CSO

Napolitano is making a great leap of faith that we are at that point in the Cyber Security maturation cycle and this leap is much like Evel Knievel’s jump across the Snake River.

This is the first part of my podcast interview with Edward Schwartz, CSO of NetWitness. In this installment, Mr. Schwartz comments on regulatory compliance as a driver for security spending. He shines a light on how myopic focus on complaince can be dangerous to the organization.

According to Sun Tzu, the Tao is the Way – the context that defines how actions are perceived and valued. In a business context, corporate values and culture define the Tao. The success of any strategy depends on how it is supported by the Tao.

What may 2030 look like to a CISO/CSO or the regular information security practitioner?
What will be the prevalent form of Information Security Risk Management?

Although I can’t provide definitive answers I feel confident enough to share some thoughts and predictions knowing that it is unlikely that I’ll be made accountable for them in 20 years.
Nonetheless, this may be a useful exercise to foster longer term strategic thinking about the infosecurity community, the market and the evolution of threats and risk.

Last year it was Mujahideen Secrets v2. Now Mobile Secrets takes center stage.

??? ???? ?????? ??????
????? ?? ??????? ?? ????? ???? ??????? ?????????

When we talk about safety and whether we are safer now than we were in 2001 or we when examine our security posture at any point in time, it is just that – a point in time assessment of where we ‘think’ we are.

Lest We Forget

Code of conduct applies to all kinds

What are we really selling when it comes to security? Pt. 2 of my Black Hat interview with Barmak Meftah highlights three security-spending catalysts. One must understand the goals and values of the business in order to use these catalysts successfully.