ITSPmagazine is free online publication that focuses on information technology, cybersecurity, data privacy, the InfoSec community and the influence that all this has on our everyday lives – as businesses, individuals and the society in which we live.

Delivered through articles, podcasts, webcasts, webinars, live panels, event coverage and talk shows, our team of cybersecurity experts explores the topics that matter the most: the human element and its symbiotic effect on the latest in technology, IT security and privacy.

Did you know that we just joined Patreon?

As you know, our mission is to raise awareness for cybersecurity by making it understandable, accessible, and part of everyone’s everyday life. We are on Patreon because we believe that the conversations we are having and the content we are creating are important for the cybersecurity community, for businesses of any size, for individuals and for our society as a whole. If you wish to become an ITSPmagazine Patron you will help us to create more content, expand our reach and, hopefully, extend our influence.

What's Happening At The Intersection Of IT Security And Society?

Follow us on Instagram for more quotes

Follow us on Instagram for more quotes

This newsletter is brought to you by:

Enjoy the latest podcasts, stories, talk shows, novelties, rarities, and oddities from ITSPmagazine.

…and then, if you please, join our Mailing List to get all the latest directly in your inbox.

ITSPmagazine Presents: 
Unusual Gatherings | Talk Shows

Featured
ITSPmagazine Talk Show | Episode III

ARE YOU GONNA WALK THAT TALK OR JUST SIT THERE?

Guests
Deidre Diamond | Julian Waits

Hosts
Selena Templeton | Marco Ciappelli

Watch it or listen to the podcast

Filmed in Las Vegas During Black Hat 2018
ITSPmagazine Talk Show | Episode II

THE CIRCUS IS COMING! THE CIRCUS IS COMING!

Guests
Russell Mosley | Ariel Herbet-Voss | Ted Harrington

Hosts
Marco Ciappelli | Sean Martin

Watch it or listen to the podcast

Filmed in Las Vegas During Black Hat 2018

Sponsored Content

Black Hat | BSidesLV | DEF CON | Hacking Diversity

Our Las Vegas coverage content is getting published.
So many fascinating conversations: experts panels, unusual gatherings talk shows, and podcasts.

The ITSPmagazine Black Hat, DEF CON, BSidesLV, and Hacking Diversity coverage, was made possible by the generosity of our sponsors. We are ever so grateful for your support.

 

ITSPmagazine Chronicles

As you know, a chronicle |ˈkränək(ə)l| is a factual written account of important or historical events in the order of their occurrence.
Well, sorry, that is not 'exactly' what this is. We like to think of our Chronicles as a succinct mix of commentary and fact.

Most recent chronicles

Featured
Managing the Risk Associated with Insider Threats | With Ted Harrington

The internal threat is a real adversary who can do significant damage to most organizations. Ted Harrington, Executive Partner at Independent Security Evaluators, explains how by understanding the distinctions between the different types of internal adversaries, organizations can design and implement an effective suite of defenses to counter each type of foe.

Read More →
Why Do We Have a National Cybersecurity Awareness Month?

By Sean Martin, host of At The Edge

In the first of three episodes, Sean Martin is joined by Marco Ciappelli, and these co-founders have the distinct pleasure of chatting with Daniel Elliot on the show. Daniel is the director of small business education at the NCSA and gives an overview of National Cyber Security Awareness Month, as well as the value of sharing cybersecurity responsibility — from the consumer to the large enterprise and from the boardroom to the break room.

Read More →
Should we just roll the dice or plan our AI-embedded future?
 A conversation with Dr. Ayesha Khanna

By Marco Ciappelli, host of The Cyber Society

This is a conversation with Dr. Ayesha Khanna, right after her closing keynote at RSA Conference 2018 APJ during the The Hugh Thompson Show: Artificial Intelligence APJ Style. Even Sophia — Hanson Robotics’ latest and most advanced robot to date and a cultural icon — was part of that panel, but to be honest, at this stage I would rather talk about Artificial Intelligence with those of my kind. For the time being.

Read More →
Are IoT Security Concerns Stupid? Not So Fast! Here's The Top 10 IoT Hall Of Shame for 2018

By Sean Martin, host of At The Edge

Arthur Hicken gives us an updated top 10 “IoT Hall of Shame” list of connected device vulnerabilities ranging from cameras to medical devices and from teddy bears to musical instruments (plus a few honorable mentions). Take a listen to find out what Arthur has uncovered during his research!

Read More →
From Liberal Arts to InfoSec, How a Diverse Background Helps in Cybersecurity

By Selena Templeton, host of DiverseIT

Theresa Abbamondi, Director of Product Management for Arbor Cloud and Services, chats with ITSPmagazine's Selena Templeton about how having a diverse background — in this case, liberal arts — has helped her tremendously at Arbor Networks, the security division of NETSCOUT.

