Cybersecurity is a Proactive Journey, Not a Destination


Cybersecurity continues to grab spotlight and mindshare as it pertains to computing and social trends. The topic itself is broad and expansive, and the true impact of this segment of computing will be around for generations to come. For strong perspective on where the industry stands in its current state, ISACA’s State of Cybersecurity 2018 research is [...]

The AI Calculus – Where Do Ethics Factor In?


While artificial intelligence and machine learning deployment are on the rise – and generating plenty of buzz along the way – organizations face difficult decisions about how, where and when to introduce AI. In a session Tuesday at the 2018 GRC Conference in Nashville, Tennessee, USA, co-presenters Kirsten Lloyd and Josh Elliot laid out many of the [...]

CVE and Cloud Services, Part 1: The Exclusion of Cloud Service Vulnerabilities


The vulnerability management process has traditionally been supported by a finely balanced ecosystem, which includes such stakeholders as security researchers, enterprises, and vendors. At the crux of this ecosystem is the Common Vulnerabilities and Exposures (CVE) identification system. In order to be assigned an ID, vulnerabilities have to fulfill certain criteria. In recent times, these [...]

A Prominent Place at the Table for Rural Technological Advancements


When the general public thinks about today’s exciting technological breakthroughs, the imagery that springs to mind is unlikely to be a crowded pigpen in China or yam fields in the farmland of Nigeria. Yet, rural areas are the frontlines for some of the most important gains technology is enabling in modern society. The growing imprint [...]

Five Keys for Adaptive IT Compliance


The fluid technology and regulatory landscape calls on IT compliance professionals to be more flexible and proactive than in the past to remain effective, according to Ralph Villanueva’s session on “How to Design and Implement an Adaptive IT Compliance Function,” Monday at the 2018 GRC Conference in Nashville, Tennessee, USA. The IT compliance function serves as an [...]

An Overlooked Upside to Cybersecurity Roles – They’re Fun!


Recent surveys and studies have emerged that show interest in cybersecurity as a potential career field at uncomfortable lows. In fact, a recent ProtectWise report showed that only 9 percent of millennials indicate cybersecurity is a career they are interested in pursuing at some point in their lives. This disturbing finding has far-reaching potential consequences in a [...]

Lessons from the Reddit Breach


An attacker gained access in June to Reddit users’ data, including usernames, passwords, email addresses and private messages from 2005-2007. The attacker also gained access to more recent data, including current usernames and emails. This data allows hackers to try to break into sites where users might still be using the same passwords. Although the compromised passwords [...]