Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

Podcasts

 

PODCAST: Will 2018 be the year of the CISO?

By Byron V. Acohido

Could we be entering the Golden Age of CISOs, chief information security officers? Perhaps.

CISOs at some big financial services firms have begun elbowing their way into the C-suite’s upper most tier, reporting to the board of directors and/or the CEO and/or the audit committee, John Dixon, principal at Denim Group, told me in a lively discussion we had at Black Hat 2017 in Las Vegas.

Related article: Implications of the Deloitte breach

Dixon spends much of his time advising clients how to build software applications that are as secure as they ought to be. To do this well, he must immerse himself in the rising trends and myriad nuances continually shaping and reshaping the cybersecurity landscape.

…more

MY TAKE: The death of BYOD; how mobile security has impacted enterprise security

By Byron V. Acohido

Just five years ago, BYOD – Bring Your Own Device – was a rising security concern attracting an inordinate amount of attention.

Fast forward to today and BYOD has faded as a buzzword. However, employees’ use of mobile devices and web apps remains as big a security concern as ever.

Related article: Converting logs into actionable intel

Acohido and Smith

Companies and government agencies are addressing this exposure by taking advantage of technical innovations and by embracing practices that might surprise you.

I had the chance to visit with Gregg Smith, CEO of Silent Circle, at Black Hat 2017 in Las Vegas. Co-founded by a former Navy SEAL and a couple of …more

PODCAST: How ‘Identity Access Management’ – IAM – authenticates network connections

By Byron V. Acohido

From the start of this 21st century companies continually scrambled to embrace ever more complex digital systems. Business networks connect an astounding variety of devices than to a vast array of tools and services residing on company premises and in the Internet cloud.

An amazing cascade of logons and digital handshakes routinely takes place to enable convenient digital commerce as we’ve come to know it. The problem is, from a privacy and security standpoint, not nearly enough attention has been paid to assuring the authenticity of each and every connection.

That’s where their identity and access management, so-called IAM, systems come into play. I recently spoke with Jeff Bohren, senior solutions architect at Optimal IdM, a prominent vendor in the IAM space. …more

PODCAST: Cyber forensic technology helps law enforcement keep terrorists in check

By Byron V. Acohido

For every horrific act of terrorism that gets carried out there are very likely dozens of plots that get thwarted by authorities using leading-edge cyber forensics tools to track malicious threat actors as that they communicate and transact across the Internet.

Nuix is a Sydney, Australia-based company that supplies a well-established  e-Discovery and digital investigations platform used by investigators battling terrorists, nation-state spies, hacktivists and garden variety thieves and scammers on a daily basis.

Related article: How kidnappers use social media to ensnare executives and hold them for ransom

Law enforcement agencies, in particular, are using Nuix’s technology to stay on top of extremists’ activities, anticipate attacks and defuse terrorist attacks in the making. Nuix systems are also being used to …more

PODCAST: The case for ‘pen’ testing as an essential security layer

By Byron V. Acohido

The Equifax debacle has a lot to teach us about how – and how not to – handle a data breach. The massive breach resulted in hackers accessing the social security numbers, birth dates, home addresses and driving license numbers for up to 143 million Americans and the credit card numbers for about 209,000 Americans.

While the breach occurred between mid-May and July, according to Equifax, the company says  it didn’t discover the hack until July 29. It then took a further six weeks to report the breach. But Equifax isn’t alone in this; a study by data erasure business Blancco found that 5 percent of the IT professionals surveyed only detected a threat when notified by external parties.

While the US …more

PODCAST: How Cyxtera came to bring a security-first approach to colocation datacenters

By Byron V. Acohido

Cyxtera is a colocation datacenter business with a fascinating pedigree and a new, security-first,  approach to datacenter services. I spent some time with Randy Rowland, Chief Product Officer at Black Hat 2017 in Las Vegas to hear more about the trajectory of the business to date. Colocation data centers are facilities where businesses can rent space for servers and other computing hardware.

Rowland himself was an early pioneer of cloud services. In 2007, he was running product development at technology hosting business, Data Return. Data Return had built a cloud computing fabric into its Dallas datacenter which allowed customers to log on over a portal and deploy computing systems online.

Cuban immigrant to cloud pioneer

This drew the attention of …more

PODCAST: Does the iPhone’s facial recognition technology go too far ?

By Byron V. Acohido

The release of the new iPhone X (don’t call it ‘X,’ say ‘ten’or iPhone X), with its facial identification activation feature, has sparked interest in the latest developments in biometric security.

I spoke with Corey Nachreiner, chief technology officer of WatchGuard Technology, about the advantages – and risks – involved in using biometric identifiers with digital devices.

The next steps in authentication

Apple is “really going whole hog” into facial recognition for unlocking a phone, in part because they don’t want buttons, Nachreiner told me. The tech giant removed the home button/fingerprint sensor, meaning users must use facial identification to unlock a phone if they’re not using pass codes.

While aesthetic design was probably a major factor, “there is an argument that facial recognition …more