Information Security

This category contains 652 posts

Physical and Logical Security: Joining Forces to Manage your Enterprise Security Risk

Just a decade ago, as security professionals, we could talk reasonably about physical security and logical security requiring different approaches. Five years ago, we might have found ourselves having conversations about the blurring lines between the two types of security discipline, and could have easily pointed to aspects of both physical and logical security that … Continue reading

IoT Cybersecurity Act of 2017: A Necessary But Insufficient Approach

The Mirai botnet attack on the DYN network in October 2016 highlighted to many policymakers the potential problems associated with IoT devices. The compromise and concerted use of thousands of webcams and DVRs to disrupt key Internet services focused attention on the poor implementation of security controls on millions of devices newly connected to the … Continue reading

What Does the Future of Financial Cyber Security Look Like?

Today, we trust banks and other financial institutions to safely handle our money and the bulk of our monetary transactions. Successful breaches are somewhat rare thanks to technologies like multi-factor authentication and heavy investment in cyber security, but hackers are always improving their techniques, and tech is always changing. This leads to an ongoing cycle of improvement … Continue reading

Will Blockchain Disrupt the Lives of Governance and Assurance Professionals?

  The blockchain’s distributed ledger paradigm is serving as the supporting foundation to some forms of digital transformation, including the utilization of cryptographic virtual currencies (VCs) such as Bitcoin. These virtual currencies are actively utilized around the globe, both within and outside the circuits of formal economies of countries, with important financial implications including increased … Continue reading

Increased Cyber Awareness Must Lead to Equivalent Action

Recent and widely publicized cyber attacks must be the impetus for a renewed and more concerted and coordinated global commitment to strengthen cyber security capabilities. In May, the WannaCry ransomware attacks struck, underscoring the potentially disastrous consequences for health care facilities and their patients when medical records and medical devices are compromised. June brought yet … Continue reading

Security Headlines: Hacking ATMs, HBO and more

ATMs, HBO, democracy … what can’t be hacked? Here are the top security headlines for the week of July 31, 2017: IOActive hacked at ATM at Black Hat. I guess drinks are on them? Espionage was just a red herring. Apparently hackers in North Korea are looking for cash, not secrets. DefCon attendees shredded voting machines – … Continue reading

Five Questions With Jigsaw CEO and CSX North America Keynoter Jared Cohen

Editor’s note: Jared Cohen, CEO of Jigsaw (the successor of Google Ideas), will deliver the opening keynote address at CSX North America 2017, which will take place 2-4 October in Washington D.C. Cohen, co-author of the New York Times best-selling book “The New Digital Age,” recently visited with ISACA Now about the cyber security skills gap, advancements … Continue reading

Is the Cloud Moving Too Fast for Security?

In February 2017, a vulnerability in Slack was discovered which had the potential to expose the data of the company’s reported four million daily active users. Another breach in February on CloudFlare, a content delivery network, leaked sensitive customer data stored by millions of websites powered by the company. On March 7, the Wikileaks CIA … Continue reading

Cyborg’ Society Necessitates Governance, Compliance and Security Vigilance

Today’s security professionals face a daunting reality as the attack surface swells and cyber criminals prey upon the speed at which new devices are hurried to market. “As soon as we put out a device, there’s going to be somebody who starts tinkering with it and finding vulnerabilities,” said Kimberlee Ann Brannock, senior security advisor … Continue reading

Not Just Smart Cities – A Smart Community Ecosytem

Much consideration has been given to the creation of smart cities in the connected devices era, but Gary Hayslip thinks that security professionals should broaden their perspectives. Hayslip, CISO of Webroot and an ISACA member, spoke of a wider ecosystem that must be accounted for during a presentation this week at Black Hat USA 2017. … Continue reading

Web Stats

  • 116,973 hits


@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,132 other followers

Twitter Updates


August 2017
« Jul