What's happening at the intersection of IT security and society?

Our Newsletters are sponsored by:

 
 

 

Is it really necessary? 🤔
Probably. 🙄 

“The best way to get management excited about a disaster plan is to burn down the building across the street.”

– Dan Erwin

 

From our latest newsletter

Read the recent articles, watch the webcast, and listen to our podcasts responsibly, then, if you wish, share them all recklessly.

________________________________________________________________________________________________
 

Is AppSec Really The Beach Life You Dream About?
What To Expect From AppSecCali 2018, Besides Amazing Sunsets

In these Their Story podcasts, Richard Greenberg, the OWASP Los Angeles chapter president, and Rahim Jina from Edgescan, connect with Sean Martin to provide an update on the upcoming 2018 AppSec California conference being held January 28th to the 31st in Santa Monica, California.
by Sean Martin, host of At The Edge and An InfoSec Life
 

Are We Programming Our Digital Lives With Bias?
The Importance Of Diversity When It Comes To Building AI-Powered Technology, And How This Avatar-Led IOS App Bolsters Diversity In Digital Representation

*gramLabs co-founders Matt Provo & Ali Amarsy chat with ITSPmagazine’s Selena Templeton for the Diverse IT podcast about mai (“my AI”), an autonomous persona platform that accurately replicates an individual’s complete likeness.
by Selena Templeton, host of DiverseIT


From our Experts Corner

 

Building A Cybersecurity Program From The Ground Up
How To Build A Security-Driven Organization - The Human Element

Despite the advances in technology, there’s still a very human element to whether a company embraces security practices. This article examines the impact that organizational culture has on a company's ability to adopt a security-driven mindset and offers some pragmatic tips on overcoming oft-encountered challenges.
by Ayman Sayed

 

How Well Do You Know Thy Enemy?
Take Time To Understand The Cyber Threat Landscape

Cybercrime is on the rise. The number of data breaches in 2017 was staggering and things are likely to get worse. Employee error, employee manipulation, hacking-as-a-service, and the gap between development and test make things even more challenging. Says Dr. Rao Papolu, it's time to take some time to assess the main threats to your cyber defenses.
by Dr. Rao Papolu


It's All Fun and Games... Until The Someone Get's Poked In The Eye
Bitcoin’s Fork And Its Security Implications – Part 2

In the previous article I reviewed the Segregated Witness (SegWit), a Bitcoin soft fork developed to scale Bitcoin by trimming transaction data that was stored in the block and segregating it in another structure, freeing up space for more transactions. I finished the article promising a follow-up article on SegWit2X, which was scheduled to be released in November 2017.
by Cassio Goldschmidt


Small and Medium Business Cyber Security Education

EXPERT CYBERSECURITY WEBCAST SERIES FOR SMALL AND MEDIUM BUSINESSES

A Cybersecurity Webinar For SMBs | Episode II


We thank Symantec for sponsoring
the first three episodes of our
SMBs CyberSecurity Education Series



A Cybersecurity Webinar For SMBs | Episode II

I Am Not Selling Online. So, I Guess My Business Is Not A Target, Right?

WEBINAR DATE AND TIME

Wednesday, January 24, 2018
10:00 am - 11:00 am PST
1:00 pm - 2:00 pm EST

The live webinar is limited to 100 attendees.
Sign up soon to reserve your spot.
The recorded version will be available soon after the live event.

Some small and medium-sized businesses make the assumption that because they don’t sell their goods or services online that they are not a target for cybercrime. Unfortunately, this is an assumption that is not rooted in reality. Unless the business - and it’s employees - are completely ‘off the cybergrid,’ so to speak, the connectivity introduces risk that the business owners should at least be aware of. Sure, as a business owner, choosing to accept the risk is one option for dealing with the risk, but flat-out ignoring it could define the company’s success or failure.

How can this mean failure to the business you ask? Join us for this webinar as we explore:

• What connectivity is and means to the business
• How attacks work - viruses, phishing, ransomware, even disgruntled employees
• How connected devices play a role in adding risk to the business
• How employees play a role in protecting the business
• How your online presence (not just eCommerce) attracts cybercriminals to the business
 



Sponsored Content

Appseccalifornia banner 1.jpg

Unquestionably a one of a kind experience for Infosec professionals, developers, pentesters, QA and testing professionals, as they gather at the beach from around the world to learn and share knowledge and experiences about secure systems and secure development methodologies.

 

In this podcast, Richard Greenberg, the OWASP Los Angeles chapter president, connects with Sean Martin to provide an update on the upcoming 2018 AppSec California conference being held January 28th to the 31st in Santa Monica, California.

During the chat, Richard describes the agenda, highlighting keynote sessions from:

  • Eric Baize, Chairman of SAFECode and Vice President, Product Security, Dell EMC
  • Dr. Christian Dameff, Emergency Medicine physician, researcher, and Clinical Informatics fellow at the University of California San Diego
  • Richard Seiersen, SVP/CISO of Lending Club
  • Cory Doctorow, Science Fiction Author, Activist, and Journalist

In this podcast Rahim Jina, COO for Edgescan, talks with Sean Martin about the DOM-based web application data exfiltration detection tool Edgescan will be putting out to the open source community.

