“There are three essential skill sets a modern day CSO must have. The first is knowledge of the business to better align a security strategy to company objectives without being a blocker to innovation. The second is technical breadth. Third and most important is evangelism: you have to be able to clearly articulate and sell the team strategy from the top down and across the organization,” says George Gerchow, Chief Security Officer at Sumo Logic.
But people skills cannot be overlooked, he adds. When you have to justify the company’s risk positions and get the business side to sign on on implementing proper security even though it might be cheaper to pay fines instead, understanding people can come in handy.
In a new interview, Gary Golomb, co-founder at Awake Security, talks about how machine learning help develop a scalable enterprise cybersecurity plan, what technologies can make a security analyst’s job easier, he outlines the essential building blocks of a modern SOC, and much more.
We’ve been hearing a lot about machine learning and ways it can empower the infosec industry. What CISOs are wondering is how, in reality, can machine learning help develop a scalable enterprise cybersecurity plan?
There are things that AI or ML are good for in an enterprise security plan and things they are not good for. Unfortunately, I think a lot of the marketing around machine learning and AI in security has focused on how they can be a solution to the skills crisis.[…] The reality is a bit different. I often see how this does not work out in practice because of the “Left-Over Principle,” where simple tasks are the ones that get automated, leaving only the complex ones for humans.
Slowly but surely, the users are coopting for security over convenience in online usage. Barely a year ago, consumer convenience trumped over security with Internet users preferring products and services which offered them fastest solutions. A new study by IBM Security surveying 4,000 adults from a few different regions of the world found that consumers are now ranking security over convenience. For the first time ever, business users and consumers are now preferring security over convenience.
Read the interview with executive security advisor at IBM Security Limor Kessem who explains this new consumer trend on Tech Republic.
Unlike security professionals, who have stressed over digital threats for years, most average consumers didn’t recognize the importance of security until 2017.
“Grandmothers and grandfathers and moms and dads are now aware of cyber intrusions,” says David Weston, principal security group manager for the Windows Enterprise and Security team at Microsoft. “It’s amazing, but it also means we have a lot of work to do.
Read the exclusive interview in which Weston explains why he thinks that 2017 was a “return to retro” security threats and that 2018 will bring increasingly targeted, advanced, and dangerous cyberattacks on DarkReading.
Security, they say, is the weakest link but as clichéd as that sounds, this adage is in fact truer in today’s world than before. And for one expert, the day that cyber-security catches up with cyber-crimes and threats isn’t going to come.
Read why Alex Manea of BlackBerry Ltd says that cyber security will continue to be a ‘cat-and-mouse’ game on Digital News Asia.
The pace of change for the security threat landscape is accelerating. To cope with the change and ensure success against adversaries, Xerox Chief Information Security Officer (CISO) Dr. Alissa Johnson believes the security community needs to rethink the way it anticipates and responds to threats.
Read the interview with Dr. Alissa Johnson, CISO at Xerox who explains how businesses can prepare for future cyber security threats on CIO.
Enforcement of General Data Protection Regulation (GPDR) is now just few months away. The media have intensively examined and written about this topic from practically every angle since it became legislation. Businesses continue to struggle with both understanding and implementation of what they need to do to be compliant.
Read ESET’s Tony Anscombe’s interview about how businesses can become GDPR compliant on We Live Security.
OpenGov speaks to David Barton, Chief Information Security Officer at Forcepoint LLC. Mr. Barton has over 20 years of experience in security leadership roles across a variety of industries including telecommunications, healthcare, software development, finance, and government.
Read the interview with David Barton of Forcepoint LLC who explains how businesses can fight cyber threats through User behaviour Analytics and defense in depth approach on Next Gov.
Earlier this month, two members of the House of Representatives Tom Graves (R-GA) and Kyrsten Sinema (D-AZ) introduced a bill called Active Cyber Defense Certainty Act, dubbed the “hack back” bill, which would allow companies to hack the hackers who infiltrate their computer networks to retrieve or delete stolen data and find the culprits’ true identities.
Read the interview with Bob Gourley, the Founder and CTO of Crucial Point who talks about why hacking back is a dangerous option on The CipherBrief.
While the market is getting overwhelmed and proliferated with new age disruptive technologies like IoT, AI and Blockchain, the complexity of cyber-attacks has also increased, says Vimal Mani, CISO, Bank of Sharjah .
Read Vimal Mani of Bank of Sharjah lists must-have skills for new cyber security professionals on Gizmodo.