What Makes a Good CISO

Video: What Makes a Successful CISO?

  What makes a successful Chief Information Security Officer (CISO)? It’s a job title that has only existed for a relatively short time. At SecTor 2015, keynote speaker Trey Ford mentioned that many CISOs were in the job for the first time and feeling their way around the role. A year later at SecTor 2016, […]

Read more
Wassenaar Agreement - should information be weaponry?

What The Wassenaar Arrangement means for cybersecurity pros

Should information be treated like weaponry? The world isn’t sure – and it’s causing cybersecurity companies and researchers real headaches. Hopes for a key resolution on export controls were dashed after annual talks concluded in December – and that leaves some key questions unresolved. The talks were part of the Wassenaar Arrangement, an agreement between […]

Read more
2017 security challenges

Video: What are the biggest security challenges in 2017?

From IoT to dealing with data at scale, the challenges for security pros in 2017 will be as daunting as ever. Last year at the tenth annual SecTor conference, security experts revealed what they thought the biggest challenges of the year might be – and we caught it all on camera. This is the first […]

Read more
2016 predictions review

2016 predictions: how did the fortune tellers do?

It’s the end of the year and the 2017 predictions are flooding in. From the mundane to the mad, companies are falling over themselves to tell us what will happen in the coming year. Here at SecTor, we thought we’d take a different approach and look back to last year’s predictions. What were people saying […]

Read more
Finding the incentive for cybersecurity

Finding incentives for cybersecurity

Another day, another large corporate hack. Companies continue to lose our data, through a combination of poor funding and misjudged security measures. None of them want it to happen, but do they have enough incentives to prevent it? Companies must comply with industry regulations, but as we repeatedly see, the bare minimum often isn’t enough. There’s a difference […]

Read more
Code of Ethics for Cybersecurity

An ethical code for cybersecurity

The battle between black hats and white hats will never end, but do we need some kind of Geneva Convention for how it’s waged? Security pros must often engage black hats, either directly or indirectly, and the rules of engagement aren’t always clear. Sometimes they can also raise ethical issues. Take Facebook’s approach to password […]

Read more
Biometric Doppelganger

How to impersonate someone for 22 cents

  For years, researchers have developed ways to bypass biometric scanners and impersonate other people. Now, there’s a new technique: disguising yourself as Elvis Costello to fool a facial recognition system. Late last month, researchers at Carnegie Mellon unveiled a new attack designed to fool facial recognition systems that involves the use of glasses with […]

Read more
What Is Your Phone Telling People?

What Is Your Phone Broadcasting?

Your phone might be telling the world more than you think – and Solomon Sonya is listening. The US Air Force trainer, who speaks today at SecTor 2016, will be unveiling a tool that can find out where your phone has been. It can be put together using little more than a Raspberry Pi and […]

Read more

B-Sides: A Grassroots Security Movement

Some of the music industry’s best hits came from B-sides. Gloria Gaynor’s I Will Survive was a B-track, as was the Red Hot Chilli Pepper’s most successful single ever, Soul To Squeeze. Vanilla Ice’s US #1 hit Ice Ice Baby was also a B-side, but we try not to talk about that. The point is […]

Read more

Understanding Malware from the Inside Out

Analyzing malware has always been a little like working in a digital virology lab. Researchers have to organize virus and worm samples, and keep them in a protected environment that won’t risk infecting anyone else. Then they must pick the viruses apart, often trying to outwit malware coders that may have built anti-analysis measures into […]

Read more

The Key To Avoiding Another OPM

Chris Pogue has a special interest in last year’s US Office of Personnel Management data security breach – his details were among those that were stolen. Pogue, chief information security officer at Nuix, spent several years in the US army teaching cyberwarfare. His was one of the 21.5 million government-employed individuals whose information ended up in the […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!