Now that the RSA Conference content has been produced and shared we must catch up on some of our timeless chronicles and experts corner articles.
But before we do that, we announce that we are back to our regular schedule with our weekly Unusual Gathering and this one was most certainly worth the wait.
Yes, of course, we missed you too! 😉
Enjoy!
|
|
Conversations At The Intersection Of IT Security And Society
Guests
Stina Ehrensvard | Joseph CarsonHosts
It’s a password-less future. Or is it?
Passwords were supposed to be dead 15-20 years ago.
But, hey, here we are still talking about them. Why?
To begin to answer this question, let’s start with why we are using passwords and what is seriously wrong with them.
If passwords do remain, what is their role going to be? Have we abused the password as a system by applying it everywhere with not enough consideration of the possible negative consequences of this practice, even when paired with a second or multi-factor strategy?
The answer may sit squarely in how we, as a society, look at trust. Trust is at the core of our human interactions and it scales according to different situations. But to start, it must be there as the base to be built upon. It is not a given, shouldn’t be taken for granted, and is a process that can be adapted for the online world and whole validation system if the model is defined in such a way that it works in conjunction with human nature, not against our natural inclinations.
New regulations may be required, additional privacy standards may need to be applied, and most certainly some cultural changes will be necessary to see these stars align. The good news is, our unusual gathering guests on today’s show all feel comfortable that the future of the Internet looks bright, safe, simpler and dynamic.
|
|
📜 A chronicle and a podcast 🎙
from Sean Martin for 'At The Edge' Column
|
|
By Sean Martin
In today’s episode, Sean Martin chats with Anand Raghavan, Co-founder & Chief Product Officer at Armorblox, and Chuck Drobny, President & CEO at GlobaLogix, about two hot topics that are a regular thorn in our InfoSec sides: phishing and business email compromise. They explore how the industry is leading us to overcome this challenge, beginning with user awareness training and IT security training, before taking a turn to the technology stack, user workflows, business automation and security management orchestration.
|
|
📜 A chronicle and a podcast 🎙
From Sean Martin and Selena Templeton for 'The Academy' Column
|
|
By Sean Martin and Selena Templeton
Sean Martin and Selena Templeton had the great pleasure of sitting down with Heather Ricciuto, Academic Outreach Leader at IBM Security, at this year’s RSA Conference. In this podcast, we talk about all things educational when it comes to attracting and retaining cybersecurity talent. Traditionally, companies like IBM have focused on recruiting from 4-year universities, but how are you going to build a pipeline when you’re recruiting from the same top schools and competing for the same talent?
|
|
📜 A chronicle and a podcast 🎙
From Sean Martin for 'The Academy' Column
|
|
By Sean Martin
Today I am joined by two long-time cyber professionals doing great things to help fill the cyber talent pool with candidates from all walks of life: Julian Waits from Devo and ICMCP, and Ed Moyle from The Prelude Institute. InfoSec isn’t the first industry faced with a shortage in the workforce, so we don’t need to reinvent the wheel. Listen in as we talk through some of the scenarios to uncover how we might learn from other industries and roles, such as that of nursing.
|
|
Inside The Mind Of A CISO
With rapidly expanding attack surfaces, motivated adversaries, and the growing shortage of full-time infosec professionals, organizations are fighting a losing battle. One thing is clear: We need a new approach.
Join Bugcrowd CSO David Baker and ESG Senior Analyst and Group Director Doug Cahill on Thursday, April 18 at 10am PT / 1 pm ET for a discussion on the key findings of the ESG Research Insights Report, Security Leadership Study - Trends in Application Security, including topics like:
Challenges with current application security testing methods
Crowdsourced security adoption and benefits
Security leadership application security priorities
DevSecOps adoption with the enterprise
Register For This Webinar
|
|
Are New Vulnerabilities A Tipping Point In 2019?
The theme of the vulnerability onslaught continues in 2019. And things are only getting more complex as we continue to write more lines of code to control all of the things we are connecting to the Internet. In this Experts Corner, Doug Mechaber gives some insight into these complexities as it relates to identifying and measuring vulnerability-driven risk.
Read More →
|
|
How NAC And CIS Controls Go Hand-In-Hand
For midsize companies, the best practices outlined in the “First 5 CIS Controls” provide a solid foundation for securing their IT environments and reducing their level of exposure to the vast majority of security threats. Ofer Amitai, CEO and co-founder of Portnox, discusses how NAC provides coverage for these controls.
Read More →
|
|
Unleash Your Analysts. Evolve Your SOC.
As the front line defense in stopping adversaries, SecOps teams are critical in securing the enterprise. Yet as the complexity of data types and volumes increase, SOC analysts are drowning in data that is overwhelming in volume, noise, and difficult to extract insights from.
It’s time for SecOps to evolve
|
|
There’s a cloud-based avatar of you that knows your habits, desires, needs and preferences with timeliness and pinpoint accuracy. It sounds futuristic, but it’s entirely achievable now thanks to the data you willingly supply companies with. But what happens, Leigh-Anne Galloway, Cyber Security Resilience Lead at Positive Technologies, asks, when any one of these multitudes of data sources is breached?
|
|
ITSPmagazine is, and will always be a free publication.
As we grow ITSPmagazine, we are offering very affordable sponsorship opportunities.
If you like what we do, share our values, and would like to associate your brand with ITSPmagazine, we invite you to consider becoming a sponsor.
|
|
|
|
Help us spread cybersecurity awareness and education.
Thanks for sharing our newsletter with family, friends, neighbors, peers, and colleagues!
|
|
|
|