Identity Management: The Times They Are A-Changing
In a very interesting article on New Tools for Modern Identity, Mark Diodati addresses new challenges with user authentication. He argues that adaptive authentication, and mobile biometric authentication are here to stay. I agree and encourage folks to… Continue reading
Where Should the CISO Report in the Organization?
Where the CISO should report is probably one of those questions we security professionals will be asking until the end of eternity. We’ll finesse the subject of titles for the security leader, which also vary, and just get started.
The… Continue reading
A Two Factor Authentication Makeover for your Protection
Mitigate Common Attack Paths at the Core
Last week I wrote that encryption probably wouldn’t have prevented the Anthem breach. The details of that attack haven’t been released, but I found some CSO Online’s analysis that pieces together how it may have… Continue reading
Security Governance 101 Webinar Recording Posted
Security Governance 101: Choosing Models and Structures
Even on technical consulting engagements, Security Architects Partners often finds that a security governance issue is at the root of the problem we were brought in to solve. Therefore, we’ve developed… Continue reading
Encryption Probably Wouldn’t Have Prevented the Anthem Breach
The Security Dog has Caught the Car: Now What?
In the tug of war between business units and security, Gunnar Petersen writes: “The security VPs win, quite a lot actually. There is something about a subject that is written about in the Wall St Journal every single… Continue reading
Pressures and Pitfalls for Early Disclosure in the Wake of the Anthem Breach
As the investigation continues into yesterday’s announcement of the #AnthemHack, Security Architects Partners will be monitoring to see what it portends for early breach notification. By disclosing early, Anthem broke the typical mold of companies waiting to complete a full… Continue reading
Three Laws of the IoT
The Internet of Things (IoT) can be a mighty scary place. Whether you’re worried about privacy violations when Google Analytics meets your electric meter, malware shutting off the pacemaker or other scenarios for death through devices, there’s lots to be… Continue reading