Read More →
BSides Las Vegas Number Ten - Flip That Vinyl One More Time | A conversation with Jack Daniel

By Marco Ciappelli, host of The Cyber Society

As you can tell we were not in a hurry to publish the large amount of content created during our Las Vegas coverage. Instead, we decided to pace  ourselves and give you the time to appreciate all the conversations we had.

This one was recorded by me and Sean Martin after we went to see what was going on at BSides and ran into the conference’s Co-Founder Jack Daniel.

Read More →
The Connection Between Cybersecurity and Business Process Management – How Many Processes Can You Automate? Why?

So just what do cybersecurity and business process management have to do with each other? In this 3-part series, Ryan Duguid, Sr VP of Technology Strategy at Nintex, chats with Sean Martin about connecting cybersecurity with business process management. In part 2, they cover the question: how many processes can you automate – and why?

Read More →
Securing The Internet Is Our Shared Responsibility | NCSAM 2018

Give our dedicated focus on covering stories sitting at the intersection of IT security and society, it should come as no surprise that, at ITSPmagazine, we believe wholeheartedly in cybersecurity awareness. Therefore, as you might imagine, appreciate the awareness and education surrounding the month of October in what is called National Cyber Security Awareness Month, or NCSAM.

Read More →
When It Comes To Fraud, Forget The Tech For A Moment And Follow The Money

By Sean Martin, host of At The Edge

Sean Martin chats with Laz and Andy Chandler about the world of fraud and business email compromise (BEC). Organizations that continue to drive their security program with compliance and fail to understand how the cybercriminals view their organization from head to toe will always be behind the eight ball.

Read More →
Learning about Hire Ground at Bsides Las Vegas 2018 | A conversation with Kathleen Smith

By Marco Ciappelli, host of The Cyber Society

A conversation with Kathleen Smith | HIRE Ground Director

During Hackers Summer Camp, back In August, Sean Martin and I spoke with HIRE GROUND’s Director Kathleen Smith at BSIDES Las Vegas, to learn what makes this cybersecurity community event so special and so effective.



Read More →
The Connection Between Cybersecurity and Business Process Management – The Value of Formal Asset and Identify Management

So just what do cybersecurity and business process management have to do with each other? In this 3-part series, Ryan Duguid, Sr VP of Technology Strategy at Nintex, chats with Sean Martin about connecting cybersecurity with business process management. In part 1, they explore the value of formal asset and identify management.

Read More →
We All Have A Role To Play In Risk Management. What's Your Role?

By Sean Martin, host of At The Edge

In today’s episode, Sean Martin is joined by 3 students that recently completed the Pepperdine Cyber Risk Certification Program course:
- Lea Claveran, from Pecabar Holdings
- Karen Mendoza from Nintendo of America
- Randy Jackson, from the NFL

Read More →
No adults without kids Supervision, at r00tz AsylumThe future of cybersecurity is looking good.

By Marco Ciappelli, host of The Cyber Society

A podcast recorded at r00tz Asylum | DefCon 26
with John Johnson, Nico Sell, Sean Martin, instructors, parents and kids.

What if some kids' dream is to be a hacker when they grow up?

How would you feel about that?
Are you smiling or freaking out?

Are you imagining a bunch of faceless hooded figures crouched over computers in dark rooms doing all sorts of illegal cyber activities while green fluorescent binary codes drip down like blood over laughing skulls painted on the walls behind them?

If this is the case, then you should freak out; I would too, but just like you, by imagining that I would be wrong.

Read More →
Making CAPTCHAs Easy, Secure and Available for People with Disabilities

By Selena Templeton, host of DiverseIT

Kevin Gosschalk, co-founder and CEO of FunCaptcha, chats with ITSPmagazine's Selena Templeton and Sean Martin about leveraging gamification techniques for CAPTCHAs that are secure, can't be penetrated by bots, give the user best experience possible – and that people with accessibility requirements can still get through.

Read More →
How the CyberSecurity industry created the weakest link | A very short story

By Marco Ciappelli, host of The Cyber Society
A conversation with myself.

For years this industry has been selling pills that are supposed to "make the users un-hackable and made a lot of money selling those.

When the pill didn't work as advertised, the finger was re-pointed towards the users because they should have taken the pill AND make some lifestyle change. They are the reason why the medicine is not working, they are the weakest link.

Read More →
As An Industry We’ve Created A Disease That Afflicts The Users. It's Called Security Fatigue.

By Sean Martin, host of At The Edge

Sean Martin and co-host Selena Templeton chat with Chad Loder and Jason Hoenich from Habitu8 about insanity in the world of cybersecurity. Why do we keep trying to do the same thing over and over and yet expect a different result? Chad and Jason talk us through some of these things that are making all of us - the practitioners, defenders, and users - tired. And even a bit insane.

