Tuesday, May 31, 2016

Why CISO is the hardest tech role to fill | CIO

Why CISO is the hardest tech role to fill | CIO: "As a result, most companies haven't quite figured out how to fairly pay CISOs, whose salaries can range from $500,000 to $2 million."

Why you need a CSO/CISO | CIO

Why you need a CSO/CISO | CIO: "The Cyber Security Job Trends survey from free online security MOOC provider Cybrary, which polled 435 senior-level technology professionals from October to December 2015, found that only about half or 49 percent of respondents say their companies employ a CSO/CISO who's solely responsible for security."

MP Slaps NSA Charges on Two for Facebook Post on Goddess Kali - News18

MP Slaps NSA Charges on Two for Facebook Post on Goddess Kali - News18

http://www.news18.com/news/india/madhya-pradesh-slaps-nsa-charges-on-two-for-facebook-post-on-goddess-kali-1250084.html

Sunday, May 29, 2016

Senate Bill Would Require Disclosure Concerning Corporate Boards’ Cybersecurity Expertise

Senate Bill Would Require Disclosure Concerning Corporate Boards’ Cybersecurity Expertise - The D&O Diary: "However, even if the bill does not become law, “its introduction may still raise shareholder awareness about the need for Board members to better understand and address cybersecurity threats.” In that respect, if the proposed bill is meant to serve as a consciousness-raising exercise, then the attention is may receive is worthy and should be supported."



'via Blog this'

Artist Jeremy Dean's 'Everything That Rises' made from 16 salvaged... News Photo | Getty Images

Artist Jeremy Dean's 'Everything That Rises' made from 16 salvaged... News Photo | Getty Images: Artist Jeremy Dean's 'Everything That Rises' made from 16 salvaged folding chairs greet visitors at the entrance at the new 'Constructed Histories' exhibition at the David B. Smith Gallery at 1543 Wazee Street in LoDo Denver

Watch Tech Savvy Kids Baffled by a Typewriter, Record, Tape Recorder, and Rotary Phone [VIDEO] | Logan Kelly | Sunny 98.5

Funny...

http://sunny985.iheart.com/onair/logan-kelly-1771/watch-tech-savvy-kids-baffled-by-14758452/

Facebook Wants to Help Sell Every Ad on the Web - WSJ

Facebook Wants to Help Sell Every Ad on the Web - WSJ

http://www.wsj.com/articles/facebook-wants-to-help-sell-every-ad-on-the-web-1464321603

Thursday, May 26, 2016

The Life, Death, and Revival of Implied Confidentiality

The Life, Death, and Revival of Implied Confidentiality: "implied confidentiality could be one of the missing pieces that help users, courts, and lawmakers meaningfully address the vexing privacy problems inherent in the use of the social web"

OkCupid’s data leak shows there’s no such thing as public data.

OkCupid’s data leak shows there’s no such thing as public data.: Thinking of public data in this way means we must ask tough questions about context, confidants, data sensitivity, shared expectations, and the structural and legal safeguards that form our perceptions of trust and risk. All of that gets washed away with justifications like “Data is already public.”

OkCupid’s data leak shows there’s no such thing as public data.

OkCupid’s data leak shows there’s no such thing as public data.: Would you consider the data on your profile public—fair game for anyone to download and share with the rest of the world?

Top 10 Encryption Myths - Get the Free Whitepaper!

Top 10 Encryption Myths - Get the Free Whitepaper!: times have changed and with advances such as AES-NI (think of it as hardware acceleration for encryption) you need no longer worry about Encryption performance tax.

The board of advisers role in startups

BOARD OF ADVISERS: GREAT TOOL FOR EMERGING COMPANIES - StartupNation: Savvy entrepreneurs know that a board of advisers can provide their company with the “four C’s” that they so desperately need — credibility, contacts, counseling and cash – but they are not of equal importance.

