@PhilipHungCao
Information Security
Physical and Logical Security: Joining Forces to Manage your Enterprise Security Risk
Just a decade ago, as security professionals, we could talk reasonably about physical security and logical security requiring different approaches. Five years ago, we might have found ourselves having conversations about the blurring lines between the two types of security discipline, and could have easily pointed to aspects of both physical and logical security that … Continue reading
IoT Cybersecurity Act of 2017: A Necessary But Insufficient Approach
The Mirai botnet attack on the DYN network in October 2016 highlighted to many policymakers the potential problems associated with IoT devices. The compromise and concerted use of thousands of webcams and DVRs to disrupt key Internet services focused attention on the poor implementation of security controls on millions of devices newly connected to the … Continue reading
What Does the Future of Financial Cyber Security Look Like?
Today, we trust banks and other financial institutions to safely handle our money and the bulk of our monetary transactions. Successful breaches are somewhat rare thanks to technologies like multi-factor authentication and heavy investment in cyber security, but hackers are always improving their techniques, and tech is always changing. This leads to an ongoing cycle of improvement … Continue reading
Will Blockchain Disrupt the Lives of Governance and Assurance Professionals?
The blockchain’s distributed ledger paradigm is serving as the supporting foundation to some forms of digital transformation, including the utilization of cryptographic virtual currencies (VCs) such as Bitcoin. These virtual currencies are actively utilized around the globe, both within and outside the circuits of formal economies of countries, with important financial implications including increased … Continue reading
Increased Cyber Awareness Must Lead to Equivalent Action
Recent and widely publicized cyber attacks must be the impetus for a renewed and more concerted and coordinated global commitment to strengthen cyber security capabilities. In May, the WannaCry ransomware attacks struck, underscoring the potentially disastrous consequences for health care facilities and their patients when medical records and medical devices are compromised. June brought yet … Continue reading
Security Headlines: Hacking ATMs, HBO and more
ATMs, HBO, democracy … what can’t be hacked? Here are the top security headlines for the week of July 31, 2017: IOActive hacked at ATM at Black Hat. I guess drinks are on them? Espionage was just a red herring. Apparently hackers in North Korea are looking for cash, not secrets. DefCon attendees shredded voting machines – … Continue reading
Five Questions With Jigsaw CEO and CSX North America Keynoter Jared Cohen
Editor’s note: Jared Cohen, CEO of Jigsaw (the successor of Google Ideas), will deliver the opening keynote address at CSX North America 2017, which will take place 2-4 October in Washington D.C. Cohen, co-author of the New York Times best-selling book “The New Digital Age,” recently visited with ISACA Now about the cyber security skills gap, advancements … Continue reading
Is the Cloud Moving Too Fast for Security?
In February 2017, a vulnerability in Slack was discovered which had the potential to expose the data of the company’s reported four million daily active users. Another breach in February on CloudFlare, a content delivery network, leaked sensitive customer data stored by millions of websites powered by the company. On March 7, the Wikileaks CIA … Continue reading
Cyborg’ Society Necessitates Governance, Compliance and Security Vigilance
Today’s security professionals face a daunting reality as the attack surface swells and cyber criminals prey upon the speed at which new devices are hurried to market. “As soon as we put out a device, there’s going to be somebody who starts tinkering with it and finding vulnerabilities,” said Kimberlee Ann Brannock, senior security advisor … Continue reading
Not Just Smart Cities – A Smart Community Ecosytem
Much consideration has been given to the creation of smart cities in the connected devices era, but Gary Hayslip thinks that security professionals should broaden their perspectives. Hayslip, CISO of Webroot and an ISACA member, spoke of a wider ecosystem that must be accounted for during a presentation this week at Black Hat USA 2017. … Continue reading