Read More →
I Always Feel Like Somebody’s Watching Me! And I Have No Privacy.

By Sean Martin, host of At The Edge

Callum Corr, data analytics specialist at ZL Technologies, chats with ITSPmagazine’s Selena Templeton and Sean Martin about the recent Google/FBI case in which the FBI made an unprecedented request that Google turn over the data of ALL its smartphone users who were in the general area of the crime they were investigating, as well as Google’s surreptitiously storing of user location data even when you’ve turned that option off in your phone’s settings.

Read More →
The User Is The Weakest Link In CyberSecurity! Or, Is It?

By Marco Ciappelli, host of The Cyber Society
A conversation with Shira Rubinoff, Sean Martin, and Marco Ciappelli
Recorded at Black Hat USA 2018

How many time have we heard the tale of the lazy, careless and ignorant technology user?

“Humans are the reason why cybersecurity solutions do not work! We need to make solutions that protect the users without the users being involved in the process. Because as usual they will F it up!” Really?

Nice try, sales and marketing team.

Deflate your ego, cybersecurity team.

Read More →

Looking for more?

ITSPradio

CYBERSECURITY ADVICE FOR SMBs.jpg

Cybersecurity Advice for SMBs

Podcasts | Webinars | Articles | Videos

Visit our SMB CyberSecurity Column

The Experts Corner

The Experts Corner is where great minds share their expert opinion on information security news, privacy advices, and cybersecurity trends

Most recent contributions

Experts Corner | Most Recent Articles
3 Strategies for Overcoming Security Burnout

With the problematic talent shortage in security, organizations are consistently operating understaffed and team members are forced to pick up the slack, which results in job fatigue and stress. Eric Sheridan, Chief Scientist at WhiteHat Security, offers three strategies for overcoming security burnout.

Read More →
Can SMBs Do Something to Prevent Ransomware? (Yes!) - Part 1

Last year Locky, NotPetya and WannaCry ransomware savaged Internet users, with billions of dollars lost, data destroyed, worldwide shipping disrupted, and reputations damaged. Even though they are the most hacked businesses on the Internet, many SMBs do not have proper cybersecurity protections in place. In part 1 of this two-part series, Dave Moore, founder of Internet Safety Group, explains why and how SMBs need to make Internet safety training a top priority.

Read More →
Productivity or Cybersecurity? Now You Can Have Both

When it comes to protecting end-user devices, many enterprises see two choices: either lock down devices and limit what users can access, or prioritize productivity and take some chances with security. Tal Zamir shows why this either/or proposition is untenable for CISOs, IT and end-users, and how a new software-defined endpoint approach is enabling enterprises to deliver completely secure and totally unrestricted user experience.

Read More →
The Impact Of The GDPR On Employees: The Payroll Process

With the GDPR now in effect, businesses across Europe are adjusting to a new regulatory environment. David McLeod of activpayroll examines the GDPR's impact on the payroll landscape, and how employers might boost their compliance performance.

Read More →
Employees Need Trust, Not Toys

When Remotive.io founder Rodolphe Dutel tweeted “Tech companies must offer trust, not toys, to attract and retain talent,” it went viral. Rather than offering toys – ping pong tables, beer fridges, etc. – to lure in more candidates, Rodolphe outlines what organizations should offer instead to attract the best talent, and why.

Read More →
Building Cybersecure Culture through an Age-Old Technique: Apprenticeships

With an alarming talent gap in the industry, cybersecurity can no longer be thought of as a technical problem with a technical solution; it must be treated as a critical business concern. Charles Eaton of CompTIA discusses how apprenticeships can supply companies with a more predictable, sustainable pipeline of applicants, while providing new cybersecurity workers with necessary experience, education and mentorship.

Read More →
6 Reasons Why SIEMs Aren’t a Security Analytics Tool

Given all the vendor- and analyst-speak in the security space, it’s become difficult for organizations to know the difference between Security Information and Event Management (SIEM) and security analytics. Here are 6 ways to tell a SIEM from a security analytics product.

Read More →
Learn About Cryptomining – The Latest Most Popular Cyberattack

Criminal cryptomining has replaced ransomware as the leading type of cyber attack in 2018. While not all cryptomining is criminal in nature, this new type of cyber attack has gained momentum and popularity as a result of its success. Lastline’s director of threat intelligence, Andy Norton, explains the popular criminal techniques used to mine cryptocurrencies — and what lies ahead for cryptomining.

