Past Issues | Subscribe | Send to a Friend | www.tagitm.org | ||
August 31, 2020 |
||
President's Message
As tempting as it is to title this month’s message "Psychological Tips from Scott," I’ll forgo that, but consider yourself warned. We are all motivated in different ways. Some of us are motivated intrinsically, meaning our motivation comes from within. We perform a task because it’s fun or challenging. Others are motivated extrinsically, which means we perform a task because we will be rewarded with something (money, promotion, etc.). Regardless of which type you are, there is a common need among us all: Feedback.
In the News
CSO
Business-minded security professionals can have significant impact on security success. "They have to have a sense of why we’re securing the business ... [I]f you don’t understand what you’re securing from a business perspective, how can you make that risk-based analysis?" asks Myrna Soto, chief strategy and trust officer at cybersecurity software firm Forcepoint. CISOs can cultivate those skills among their staff.
CIO
Sixty-three percent of employees surveyed by Lenovo in May say they feel more productive working from home (WFH), but many also cited downsides such as reduced personal connections with colleagues and trouble balancing work and home life and domestic distractions. CIOs offer their tips for keeping employees focused and productive.
Krebs on Security
With a mass shift to working from home, the increased use of corporate virtual private networks (VPNs) and elimination of in-person verification has led to a major voice phishing, or "vishing," campaign by cybercriminals. The FBI and the CISA issued a joint alert which includes suggestions that companies can implement to help mitigate the threat from these vishing attacks.
Security Intelligence
IBM’s team of hackers have discovered a vulnerability in Thales’ line of modules that enable mobile communication in IoT devices. They store and run Java code that often contain confidential information, and malicious actors can steal this information to control a device or gain access to the central control network. Potential areas of impact include medical devices and energy and utilities.
CSO
DevSecOps, which introduces security earlier in the life cycle of application development, is changing the state of application security. However data from several new industry reports show that risks remain, from the release of vulnerable code to problems with infrastructure-as-code templates. |
||