Should Your CIO Learn to Code?

This topic came up because of two recent headlines and one new book. The first was the news that the now former Equifax CISO was a music major, without formal college level tech or security training. The second was the recent article in the WSJ highlighting Bank of America’s new Chief Operations and Technology Officer, Cathy Bessant. …

Read More

How IT Leaders Can Keep a Seat at the Table

In this era of digital disruption, business leaders are turning to technology to keep up.  But, will they continue to turn to traditional IT leaders to map out the future?  This is the question addressed by Mark Schwartz’s new book A Seat at the Table. Mr. Schwartz engagingly analyzes the present and provides guidance for IT leaders…

Read More

Anatomy of a Security Breach

In recent Information Security news, The Wall Street Journal reported on the upcoming trial of an alleged botnet master.  The trial is in progress now. It is not often that we get a look at the details of a computer security breach, but in this case at least some details are in the docket of the Eastern District of…

Read More

The Smartest Information Security Companies

Every year, MIT Technology Review publishes its list of the 50 smartest companies.  This year, two information security companies made the list, along with big-time players like Amazon, SpaceX, etc.  TR doesn’t publish detailed selection criteria, but they include things like ability to dominate the chosen market and innovative use of technology.  The two security…

Read More

Book Review: Play Bigger

Play Bigger is a new book by entrepreneurs for entrepreneurs (2016, Harper Business). The authors’ theme is that today’s markets are so crowded that you cannot rely on niche marketing into white spaces; you have to create your own white spaces, or “categories”. The goal is to be a “category king”. The idea of niche marketing has…

Read More

Long Term Beneficiaries of WannaCry

The current worldwide attack from WannaCry is going to have a lasting impact on information security. The question is: what will that be and who will benefit? In this blog post, I will take a contrarian viewpoint and suggest that it will not be beneficial to security practitioners or security businesses. I think business leaders,…

Read More

RISK: A NEW MOVIE ABOUT JULIAN ASSANGE

Last night I went to a screening of Laura Poitras’s movie about Julian Assange. If you are interested in national security, I highly recommend the film.  I had expected a big crowd, but Nashville’s Belcourt was only about 20% full. Love WikiLeaks or hate WikiLeaks, it is likely Assange will continue to be in the…

Read More

TRADE SECRET THEFT CONTINUES UNABATED

One of the biggest cyber threats that many US companies face is the theft of their intellectual property (IP).  This includes trade secrets, patents, software, and copies of tangible goods.  The recently released “Update to the IP Commission Report” gives tangible, current information on all four categories.  The original report was published in 2013 amidst…

Read More

TENNESSEE LEGISLATORS MUDDY WATERS AROUND PRIVACY BREACH NOTIFICATION REQUIREMENTS

The Tennessee legislature recently passed a modification to the state privacy breach notification requirements, § 47-18-2107.  The modification has been sent to the governor for signature.  Unfortunately, the modification just confuses the law’s requirements. The existing code says that a breach notification is required if “unauthorized acquisition of unencrypted computerized data” takes place.  The breach…

Read More