Chief Information Security Officer (CISO) Colin Anderson Discusses People Being Paramount During COVID-19

CISO Colin Anderson of Levi Strauss speaks with David Cass, VP of Cyber & IT Risk at the Federal Reserve Bank of New York (*any opinions he expresses are his own opinions and don’t represent the Federal Reserve Bank of New York or the Federal Reserve System). Colin discusses how Levi Strauss is putting people…

The post Chief Information Security Officer (CISO) Colin Anderson Discusses People Being Paramount During COVID-19 appeared first on SecurityCurrent.

Continue reading Chief Information Security Officer (CISO) Colin Anderson Discusses People Being Paramount During COVID-19

Data Privacy in the Era of COVID-19

One of the most important things for employers, schools, universities, hospitals, and public places to do during the time of a pandemic is to determine (to some degree of certainty) which individuals are infected, which are contagious, and which are symptomatic. The concept of “social distancing” is enhanced if we can know who is contagious…

The post Data Privacy in the Era of COVID-19 appeared first on SecurityCurrent.

Continue reading Data Privacy in the Era of COVID-19

Update on Iowa

Yesterday, I wrote about two employees of CoalFire who were arrested for performing a physical pen test of various courthouses in Iowa. The article focused on the need to have a well-defined Statement of Work and contract. Well, guess what. The State of Iowa Judicial Branch released exactly these documents. And guess what? Page 12 of the…

The post Update on Iowa appeared first on SecurityCurrent.

Continue reading Update on Iowa

Part 4: Third Party Risk Management (TPRM) – A Series in Program Development

Part 4: – “Full Engagement” – Bringing Value to Partnerships This is the third of a four part series. To read part one of this report click here. This series has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the objective problem your…

The post Part 4: Third Party Risk Management (TPRM) – A Series in Program Development appeared first on SecurityCurrent.

Continue reading Part 4: Third Party Risk Management (TPRM) – A Series in Program Development

Part 3: Third Party Risk Management (TPRM) – A Series in Program Development

Part 3: – “Strengthening Your Strategy” – How Do You Make the Most of Continuous Monitoring? This is the third of a four part series. To read part one of this report click here. This series has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one…

The post Part 3: Third Party Risk Management (TPRM) – A Series in Program Development appeared first on SecurityCurrent.

Continue reading Part 3: Third Party Risk Management (TPRM) – A Series in Program Development

Part 2: Third Party Risk Management (TPRM) – A Series in Program Development

Part 2: – “Knowing Your Ground” – What Conditions Create Third Party Risk? This is the second of a four part series. To read part one of this report click here. This series has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the…

The post Part 2: Third Party Risk Management (TPRM) – A Series in Program Development appeared first on SecurityCurrent.

Continue reading Part 2: Third Party Risk Management (TPRM) – A Series in Program Development

Third Party Risk Management (TPRM) – A Series in Program Development

Part 1: – “Doing It Right” – What Problem Are You Trying to Solve? This is the first of a four part series. This series has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the objective problem your organization is trying to…

The post Third Party Risk Management (TPRM) – A Series in Program Development appeared first on SecurityCurrent.

Continue reading Third Party Risk Management (TPRM) – A Series in Program Development

OD in cybersecurity

CISO, Delta Dental Plans Association Cybersecurity is so much about users and the vigilance of people in the organization. Understanding the underlying psychology of the organization, its culture and mindset, gives me an amazing insight that is priceless in developing cybersecurity strategies. The most useful concepts that help me at my job as CISO of…

The post OD in cybersecurity appeared first on SecurityCurrent.

Continue reading OD in cybersecurity