Sunday, May 22, 2016

Going Back to Basics to Prevent Ransomware Attacks - Tanium Blog

Going Back to Basics to Prevent Ransomware Attacks - Tanium Blog: Executives should ensure appropriate budgets and resources are allocated to cybersecurity awareness training for all employees. Also, they should consider doing a baseline audit of their employees’ activities and resulting risk. An audit isn’t just about understanding risk to your IT assets; it’s also about understanding your workforce, the products they use, and their daily routines to identify where risky behavior might live.

Endpoint Security | Tanium Endpoint Platform

Endpoint Security | Tanium Endpoint Platform: Tanium is the only platform that bridges all of these gaps and creates a continuous closed-loop endpoint security process.

Thursday, May 19, 2016

Top 3 Tips to Writing an Information Security Job Description

Top 3 Tips to Writing an Information Security Job Description:

"Problem #1 is that there are few security candidates who have the requisite skills or desire to perform Chief Information Security Officer (CISO), Security Architect, Security Analyst or Security Engineer roles at the same time.

Problem #2 is that if they can perform all those roles, they are going to charge you a heck of a lot of money to do it. I bet more than your most likely improperly budgeted for role can pay.

Problem #3 if they take the position for the wrong amount of money, they probably do not know what they are doing. By the way, there are a lot of these folks out there."

-- Mike Gentile

How Ransomware has Evolved to Avoid Detection | Fireglass

How Ransomware has Evolved to Avoid Detection | Fireglass:

"This is how it works: the victim inadvertently runs the malware, such as by visiting a malicious website, opening a malicious email attachment or installing an infected application. The ransomware then, encrypts files on the infected computer using a random, one-off encryption key which is sent to the perpetrator."

Wednesday, May 18, 2016

130 days, 1,500 notifications: Does Dutch breach rule foreshadow GDPR? | Resources | Morrison Foerster

130 days, 1,500 notifications: Does Dutch breach rule foreshadow GDPR? | Resources | Morrison Foerster: European DPAs should be prepared and equipped with sufficient capacity and resources to follow up, investigate, and enforce large numbers of breach notifications because, if they aren’t ready, they risk undermining the legitimacy of the breach notification rules altogether.

Monday, May 16, 2016

2016 Southern California CISO Executive Summit, June 28, 2016

2016 Southern California CISO Executive Summit, June 28, 2016: It’s imperative for our region’s security leaders to come together at the Southern California CISO Executive Summit. Collaboration is the key to improving our leadership, making our companies more secure and strengthening our economy.

The Eighth Annual Information Security Summit

The Eighth Annual Information Security Summit: Join Your Peers at the ISSA-LA CISO Forum - Cylance CEO speaking

Location for 2016 CISO Forum

Location for 2016 CISO Forum: The 2016 SecurityWeek CISO Forum will take place at the beautiful Ritz-Carlton, Half Moon Bay just south of San Francisco. This invitation only, high level event will bring together security leaders to discuss, share and learn information security strategies.

Car Hack Technique Uses Dealerships to Spread Malware | WIRED

Car Hack Technique Uses Dealerships to Spread Malware | WIRED:



"the security research community has proven like never before that cars are vulnerable to hackers—via cellular Internet connections, intercepted smartphone signals, and even insurance dongles plugged into dashboards"

ISIL-Linked Hacker Arrested in Malaysia on U.S. Charges | USAO-EDVA | Department of Justice

ISIL-Linked Hacker Arrested in Malaysia on U.S. Charges | USAO-EDVA | Department of Justice:



"Ardit Ferizi, a citizen of Kosovo, has been detained by Malaysian authorities on a U.S. provisional arrest warrant alleging that he provided material support to the Islamic State of Iraq and the Levant (ISIL), a designated foreign terrorist organization, and committed computer hacking and identity theft violations in conjunction with the theft and release of personally identifiable information (PII) of U.S. service members and federal employees."

The shortage of cybersecurity workers: a boom for women and career changers?

