Cybersecurity takes center stage in US Presidential Debate

In the first US Presidential debate, held on the evening of September 27, 2016, one of three topics on the agenda for the candidates was “Securing America.” Debate moderator Lester Holt lead off this portion of the program with the following: “We want to start with a 21st century war happening every day in this…

The Gap of Grief

How bad is it? When a security incident occurs, how confident are you that you can explain the impact to the rest of the organization in language that they understand? Despite all the money we have invested in security, it’s still too difficult to put security details in business context fast enough. When you can’t,…

Conversations with the SBIC: How Industry Priorities Inform Security Agendas (Pt. 2)

In my previous post, I shared a few of the key priorities the security leaders that comprise the Security for Business Innovation Council (SBIC) share in common. But council members’ industries span everything from manufacturing and financial services to defense and retail. And while all security issues are on their radar, it’s only natural that…

Conversations with the SBIC: What’s Top-of-Mind for Top Security Leaders? (Pt. 1)

We recently had the opportunity to discuss what’s top-of-mind for the Security for Business Innovation Council (SBIC), a group of security leaders from Global 1000 enterprises including Boeing, General Electric, Walmart, SAP and ADP. If there’s one thing SBIC members agree on it’s this: security strategies that focus solely on prevention just doesn’t work in…

Tokenization and E-commerce: The Silver Bullet We’ve Been Looking For?

As we work with customers to help advance their anti-fraud efforts in their online channels, we’ve increasingly been asked about the impact of tokenization – will it simplify security efforts, or even make some of our existing technologies obsolete as a result of the protection it provides? To answer these questions, we need to first…

Breach Readiness – What Distinguishes Leading Organizations

In a recent blog, I highlighted some results from enlightening research RSA conducted into the state of Breach Readiness. What makes some organizations better prepared to detect and respond to cyber attacks before they turn into breaches, and how do they manage the fallout in the event that they do? The findings were clear: the…

Shaky Foundations for Breach Readiness

RSA recently compiled original research from the Security for Business Innovation Council (SBIC), a group of security leaders drawn from the Global 1000, on the topic of breach readiness. They provided insight into the technologies and processes that they have developed and use to prepare their organizations to deal with the ongoing challenge of cyber…

Taking the Pulse of Identity in Retail

In a recent webcast on Identity management for the retail sector, we asked attendees five poll questions to better understand their level of concern and the state of their capabilities for managing and governing user identities and access. It comes as no surprise that security continues to be top of mind for retailers. Ninety percent…

The Sony Pictures Incident: Don’t Wait to Act

While breach disclosures have been coming at a far too rapid pace the past several months, reports Monday from an alleged compromise at Sony Pictures paint a troubling picture of the escalating nature of many compromise events. According to sources, attackers claim to have compromised the network of Sony Pictures, and threatened to disclose proprietary…

Shellshock: Lessons Learned While Patching at Breakneck Speed

By now, most anyone with even a passing interest in cyber security has heard of the Shellshock Bash vulnerability that was disclosed last week. Hopefully, readers of this blog have addressed the vulnerability, either through patching or other compensating controls or strategies. Stepping back a bit from the nuts and bolts of remediation, here are…