A Review of the Best News of the Week on Cybersecurity Management & Strategy
Will GDPR be the death of WHOIS? (Help Net Security, May 31 2018)
Two cybersecurity and privacy attorneys recently argued that the General Data Protection Regulation (GDPR) will interfere with the availability of the WHOIS database and will seriously hinder the efforts of law enforcement and security researchers to track down malware peddlers, phishers, hackers and other online criminals.
Forget Solving The Cyber Security Skills Shortage (Nick Hutton Blog, May 29 2018)
“It didn’t take an army of experts to make cholera a thing of the past in Victorian London. Just a few smart people with knowledge, a winning system, access to capital, and a practical plan to get that system implemented using cheap labour…The plans and systems had to be simple enough to be repeated and executed by novices. Is Information Security really so different?”
IBM warns of instant breaking of encryption by quantum computers: ‘Move your data today’ (ZDNet, May 29 2018)
Welcome to the future transparency of today as quantum computers reveal all currently encrypted secrets — a viable scenario within just a few years.
SecMon State of the Union: Refreshing Requirements (Securosis, May 29 2018)
what you need to look for in a security monitoring solution…
Is your human resources department more vulnerable to cyber crime? (TechHQ, May 30 2018)
According to The Verizon 2018 data breach investigation report released last month, cybercriminals are increasingly targeting HR departments within organizations.
The Bleak State of Federal Government Cybersecurity (Wired, May 30 2018)
Nearly three out of four federal agencies is unprepared for a cyberattack, and there’s no system in place to fix it.
Ticketfly got hacked, user data was leaked (Help Net Security, Jun 01 2018)
Ticketfly, a ticket distribution service owned by event management and ticketing pioneer Eventbrite, appears to have been hacked.
6 Security Investments You May Be Wasting (Dark Reading, May 31 2018)
Not all tools and services provide the same value. Some relatively low-cost practices have a major payoff while some of the most expensive tools make little difference
Senators Ask National Security Advisor to Save Cybersecurity Coordinator Role (SecurityWeek, May 31 2018)
A group of Democrat senators is urging National Security Advisor John Bolton to reconsider the decision to eliminate the role of cybersecurity coordinator, arguing that it represents a step in the wrong direction.
Thoma Bravo Acquires Majority Stake in LogRhythm (Dark Reading, May 31 2018)
The SIEM vendor sells stake to private equity firm.
Supermarket retailer CISO identifies millennials, sales and marketing pros as riskiest employees (SC Magazine, May 31 2018)
Supermarket giant Ahold Delhaize has determined that the employees who engage in the riskiest cyber behavior tend to be sales and marketing professionals, high-level executives and millennials, according to the company’s global CISO Carolyn Schreiber.
What CISOs can learn from Tyrion on Game of Thrones (Help Net Security, May 29 2018)
Game of Thrones is a gripping, global phenomenon. One of the main reasons for its popularity is its nuanced portrayal of characters who are not 100% good or evil.
CIOs are forced to compromise between faster innovation and perfectly working software (Help Net Security, May 29 2018)
An independent global survey of 800 CIOs revealed that 73% of organizations say the need for speed in digital innovation is putting customer experience at risk. The study found that on average, organizations release new software updates three times per working hour, as they push to keep up with competitive pressures and soaring consumer expectation.
FireMon to Buy Lumeta (Dark Reading, May 29 2018)
Network security policy vendor looks to expand its offerings to real-time situational awareness on-premise and in the cloud.
Catching Up with Symantec (CSO Online, May 25 2018)
Symantec has some internal challenges and increased competition, but it appears to be facing these challenges from a position of strength in the market.
Cybercrime Is Skyrocketing as the World Goes Digital (Dark Reading, Jun 01 2018)
If cybercrime were a country, it would have the 13th highest GDP in the world.
The emergence and impact of the Data Protection Officer (Help Net Security, Jun 01 2018)
Many companies either didn’t have time, are ignoring, or are unaware of the true impact of GDPR and how it not only affects systems and processes, but also staffing needs. That said, one of the lesser known mandates of the regulation is the creation of a completely new role: The Data Protection Officer (DPO).
Still only 1/3 of companies have cyber insurance despite increasing risks and costs (SC Magazine, May 31 2018)
Schneider Electric CISO Tony Parrillo and Aon Risk Solutions Senior Vice President James C. Trainor discussed cyber insurance at SC Media’s RiskSec.
Study shows admins are doing a terrible job of patching servers (Network World Security, May 31 2018)
Three-quarters of examined open-source servers have unpatched exploits.