"Currently, there are more than 200 000 unfilled cybersecurity jobs in the U.S., according to an analysis of U.S. Bureau of Labor Statistics Data.Cybersecurity job listings have increased 74% since 2011."

http://memeburn.com/2016/05/shortage-cybersecurity-workers-boom-women-career-changers/

Footnotes in Word 2013 - Word

Footnotes in Word 2013 - Word: These videos show you how to work with footnotes in Word 2013. You'll learn how to insert footnotes, change their location, and change their formatting.

Thursday, May 12, 2016

DDoS costs, damages on the rise | CSO Online

DDoS costs, damages on the rise | CSO Online: Peak-time distributed denial-of-service attacks cost organizations more than $100,000 per hour, said half of the respondents to a new survey of mid-sized and large corporations in the U.S. and Europe.

Malicious Website Suspected | LinkedIn

Malicious Website Suspected | LinkedIn: Sorry, there was a problem with the following link: www.sandiego.acp-international.com

This link has been reported as participating in malicious behavior or abuse.

For your safety, we've blocked access to this link from LinkedIn.

Tuesday, May 10, 2016

New Affordable Housing Coming to San Diego

New Affordable Housing Coming to San Diego: Located at 1435 Imperial Ave., the efficient homes will range from 275 to 350 square feet, and residents will share access to a large, 4,000-square-foot common area. Community amenities include a community kitchen, tech tables, lounge areas, and outdoor open space.

Google shakes up antivirus industry - CSMonitor.com

Google shakes up antivirus industry - CSMonitor.com: "Still, he said, many companies may have had good reason not to share results of their own virus scans (often called "convictions") with the competition. "They would steal all of our convictions without giving us credit,” he said."

What is public cloud? - Definition from WhatIs.com

What is public cloud? - Definition from WhatIs.com: "A public cloud is one based on the standard cloud computing model, in which a service provider makes resources, such as applications and storage, available to the general public over the Internet."



Also, hybrid...for databases...

http://www.bitpipe.com/fulfillment/1457731898_864

Why Veterans Are Good Fit For Tech Jobs | Zip Code Wilmington Code School

Why Veterans Are Good Fit For Tech Jobs | Zip Code Wilmington Code School

http://www.zipcodewilmington.com/blog/why-veterans-are-good-fit-for-tech-jobs/?utm_content=buffer0a8ee&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer

Modern Humans, Meet Your Denisovan Ancestors - GotScience.org

Modern Humans, Meet Your Denisovan Ancestors - GotScience.org

http://www.gotscience.org/2016/05/modern-humans-denisovan-ancestors/

Monday, May 9, 2016

Project MUSE - From Rumor to Written Record: Credit Reporting and the Invention of Financial Identity in Nineteenth-Century America

Project MUSE - From Rumor to Written Record: Credit Reporting and the Invention of Financial Identity in Nineteenth-Century America: A thousand folios include a page or two or more about you and your affairs, without your knowledge or your consent. Go where you may to purchase goods, a character has preceded you, either for your benefit or your destruction.
—Hunt's Merchant's Magazine and Commercial Review (New York), 1853

FHOOSH | Stephen Cobb

FHOOSH | Stephen Cobb: The positive potential of digital technology drives my interest in protecting the technology from abuse.

Risk Value 2016 - NTT Com Security

Risk Value 2016 - NTT Com Security: Risk:Value 2016 highlights the true cost of a security breach, the biggest threats to organizations, and the measures that organizations are taking to protect themselves.

