Fresh Thinking for the Modern CISO
powered by Kudelski Security
Working with CISOs – a DevOps Perspective
Software development methodologies have seen change significantly over the last 10 years. In many companies Agile has outpaced waterfall as the development model of choice. In addition, development teams may now have their own infrastructure operations working inside...
read more
Join the Scrum – Retrospective as a Security Tool for Continuous Improvement
Continuous improvement is a fundamental part of any security standard or security management system, so during my career I have had the opportunity to implement, manage or audit different approaches to implement it. As in the last years I’ve also been exposed to agile...
read more
The Cyber Pressure Model
Nearly every organization and government entity around the world has a media arm to promote its activities. Today’s terrorist organizations are no exception. Top targets such as Al-Qaeda, ISIS and Al-shabaab all have elaborate media mechanisms to promote and recruit...
read more
GDPR Compliance: 12-month Countdown to Compliance
Starting in May 2018, if you operate an enterprise or deliver services to customers in Europe – even if you are not located in Europe – your organization must be compliant with GDPR. If you decide not to comply with the requirements imposed by the legislation, the...
read more
Deception is the New Black
Concepts acquired from the military field are everywhere in cybersecurity – think defense in depth, situational awareness, intelligence, counter-intelligence... The list is long. In this post, I’m going to talk about one of them – deception – not because it’s new, but...
read more
The Might of a (Cyber) Nation!
Recently, Andrew Howard, Kudelski Security CTO was asked to comment in CSOonline on the need for a Cyber National Guard. A US congressman recently proposed the idea, citing digital security as a component of national security amidst headlines of other nations meddling...
read moreSecurity Advisory: WCry2 Ransomware Outbreak (updated)
wCry2 Ransomware spreading via EternalBlue (MS17-010) Update May 15 Attribution attempts Mid-morning (U.S time) Neel Mehta, a security researcher at Google, posted a cryptic tweet with the hashtag “#WannaCryptAttribution”: The tweet referenced hashes of...
read more
WannaCry Ransomware Webcast
The number of individuals, organizations and countries affected by the WannaCry malware attack is growing at an alarming rate. After the initial infection is executed, no user intervention at all is required for the malware to spread. As this is one of the largest...
read more