take vendors more seriously when standardizing on video conferencing solutions. It’s time to start conducting some thorough checks. ISO what? Data protection is the bastion of…

A sleeping security threat: How to protect against container compromise

Container technology makes it possible to independently package and run software across computing environments, improving software development efficiency and IT operations. Recent advances make it easier than ever to use, but security can’t be overlooked. Similar to the adoption of DevOps and cloud technologies, the introduction of containers expands an organization’s attack surface.  Attackers are…

Next post in Executive Insight