El Diario del CISO El Diario del CISO (The CISO Journal) Edición 19 | Page 4

Influencers
Rob Black
Cybersecurity business leader
Typeform Data Breach: 100,000 Records and Counting
The list of customers affected by the Typeform data breach has
grown in the past week. So has the number of personal records
exposed. This article aims to collect all of this data in one location..
The complete article is here
Seth Jaffe, CBCP, JD
official rocket scientist in residence
Cyber security roi: it may happen sooner than you think
You’ve heard it before. Companies are slow to invest in cyber
security because they see few returns.[1] But that is likely to
change, and it may occur sooner than we expected.
Let’s first set the context. An executive recently made the comment
to me that “cyber security is just another cost of doing business in
the modern environment.” And to many institutions, that’s exactly
how they see it. A decade or so ago, they did not have to worry
about cyber theft, ransomware, or nation state attacks. But now,
boards of directors list cyber security as the risk most likely to keep
them awake at night. Moreover, even taking the cost out of it,
companies are finding it difficult to secure experienced information
security personnel..
The complete article is here
Tony Martin-Vegue
I solve really hard infosec problems w/ risk science, math,
economics and luck.
How to Lie with Statistics, Information Security Edition
Have you ever finished reading a vendor whitepaper or a research
institution’s annual security report and felt your Spidey sense begin
to tingle with doubt or disbelief after reading some of the
conclusions or research methodology? What you are probably
sensing is a manipulation of statistics, an age-old hoodwink that has
been occurring as long as numbers have been used to convey
information. .
The complete article is here
Isiah Jones & Brian Foster
Controls Engineer and OT/ICS Security Engineer
Security practices for iec 61131-3 plc programming languages
part 2: ladder logic
If you are still trying to Identify all the risks you are exposed to
within the context of your business or spend endless hours
converting historic data into useless risk reports in an effort to
mitigate as much risk as possible for a green light on the road to
taking less risk (for less reward); spending a fortune on controls and
the digging of trenches for your lines of “defense”…. Fear no more!.
The complete article is here