The new tool will be released and presented during the 2018 edition of OWASP's AppSec California event being held in January 2018 in Santa Monica, CA.

More information about the conference can be found at:
itspmagazine.com/events/appsec-california-2018


The 2018 HITRUST Third Party Assurance Summit will be held February 20-21, 2018 at the Hyatt Regency O’Hare, Chicago, IL. Third-party assurance is a crucial component of any organization’s risk management program. Developing and implementing an effective program, given the increased regulatory oversight, reliance and complexity of outsourced relationships and evolving threat landscape, is a challenging task – and one that requires alignment and support internally and with business partners. By engaging, partnering and coordinating with third parties in the risk management process, versus imposing redundant and inconsistent assessment and reporting requirements, greater efficiencies and improved partner relations can be gained, and appropriate risk management can be ensured. To facilitate this engagement and partnership, HITRUST regularly convenes the HITRUST Third Party Assurance Summit. Please click here to learn more.

The 2018 HITRUST Third Party Assurance Summit will be held February 20-21, 2018 at the Hyatt Regency O’Hare, Chicago, IL.

Third-party assurance is a crucial component of any organization’s risk management program. Developing and implementing an effective program, given the increased regulatory oversight, reliance and complexity of outsourced relationships and evolving threat landscape, is a challenging task – and one that requires alignment and support internally and with business partners.

By engaging, partnering and coordinating with third parties in the risk management process, versus imposing redundant and inconsistent assessment and reporting requirements, greater efficiencies and improved partner relations can be gained, and appropriate risk management can be ensured.

To facilitate this engagement and partnership, HITRUST regularly convenes the HITRUST Third Party Assurance Summit.

Please click here to learn more.


ITSPmagazine Chronicles

As you know, a chronicle |ˈkränək(ə)l| is a factual written account of important or historical events in the order of their occurrence.

Well, sorry, that is not 'exactly' what this is. We like to think of it as a succinct mix of commentary and fact.

Most recent chronicles


Sponsored Content

This event is a one of a kind experience for information security professionals, developers, pentesters, QA and testing professionals, as they gather at the beach from around the world to learn and share knowledge and experiences about secure systems and secure development methodologies. ITSPmagazine will be there! Learn more and register today

This event is a one of a kind experience for information security professionals, developers, pentesters, QA and testing professionals, as they gather at the beach from around the world to learn and share knowledge and experiences about secure systems and secure development methodologies.

ITSPmagazine will be there!

Learn more and register today

Business are ripe for automation. It’s time to move beyond manual processes and stop using email and spreadsheets to manage critical business processes. Read this Wave report from Forrester’s Rob Koplowitz to learn how Digital Process Automation (DPA) Software can transform the way businesses are run. Learn more by reading this report

Business are ripe for automation. It’s time to move beyond manual processes and stop using email and spreadsheets to manage critical business processes.

Read this Wave report from Forrester’s Rob Koplowitz to learn how Digital Process Automation (DPA) Software can transform the way businesses are run.

Learn more by reading this report

The 2018 HITRUST Third Party Assurance Summit will be held February 20-21, 2018 at the Hyatt Regency O’Hare, Chicago, IL. During the HITRUST Third Party Assurance Summits, a combination of facilitated discussions, educational sessions and networking opportunities, including general sessions and tracks specific to customer or vendor areas of interest, take place. It is a unique forum for customers, business partners and vendors to truly collaborate in evolving approaches, ensuring effective communications of appropriate, timely and consumable risk management information. Please click here to learn more

The 2018 HITRUST Third Party Assurance Summit will be held February 20-21, 2018 at the Hyatt Regency O’Hare, Chicago, IL.

During the HITRUST Third Party Assurance Summits, a combination of facilitated discussions, educational sessions and networking opportunities, including general sessions and tracks specific to customer or vendor areas of interest, take place. It is a unique forum for customers, business partners and vendors to truly collaborate in evolving approaches, ensuring effective communications of appropriate, timely and consumable risk management information. Please click here to learn more


CYBERSECURITY ADVICE FOR SMBs.jpg

Cybersecurity Advice for SMBs

Podcasts | Webinars | Articles | Videos


The Experts Corner

The Experts Corner is where great minds share their expert opinion on information security news and cybersecurity trends.

Most recent contributions


ITSP Webinars

From a partnership with BrightTALK, a brand new approach to bring our readers to the Intersection of IT Security & Society.

We are also planning and working on more webinars, podcast interviews, and a variety of conversations with the cybersecurity experts you want to hear from. We are even scheduling some live TV panels from Black Hat 2017.

Stay with us and enjoy some ITSP Radio & TV. Interested in producing a webinar with ITSPmagazine? Let us know!

 
 

Sponsored Content

Webinar | Application Security in an Open Source World.jpg

Application Security In An Open Source World


••••••••••••••••••••••••
Did you miss it?
It's ok, watch it now.


Cybersecurity Conferences And Events

View All Upcoming Cybersecurity Conferences And Events