Tag: information security

October 4, 2018

Will you be going to the upcoming Gartner Symposium/ITxpo conference in Orlando, Florida in October? If you are, please stop by, attend my session, and say hello as I will be presenting on “Best Practices with Machine Learning in Security […]

October 1, 2018

When you think of security analytics and operations, one technology tends to come to mind – security information and event management (SIEM). SIEM technology was around when I started focusing on cybersecurity in 2002 (think eSecurity, Intellitactics, NetForensics, etc.) and […]

September 21, 2018

There is simply no avoiding it. Every business, regardless of size or type, has entered into “shrink-wrap” or “click-wrap” agreements (i.e., non-negotiable agreements provided with various types of software and cloud services). In most instances, even small organizations are bound […]

July 24, 2018

I learned last Saturday at 5 a.m. what several small pellets can do to disrupt someone’s life. It took three doctor visits, a large amount of medications, and a lot of patience to deal with this situation. It was a […]

July 24, 2018

With the exception of a passing comment about digital forensics on a desktop computer and email controls, Bad Blood: Secrets and Lies in a Silicon Valley Startup by Pulitzer Prize-winning investigative journalist John Carreyrou, seemingly has nothing to do with […]

July 10, 2018

If you’re a fan of TV crime dramas, you’ve no doubt seen one of those episodes where the bad guy gets away with something because the local police department doesn’t have a key piece of information about him that the […]

June 30, 2018

In a recent blog post, I discussed limitation of liability clauses in technology contracts. Given the favorable response to that post, I thought it would be of interest to discuss another misunderstood and frequently neglected area of technology contracting: information […]

June 28, 2018

Have you ever wanted to watch new technology develop years before it attains mass appeal? Or wondered how entrepreneurs, venture capitalists and security CTOs start building today what users will request in two years? I try to track an incubation […]

June 27, 2018

Back in 2016, venture capitalist Benedict Evans stated that the best is often the last. He elaborated by saying, “The development of technologies tends to follow an S-Curve: they improve slowly, then quickly, and then slowly again. And at that […]

June 18, 2018

On March 28, 1979, at 4:00 am, reactor two of the Three Mile Island nuclear plant suffered a catastrophic failure. The problem was relatively simple: a stuck value prevented reactor coolant from returning to reactor core, causing the core to […]

June 7, 2018

In March 2018, Symantec unveiled its annual Internet Security Threat Report (ISTR). Two of the main takeaways are that the types of threats are broadening, and already popular attacks are seeing significant increases in execution. The report notes an 8,500 […]

June 6, 2018

It’s 2018, so there’s practically a new breach, vulnerability or some other security-related emergency in the news daily. Given the stakes and risks, you’d think that driving a culture of security and fraud awareness would be easy. However, in many […]

June 5, 2018

There always seems to be plenty of security news to talk about. Someone is making some sort of mistake pretty much all the time. Everything from vulnerabilities in software to organizations getting hacked. We hear about horrible data leaks, bad […]

June 4, 2018

US businesses that have customers or clients in Europe are scrambling to comply as GDPR is now in effect. There are some concerns that the US private sector will have to look out for the policy here at home. With […]

May 25, 2018

I recently saw an ad that read, “Security starts with people,” and it gave me pause. After twenty years in security, I’ve learned that security problems typically start with people, and having them responsible for implementing it is usually a […]

May 17, 2018

As a venture investor focused on AI-enabled software, I’m a promoter of the technology. It can and does provide enhanced value. But over the past three weeks, attending the RSA Security Conference in San Francisco and AI Congress in Las […]

May 16, 2018

Fraud is often perceived as an unavoidable cost of doing business. And in most cases, this perception is accurate. Despite the bevy of new anti-fraud controls continually being implemented and improved among businesses across all sectors, fraud persists. But while […]

April 12, 2018

If you ask a Security Operations Center (SOC) analyst, “What’s your biggest challenge when hunting threats?” The majority will give a response like this, “We have a lot of disparate tools that we need to correlate together to identify what […]

April 9, 2018

There seems to be no end in sight for ransomware and malware attacks after the spike in high-profile incidents last summer. This includes the Wannacry ransomware strike in May 2017; PetWrap/NotPetya attacks in June; the identification of “BlackOasis” through an […]

February 14, 2018

There’s a lot of confusing rhetoric around GDPR (General Data Protection Regulation). I’d like to help clear up some of it. I’m not a GDPR expert; however, I am a CISO with pretty deep experience in the implementation of risk […]