Sean Martin, CISSP | ITSPmagazine
Sean Martin is an information security veteran of nearly 25 years and a four-term CISSP. Sean is the co-founder and editor-in-chief at @ITSPmagazine and the president of imsmartin, an international business advisory firm. Sean's articles have been published globally covering security management, cloud computing, enterprise mobility, application security, InfoSec awareness and education, bug bounties, governance, risk, and compliance -- oftentimes with a focus on specialized industries and sectors such as government, finance, healthcare, insurance, legal, manufacturing and the supply chain.
It’s 2017 and we can no longer afford to ignore good cybersecurity practices. In this ITSPmagazine exclusive, we connected with top cybersecurity experts to get their recommendations on protecting business and users from malicious attacks.
Good Bots. Bad Bots. Can you tell those apart from the ‘normal’ traffic generated by the humans using your network? Sean Martin works with the team at Distil Networks to identify 10 ways to spot bad bots on your network?
If you believe the vendor hype, Artificial Intelligence is the greatest thing to ever happen to cybersecurity. Guess what? The vendors may be correct, but it’s not easy to determine what is useful technology and what is fluffy marketing.
There’s tremendous excitement about Machine Learning and its Artificial Intelligence applications for cybersecurity. There’s a lot of confusion and vendor technobabble, too, that must be sorted out.
From Big Data to Behavioral Analytics to Machine Learning, Artificial Intelligence presents a confusing landscape, in large part because the terms are vague and defined inconsistently (and vendors like it this way).
We’ve heard about cyberattacks against critical infrastructure sites and systems including dams (Bowman Avenue Dam in NY), railroads, electrical grids (Israel, US, Ukraine), and even nuclear power plants (Germany). But it doesn't stop there. And it may not even begin there.
How do you destroy 500 million trust relationships at once? Break in to Yahoo! Today the company claimed that a breach from as far back as 2014 – the result of a "state-sponsored actor" – led to the loss of "account information [that] may have included names, email addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers."
When it comes to the creation of this market, it all boils down to supply and demand. Jeremiah Grossman is nudging the supply along - letting people get a taste of it - and hopefully the market will soon start demanding it. In this article, Sean Martin explores the cyber guarantee portion of the topic and the ability to create a new market from scratch.
The 8th Annual ISSA Los Angeles Information Security Summit was back at the Universal City Hilton again this year, drawing well over 700 registrants from all over Southern California, Arizona and Nevada. This post covers some of the highlights captured from this year's event.
Sean on ITSP Radio
May 25, 2018 might seem like a fair distance out, and that a lot can happen between now and then. One of those things, however, could take quite a bit of planning, implementation, and proof that it's done. Ahh yes, GDPR compliance... what are you worried about?
As part of the original planning for the panel, I asked the experts to provide our audience with some actionable tips. This chronicle captures those tips. Enjoy!
As technology continues to permeate our world and our lives, more of what we do and how we interact with each other will be replaced by machines and automation. What happens when we shift from a world of virtual reality to a virtual world of reality?
Making predictions can be fun. It can seem like a game when guessing if and when a prediction would come true. But, when lives are at stake, some predictions can be downright scary.
During the first couple days of the RSA Conference, I've spent most of my time having informal conversations with attendees, taking briefings from vendors, and engaging in deep-dive interviews with executives and leaders from cybersecurity firms of all sizes. The two common themes thus far? Artificial intelligence/machine learning and a focus on ransomware and phishing.
Many organizations enter the world of information security with new products that they think are wildly innovative. But in many cases—unfortunately—they are not truly innovative. This post explores how to identify what is actually innovative, what type of innovation matters, why it matters, and how to approach innovation to achieve success.
I had the opportunity to contribute to a blog post for Distil Networks, offering up a few thoughts about the future of cybersecurity in 2017. Here's what I had to say.
What can happen when we think our devices aren't listening... but in fact, they really are?
In December 2016, ITSPmagazine secured a spot in the top 10 in Evan Carmichael's Top 100 Technology Twitter Accounts to Follow.
In the midst of our continued progress and success, I take great pride in sharing with you that our magazine has become an official media sponsor for RSA Conference 2017!
The RSA Conference Innovation Sandbox Contest is back, better than ever. This year, the event moves to the Marriott Marquis where it will share a new dedicated area with its sister event, the Early Stage Expo.
Did you know? In 2017, RSA Conference added four more Learning Labs, bringing the total this year to 16. View this list to get a sampling of the hands-on labs being offered at RSAC 2017.
Did you know? From Analytics to Technology Infrastructure, RSA Conference 2017 has a lot of conference topics to choose from. Can you guess how many?
Did you know? In 2016, RSA Conference launched what they refer to as Conference Paths. View this list to get a sampling of what's in store for RSAC 2017.
Given the level of chatter out and about in the industry, the team at ITSPmagazine shared my desire to start covering the event sooner, rather than later.
Jim Manico presented to the ISSA Orange County 2016 Symposium audience, sharing some key points on how to embrace and succeed with a secure application development program.
Certainly, we need to get more people interested in starting a career in cybersecurity. But, once they are ‘in’ we need to keep them there.
Stacey Higginbotham, editor at SKT Labs, addressed the second topic head on by interviewing Andy Ellis, chief security officer at Akamai, and Dale Drew, chief security officer at Level 3 Communications.
Even though there is an ongoing investigation into their recently-announced breach, Yahoo’s CISO, Bob Lord, still turned up at the Structure Security conference in San Francisco.