GDPR as an Attack Surface: Mitigating the Risks

It's the consequences of non-compliance that make the GDPR an ideal conduit to use for those with malicious intent. It involves a sense of urgency, an expectation that privacy-related documents will be exchanged by email, and significant consequences if such emails are ignored. So how do we tackle this? ... Read More

From Victim to Security Champion

In this day and age, everyone thinks they are security-savvy and that they would never fall victim to a social engineering attack. However, it does happen, more often than you’d think. However, if the person realizes the consequence of their actions, takes ownership of their part in the event, and ... Read More

Equifax and the Vendor Risk Management Quandary

In light of the Equifax breach, the focus on managing risk associated with vendors or third/fourth parties continues to grow, as do the number of vendors who will each offer you a “solution” to manage this risk. As Senior Director of Security, I am left wondering how each of these ... Read More