modernciso.com | Fresh Thinking for the Modern CISO

Senate bill to secure Internet of Things (IoT)

The Internet of Things, and now the U.S federal government along with it, have a problem. Devices are smart enough to impact the world around them, but aren’t built smart enough to protect themselves. In the recent past, these devices have been maliciously...

Moving Toward an Outcome-Based Threat Intelligence Program

Moving toward an outcome-based Threat Intelligence (TI) program is an important point of moving forward with industry best practices. One of the themes that we have seen with security leaders is the problem with being able to bring actionable, relevant information to...

Modern CISO Web Series: Washington D.C.

Welcome to the debut of our brand new Modern CISO web series. This series is a platform for security leaders to gain insights from their industry peers on cyber security topics. Presented by Mark Carney, VP of Global Advisory Services at Kudelski Security and...

Kudelski Security – Part of the Story…

One year ago, we sat around a big table at The House of Blues Foundation Room in Mandalay Bay, Las Vegas, meeting with potential clients and partners and telling them the Kudelski Security story. In the United States, it’s quite a short story, but reality is that...

GDPR: A Brief Overview

Over a year ago the GDPR (General Data Protection Regulation of April 27th 2016) was approved and will become mandatory to the European Union members starting May 25, 2018. That leaves a little less than a year to become compliant with the regulation, so I wanted to...

NEW UPDATE: ‘Petya/NotPetya’ Ransomware Spreading Rapidly Around Europe and Globe

UPDATE 6/30: Microsoft Windows 10 Enterprise includes a feature called “Credential Guard”. This feature can prevent certain attacker tools from compromising administrative credentials using well known techniques such as a Pass the Hash attack. Having this feature...

Working with CISOs – a DevOps Perspective

Software development methodologies have seen change significantly over the last 10 years. In many companies Agile has outpaced waterfall as the development model of choice. In addition, development teams may now have their own infrastructure operations working inside...

Join the Scrum – Retrospective as a Security Tool for Continuous Improvement

Continuous improvement is a fundamental part of any security standard or security management system, so during my career I have had the opportunity to implement, manage or audit different approaches to implement it. As in the last years I’ve also been exposed to agile...

Fresh Thinking for the Modern CISO

You have Successfully Subscribed!