Tag Archives: attacks

Passwords Redefined | Make Your Password Interesting, Not Difficult! – with James Crifasi

This episode is sponsored by the CIO Innovation Insider Offense and Defense Community.

My guest this week is James Crifasi, Vice President and CTO of RedZone Technologies.

In this interview we discuss the importance of password security. Implementing a strong password policy and educating users is vital to your organization’s IT Security Immune System.

Listen to the interview to learn about how to create a strong password in order to protect your company from hackers and phishing attacks. Continue reading

STOP Presenting Top 10 IT Security Risks!

The list of top ten IT security risks is a bad idea.

Why?

The reason is that you are the only business leader in your organization doing this. Do you think that the sales leader in your company expresses her plans with certainty and deterministic figures?

I don’t think so.

She has no certainty at all. The only certainty in sales is that there is no certainty. Period.

She has ranges that she communicates based on certainty. For example, selling a maintenance renewal contract on an existing customer has more certainty than a ‘net new’ customer sale so this would be presented as a percentage of revenue with higher probability.

3 great ways to present the risks are:

Continue reading

Solving IT Security Challenges Hollywood Style (with Zack Schuler)

This episode is sponsored by CIO Scoreboard.

I recently had a wonderful talk with Zack Schuler. We discussed how 95 % of all breaches are caused by human error. It seems like such an obvious problem. But what can you do about this? Zack’s company has developed a way using a team of Hollywood writers to develop compelling security education and training to not just have your IT professionals involved in IT defense, but have all your employees involved.

4 Key Learning Points:

  1. The importance of the gamification of security training in developing a security culture
  2. The importance of entertainment in storytelling
  3. How to deploy training easily and efficiently.
  4. How to measure the effectiveness of training.

Listen to more about how to help train staff on increasing security awareness and education through a unique method of gamification and storytelling.

Continue reading

The All-Time Computer Science Hero| How Alan Turing Cut WW2 by 2 Years and Saved 20 Million Lives

Read on if you are interested in the following topics:

  • Why the CISO Should Not Report to the CIO
  • Why You Should Assume you Have Been Hacked
  • 6 Kill Chain Fundamentals You Must Know
  • 7 ‘Must Ask and Prove’ Questions a CIO/CISO must ask about their Next Gen Firewall
  • How Can You Deny Command and Control Attacks
  • Cybersecurity Canon Books – Hall of fame for Cyber Security Books – Readers are leaders
  • Scaling Security with Real Cooperation between companies happening now
  • AI’s (Artificial Intelligence’s) Role in Info Sec.
  • The Beginnings of AI and Security
  • Alan Turing Should be a Hero!
  • Learn how Alan Turing cut WW2 by 2 years and saved 20 million lives

Rick and I had a fantastic and varied discussion about the above topics. He not only reports directly to the CEO (rare) but he has serious technical chops as well. He is an avid reader whose interests include various security sub topics. He has some great suggestions on books, movies, etc.

Continue reading

The 1 Question a CSO+CIO Must Ask the Business to Secure their Job Before a Data Breach Happens

Raimund Genes is the visionary CTO leader of Trend Micro. I recently talked with him about all the topics listed above. One of my favorite points from our interview was:

To prevent losing your job after a data breach there is a question that must be asked to the CEO, COO, Board, VPs, Sr. Team, etc. before the breach happens?

  • You must show them your research of what the events are that will put you out of business.
  • Examples: Data breach, web server take down, DDOS, Ransomware
  • What is our risk appetite for each incident on a scale of 1-10?

Continue reading