As CEO of Terranova Security, an awareness training provider, Lise Lapointe sees an evolution of education programs that used to be merely phishing simulation tests. What are the most effective forms of training?
The ultimate responsibility of every CSO and CISO is to foster culture change and awareness, because that is every organization's single greatest data security and physical security control, says Andrew Rose, CSO of Vocalink, which is a MasterCard company.
Emily Heath is two years into her tenure as CISO at United Airlines. One of her key initiatives is to grow the company's security organization in a manner that emphasizes diversity, inclusion and skills.
Many security leaders recognize the flaws in traditional awareness training, but what is anybody actually doing about it? Keenan Skelly of Circadence describes a new approach that she believes has changed the cybersecurity education paradigm.
Security awareness training is typically an Achilles heel for enterprises. But Kyle Metcalf of Inspired eLearning believes he's found the elements that create an effective training solution.
The latest edition of the ISMG Security Report features Greg Touhill, the United States' first federal CISO, discussing how "reskilling" can help fill cybersecurity job vacancies. Plus, California considers tougher breach notification requirements; curtailing the use of vulnerable mobile networks.
How can the many job openings for cybersecurity specialists be filled? "Reskilling" can play a critical role, says Greg Touhill, the nation's first federal CISO, who's now president of Cyxtera Technologies. In an interview, he offers a preview of his upcoming presentation at the RSA Conference 2019.
We've talked a lot in recent times about data breaches and data loss. But what about pure data integrity - not just whether it can be stolen, but whether it can be secretly altered?
This is a topic close to the heart of Diana Kelley, a cybersecurity field CTO for Microsoft. She has addressed the topic at recent ISMG...
Improved integration, automation and orchestration are needed to better detect and respond to evolving cyberthreats, says John Maynard, vice president and global security specialist at Cisco Systems.
In a case of business email compromise, Chinese hackers stole $18.6 million from the Indian arm of Tecnimont SpA, an Italian engineering company, through an elaborate cyber fraud scheme that included impersonating the firm's chief executive.
GDPR. NIST CSF. NY DFS. These acronym laws and standards can be maddening to navigate clearly for legal and compliance teams. Particularly when the threat landscape is ever evolving, and the threat actors - from outside and within - are unrelenting. This is why we have designed these sessions as an opportunity for...
This month we spotlight the critical cybersecurity challenges facing healthcare sector organization. Explore why a focus on compliance-driven security risk programs can put entities at a great disadvantage in dealing with these challenges - and what's needed to implement a more war-minded approach to battle the...
What not to do after a breach? Share your incident response plan with your attorney and say, "Don't pay too much attention to it; we don't follow it." Randy Sabett of Cooley LLP discusses this and other lessons learned from breach investigations.
It's no secret that the healthcare industry is increasingly under attack by cybercriminals. And risky end-user behaviors are only exacerbating the threat. Yet, user awareness training is always a challenge for organizations. How do you effectively train users to stop clicking on links or opening attachments? This...
The government of India is taking several steps to help boost local security companies. But it needs to do far more. Such action would help reduce vulnerabilities to attacks while creating jobs.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.in, you agree to our use of cookies.