Information Security

This category contains 670 posts


By David Shearer, CISSP, CEO (ISC)²  I was recently reading an article by my colleague, ISACA CEO Matt Loeb, that got me thinking. In his piece, Creating cyberculture, Matt creatively reworks the “cybersecurity is everyone’s responsibility” mantra with his seatbelt analogy. While I certainly applaud any effort to create an inclusive cybersecurity culture – and Matt has … Continue reading

Five Questions With National Security Expert and CSX North America Keynoter Matt Olsen

Editor’s note: Matt Olsen, national security expert and co-founder of IronNet Cybersecurity, will deliver the opening keynote address at CSX North America, which will take place 2-4 October in Washington, D.C., USA. Olsen, who says ‘no company should go it alone in cyber space,’ visited with ISACA Now about the role of cyber professionals in counterterrorism, evolving … Continue reading

How to Hack Neural Networks

If only neurologist Oliver Sacks, who wrote “The Man Who Mistook His Wife for a Hat,” were still alive! He would find today’s neural networks (the hot new trend from the artificial intelligence community) extremely amusing. His book describes a man whose brain damage results in the man thinking his wife’s head is a hat. Maybe there … Continue reading

No End in Sight for Impact of Equifax Breach

It is a terrible time for privacy in the United States. There are very few institutions that we entrust to hold nearly all our financial records, and one of them, Equifax, admits to losing them. The full impact of the breach will be felt over time, and right now nothing has changed in our lives besides … Continue reading

When It Comes to Crypto, What You Don’t Know Can Hurt You

Most of us have heard the phrase “What you don’t know can’t hurt you.” While this may hold true for some circumstances, in the case of an audit, the opposite is true. A large part of an auditor’s job is to discover and know about exposures and gaps that could hurt the organizations for which … Continue reading

The Farmer and the Equifax

In the wake of major disasters, companies often retrench to their board rooms and ask questions about the state of their own resilience. These questions follow one of two tracks: First is a retrospective post-mortem of their own company, or preferably an affected competitor. It starts with a question like, “How would we be affected … Continue reading


(ISC)² webcasts are a great source for insight into all areas of security. From the Internet of Things to malware and compliance, the topics vary. Here are the top 10 (ISC)² webcasts for 2017 so far as ranked by cybersecurity professionals: Part 1: Future of SIEM – Why Static Correlation Fails Insider Threat Detection Hackers … Continue reading

Creating CyberCulture

When growing up, many of us probably heard warnings from our parents to be careful in certain environments—the local woods, a busy side street, or at the beach.  Our parents cautioned us out of concern for our well-being, and it served a purpose. Their warnings were meant to raise our awareness of our surroundings, and … Continue reading

Improving Metrics in Cyber Resiliency: A Study from CSA

With the growth in cloud computing, businesses rely on the network to access information about operational assets being stored away from the local server. Decoupling information assets from other operational assets could result in poor operational resiliency if the cloud is compromised. Therefore, to keep the operational resiliency unaffected, it is essential to bolster information … Continue reading

Spending Analysis Reflects Information Security’s Rising Profile

Analyst firm Gartner projects that worldwide spending on IT security products and services will grow 7 percent, year over year, to reach a total of US $86.4 billion in 2017. Historically, organizations have had a tough time allocating security expense budgets because: The concept of security was vague and unclear There is no methodology to assess the … Continue reading

Web Stats

  • 121,322 hits


@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,358 other followers

Twitter Updates


October 2017
« Sep