El Diario del CISO El Diario del CISO (The CISO Journal) Edición 20 | Page 4
Influencers
Adrian Sanabria
Co-founder of Savage Security.
When to purchase a ‘solution’ to your cybersecurity problem
One thing that’s bothered me about the security industry is our
propensity to immediately seek commercial solutions to our
problems. Often, these commercial solutions are designed to
become part of our daily security routines: they have dashboards,
alerts, and other features. They have configurations or rulesets that
need to be managed or tuned. Too often, a commercial ‘solution’
evolves to the point that it creates its own problems that need to be
solved...
My original title was “Data Security vs Data Protection[…]”, but an
unfortunate number of people see these as pretty much the same
thing, even interchangeable. Then I chose Cybersecurity instead of
Data Security but that doesn’t cover all forms/formats of personal
data, so I finally had to settle on Information Security. As for Data
Protection, it’s not, in and of itself Privacy, and so on. But you see
the problem already? If we can’t even agree on common
terminology, how are we expected to ask the right people the right
questions in order to solve our problems?
The complete article is here
Mikko Hypponen, Linus Nyman
The Internet of (Vulnerable) Things: On Hypponen's Law,
Security Engineering, and IoT Legislation
The complete article is here
Kareem Aly
Investor at Thomvest Ventures
Should you sell your cybersecurity startup?
As an entrepreneur, you need a lot of things to go right. You need a
novel idea, an effective go-to-market strategy, a robust team,
funding — the list goes on. The rationale behind becoming an
entrepreneur, pursuing a path where you are statistically more
likely to fail, varies from individual to individual...
The complete article is here
David Froud
Director at Core Concept Security.
Information Security vs Privacy, are the Lines Blurring?
The Internet of Things (IoT) and the resulting network-
connectedness of everyday objects and appliances in our lives bring
not only new features and possibilities, but also significant security
concerns. These security concerns have resulted in vulnerabilities
ranging from those limited in effect to a single device to
vulnerabilities that have enabled IoT-based botnets to take over
hundreds of thousands of devices to be used for illegal purposes.
This article discusses the vulnerable nature of the IoT – as
symbolized by Hypponen’s law – and the parts both manufacturers
and consumers play in these vulnerabilities. This article makes the
case for the importance of security engineering for IoT
manufacturers, highlights some significant issues to help consumers
address these vulnerabilities, and argues for legislation as perhaps
the only reliable means of securing the Internet and its connected
devices.
The complete article is here