A Review of the Best News of the Week on CISO Views

Putting the P, D, and R back into Endpoint Protection Detection and Response (Gartner Blog Network, Oct 23 2017)
Gartner just published a research note Market Insight: Increase Market Share With User-Aware and Bundled Endpoint Security that shows most endpoint security buyers want to buy EPP (Endpoint Protection) and EDR (Endpoint Detection and Response) together in one package with one agent. That would be a good start for a fragmenting market.

Mr. Robot eps3.2_legacy.so – the security review (Naked Security – Sophos, Oct 26 2017)
We’re looking at how Mr Robot’s treatment of security stacked up in s3 e3

Bad Rabbit ransomware outbreak (Naked Security – Sophos, Oct 24 2017)
The Bad Rabbit ransomware outbreak is spreading into Europe from Russia

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

5 Reasons Why the CISO is a Cryptocurrency Skeptic (Dark Reading, Oct 26 2017)
If you think all you need is technology to defend against bad guys, you shouldn’t be a CISO. But technology is all cryptocurrency is, starting with Bitcoin.

Why Patching Software Is Hard: Organizational Challenges (Dark Reading, Oct 25 2017)
The Equifax breach shows how large companies can stumble when it comes to patching. Organizational problems can prevent best practices from being enforced.

Google Security interview “human solutions – the way to go.” (SC Magazine, Oct 24 2017)
Google has launched of a range of personal and corporate security enhancements (below) this month. Google security expert Allison Miller, spoke to SC about the organisation’s approach to security and privacy concerns.

Twitter reveals plan for tackling abuse. Again. (Naked Security – Sophos, Oct 24 2017)
A leaked memo detailed Twitter’s latest attempt to crack down on trolls.

Suddenly, the CEO cares about cybersecurity (CSO Online, Oct 25 2017)
When the business leaders start to ask questions about how the organization’s security looks, it’s time to make sure they grasp what’s going on and what needs to happen, so we can do it right.

Three Discussions CISOs Should Expect When Attending CyberConnect (Secure Thinking by Centrify, Oct 23 2017)
1) How to Keep Your Organization Secure While Addressing Business Concerns, 2) Identity Best Practices That Industry Leaders Are Following, and 3) What To Do If You Are Hacked

Quantum Computing Will Not Break Your Encryption, Yet (Forbes, Oct 26 2017)
A much-feared potential application for Quantum Computing is breaking cryptographic keys and compromising security encryption that protects sensitive data. It is possible, but it is unlikely to happen until the 2030s. There are at least 3 challenges behind why it will take so long.