International Information Systems Security Certification Consortium, (ISC)2
Don't alienate development teams - communicate with them
Application and software vulnerabilities are increasingly popular routes for cybercrime. This has led to pressure on development teams to contribute to security, but most security managers don’t have a strong understanding of modern development teams, tools and practices.
December 08, 2014 12:29:00 PM Read Full Post
Ten years of (ISC)2's Global Workforce Surveys have charted seismic shifts in the nature of the security workforce
The cybersecurity profession is changing beyond all recognition from a narrow specialism based on technology into a wide-ranging profession encompassing people, processes and policies and reaching into every area of business from training room to boardroom.
November 10, 2014 5:25:00 PM Read Full Post
Are boards getting the advice they need?
PwC’s Global State of Information Security Survey contains a number of striking points, starting with the disconnect between the board and security teams in businesses across the globe.
October 06, 2014 11:21:00 AM Read Full Post
If SMEs don't trust the cloud it's because they fail to do due diligence
For business the cloud too often remains a murky territory where they lose visibility over how their assets are protected and questions of security and legal liability become increasingly blurred.
September 29, 2014 11:07:00 AM Read Full Post
Gaining control of privacy is not going to be easy
Gaining control of privacy is not going to be easy If you want the sort of absolute privacy that extreme libertarians espouse, that fight is pretty much lost (unless you live in a cave and have never left it). Most people are more pragmatic: they...
July 28, 2014 6:35:42 PM Read Full Post
Ensuring privacy as well as clinical safety
Consumer-oriented technologies and services have already established a foothold in healthcare. If you visit a modern medical establishment you will see personal electronic devices (PEDs) being used. There may be some strictly controlled zones...
July 14, 2014 6:23:10 PM Read Full Post
CISOs need to work out some processes and quickly
CISOs need to work out some processes and quickly The European Court’s (EU) recent ruling that Google must erase search results at the request of people is only the tip if the iceberg. It has spawned a host of issues surrounding ‘the...
June 25, 2014 1:38:46 PM Read Full Post
Relief looks like being temporary
The combined and apparently heroic effort from the National Crime Agency, Europol and the FBI to take out the heart of the botnet fuelling Gameover (or GOZeus) and Crytolocker last week is a significant development. Unfortunately, it is unlikely...
June 11, 2014 6:11:43 PM Read Full Post
The consequences of the eBay breach may not be known for some time
Hot on the heels of Heartbleed (albeit a different type of security issue), the eBay data breach has yet again rocked the security world - the personal details of 145 million or more active users are in the hands of hackers. This once again...
May 23, 2014 4:14:56 PM Read Full Post
Data privacy governance in healthcare can quickly become a labyrinth.
Information security risks in healthcare are growing as ever greater use is made of information technology to improve care outcomes. While there are undoubtedly medical benefits to increased sharing of medical information, given the number and...
March 11, 2014 2:40:07 PM Read Full Post