A Review of the Best News of the Week on Cyber C-Suite Views

Breach at Equifax May Impact 143M Americans (Krebs on Security, Sep 07 2017)
“Equifax, one of the “big-three” U.S. credit bureaus, said a data breach at the company may have affected 143 million Americans, jeopardizing consumer Social Security numbers, birth dates, addresses and some driver’s license numbers.”

CISOs’ Salaries Expected to Edge Above $240,000 in 2018 (Dark Reading, Sep 01 2017)
“CISOs in the 75th percentile salary range will likely see $204,000 in 2018, while the midpoint range will be $170,000 and the 25th percentile, $143,250, according to the report, which surveyed 740 human resource officials.”

Lenovo’s Superfish security fiasco ends in a slap on the wrist (Graham Cluley, Sep 06 2017)
“Technology giant slapped with $3.5 million fine after customers’ privacy and security was compromised.”

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Lenovo’s Superfish bloatware scandal reveals a sneaky tactic we thought Microsoft had started (CSO Online, Sep 05 2017)
“When you click an ‘x’ to close a window and get a software download instead.”

Improving Electoral Cybersecurity in Kenya (Lawfare (blog), Sep 01 2017)
“Kenyan Supreme Court announced it cancelled last month’s presidential election and ordered a new election within 60 days. In a press conference on August 8th, the opposition argued that the election commission system had been hacked and its servers compromised in favor of the incumbent.”

Trump’s Cybersecurity Executive Order Gets Off To a Slow Start (Wired, Sep 03 2017)
After several missed deadlines, Trump’s cybersecurity executive order has gotten off to a slow start…

What to look for when hiring healthcare cybersecurity pros (Healthcare IT News, Sep 05 2017)
“Cybersecurity is not computer science or computer engineering, it is a business discipline that requires people from all backgrounds and majors.”

Is Public Sector Cybersecurity Adequate? (Dark Reading, Sep 07 2017)
“Many governmental organizations are unstaffed, underfunded, and unprepared to fight common attacks, and they could learn a thing or two from the private sector.”

CIO or C-Suite: To Whom Should the CISO Report? (Dark Reading, Sep 07 2017)
“Five reasons why the chief information security officer needs to get out from under the control of IT.”

Endpoint Security Overload (Dark Reading, Sep 05 2017)
“CISOs and their teams are over-investing in endpoint security tools, driving inefficiency and a need to consolidate data.”

Meet the WISOs: 10 Women Information Security Officers to watch (CSO Online, Sep 08 2017)
“As girls and young women become interested in cybersecurity, they can look to these Women Information Security Officers for inspiration.”