Air Force Reserve playing catch up on cyber training - FederalNewsRadio.com

Air Force Reserve playing catch up on cyber training - FederalNewsRadio.com

http://federalnewsradio.com/defense/2016/05/air-force-reserve-playing-catch-cyber-training/

Privacy Counsel High Demand, Low Supply Raises Costs | Bloomberg BNA

Privacy Counsel High Demand, Low Supply Raises Costs

Is there a GDPR effect yet, or will GDPR make this an even tougher problem?

http://www.bna.com/privacy-counsel-high-n57982070848/

Friday, May 6, 2016

Content Browser Detail | ESET

Content Browser Detail | ESET: Cameron Camp, Security Researcher, ESET

Bribery helped criminals whitelist malware in Chinese antivirus product

Bribery helped criminals whitelist malware in Chinese antivirus product: Chinese IT security company Qihoo was unaware that a virus had slipped through the net after criminals bribed staff to get malware whitelisted.

How to Stop Stegoloader and Other Types of Digital Steganography Malware - CSO | The Resource for Data Security Executives

How to Stop Stegoloader and Other Types of Digital Steganography Malware - CSO | The Resource for Data Security Executives: "researchers from Dell SecureWorks who recently analyzed Stegoloader say that it’s more similar to “mass market” commodity malware than it is to threats used in targeted attacks. Yet with that being said, they also add there are probably several undiscovered Stegoloader modules, and that the malware’s potent information-stealing capabilities (described below) would certainly fit a campaign against a targeted victim."

Stegoloader Malware Uses Steganography to Hide Itself

Stegoloader Malware Uses Steganography to Hide Itselfs: Once having compromised a user’s machine, the deployment module grabs a PNG file that contains the malware from a legitimate hosting site.

Malware Turns to DNS and Steganography to Hide C&C Communications

Malware Turns to DNS and Steganography to Hide C&C Communications: Dr. Chris Dietrich from Crowdstrike and Pierre-Marc Bureau from Dell SecureWorks have identified a trend in malware campaigns where operators resort to the DNS protocol and steganography to manage botnet communications.

Sophisticated Bribe Scheme Helped Crooks Whitelist Malware on Chinese Antivirus

Sophisticated Bribe Scheme Helped Crooks Whitelist Malware on Chinese Antivirus: A scheme that involved bribes, mobile apps, steganography, and a distraught antivirus maker allowed crooks to steal login credentials from Chinese merchants.

A bomb just dropped in endpoint security… and I’m not sure anyone noticed – Alex Eckelberry

A bomb just dropped in endpoint security… and I’m not sure anyone noticed – Alex Eckelberry: "only people deep in the endpoint security ecosystem understand the ramifications of this announcement."



'via Blog this'

The McLaren F1 supercar can only be serviced with this ancient Compaq laptop | ExtremeTech

The McLaren F1 supercar can only be serviced with this ancient Compaq
laptop | ExtremeTech

Obsolescence...
http://www.extremetech.com/extreme/227828-the-mclaren-f1-supercar-can-only-be-serviced-with-this-ancient-compaq-laptop

SAP announces new partnership with Apple to expand iOS in the enterprise | TechCrunch

Due diligence anyone?

SAP announces new partnership with Apple to expand iOS in the
enterprise | TechCrunch

http://techcrunch.com/2016/05/05/sap-announces-new-partnership-with-apple-to-expand-ios-in-the-enterprise/

Wednesday, May 4, 2016

The Elofant in the Network

Network security is too often undermined by the Elofant problem: Employees Left Or Fired, Access Not Terminated. 

FisherBroyles – DOJ Asks for $1.1 Billion Increase for Enforcement Components in FY 2017 Budget

FisherBroyles – DOJ Asks for $1.1 Billion Increase for Enforcement Components in FY 2017 Budget: “The FY 2017 budget reflects the attorney general’s highest priorities: safeguarding our national security, identifying and pursuing cyber threat actors, strengthening relationships with the communities we serve, protecting the most vulnerable among us and ensuring that we hold lawbreakers accountable regardless of whether they commit their crimes on the street corner or in the boardroom,” the DOJ said in a statement according to Law360.

Tuesday, May 3, 2016

Google Scholar Citations

Google Scholar Citations: "Cybersecurity is a broad and growing job field, encompassing many different job
categories with different cognitive demands."



'via Blog this'