Read More →
We’re All in This Together – Why You Should Champion National Cyber Security Awareness Month

With data breaches on the rise and personal information ending up in the hands of cyber criminals, we are no longer questioning whether a breach will occur, but when the breach will occur. Marija Atanasova, Sr. Content Strategist for the IT Security community at BrightTALK, interviewed Karen Creasey of NCSAM to learn how to get the most out of National Cyber Security Awareness Month (October).

Read More →
California’s ‘SB-327 Information Privacy: Connected Devices’ Bill Could Be The First To Establish IoT Regulation

If signed by Governor Brown on September 30th, California’s "SB-327 Information privacy: connected devices” bill – the first to establish regulation around IoT – will require connected devices sold or offered for sale in California to have “reasonable security features appropriate to the nature of the device”. Although the bill is a good start, Aaron Guzman, Head of Automotive & IoT at Aon, outlines what an even better approach might be.

Read More →
Five Things To Consider When Evaluating Security Solutions

As more security technology companies emerge, consolidate and disappear, CISOs are struggling to understand which products are really worth their investment. Absolute’s Director of Security Strategy Josh Mayfield shares how CISOs can cut through the product marketing jargon and break down the five questions every CISO should ask a potential security vendor.

Read More →
Avoiding The Common Pitfalls Of SMB Security

There are a few common misconceptions that prevent small- and medium-sized businesses (SMBs) from pursuing a strong security posture. It is important for both the businesses and the security industry to understand the reality of the situation. Megan Roddie, security analyst with Recon InfoSec, explains how to avoid the most common mistakes of SMB security.

Read More →
How to Measure the ROI of Cybersecurity Investments

Regularly measuring the effectiveness of cybersecurity efforts is challenging but essential to avoid security incidents. The ROI of security investments should be based on how much loss the organization could avoid due to the investment. In this article, Netwrix CEO Steve Dickson covers a combination of quantitative and qualitative methods to evaluate the return on security investments (ROSI).

Read More →
Rethinking Modern-Day DDoS Attacks And Their Risk

Some of the most popular DDoS mitigation tools are also the least effective. Many enterprise organizations have been lulled into a false sense of security, literally, and are ill-prepared to defend against modern DDoS attacks, primarily because they don’t fully understand the extent of the risk. Tom Bienkowski of NETSCOUT Arbor explains those risks and suggests defenses.

Read More →
Let’s Pretend You've Been Breached. Now What?

Every business falls victim to cyberattacks sooner or later. Are you prepared for when the inevitable breach happens? If not, your business and your career could be in jeopardy. This article highlights nine key criteria that should be part of every cyber-breach preparation plan.

Read More →
Blockchain Systems Need Mature Disclosure Policies

Decentralized systems based on technologies such as Blockchain must take into consideration the safety of the security researcher and provide the means to report vulnerabilities anonymously. And because flaws are inevitable, companies working in this space must have a mature, responsible disclosure policy.

Read More →

Want more stories from our expert cybersecurity contributors? There's plenty of InfoSec goodness to be had!

Have an opinion of your own you'd like to share? Want to make a contribution to the community?

ITSP Webinars and Webcasts

We are constantly planning for and working on more webinars, podcast interviews, and a variety of conversations with the cybersecurity and privacy experts you want to hear from. Stay tuned for some specialized series as well, including our SMB webcasts and our new ITSPmagazine Talk Show.

Stay with us and enjoy some ITSP Radio & TV. Interested in producing a webinar with ITSPmagazine? Let us know!

Featured
What Are Viruses, Malware And Ransomware?

This episode is brought to you by:
ITSPmagazine 🤔

YOUR EDUCATORS
Jeremy Stepan, President, Resurgence IT
Victor Owens, Security Analyst, MassMutual
Additional Panelist TBD

YOUR MODERATORS
Sean Martin, CISSP, Founder and Editor-in-Chief, ITSPmagazine
Marco Ciappelli, Co-Founder, ITSPmagazine

LEARN MORE

Read More →
What Is Phishing And Spear-Phishing?

This episode is brought to you by:
ITSPmagazine 🤔

YOUR EDUCATORS
Jonathan Sinclair, Information Security Analyst, NBC
Christopher Pichardo, Security Operations, Morgan Stanley
Lauren Zink, Security Awareness Manager, AmTrust Financial Services

YOUR MODERATORS
Sean Martin, CISSP, Founder and Editor-in-Chief, ITSPmagazine
Marco Ciappelli, Co-Founder, ITSPmagazine

LEARN MORE

Read More →
What Is Social Engineering And Human Hacking?

This episode is brought to you by:
ITSPmagazine 🤔

YOUR EDUCATORS
Masha Sedova, Co-Founder, Elevate Security
James Stanger, Chief Technology Evangelist , CompTIA
Rachel Tobac, CEO, SocialProof Security

YOUR MODERATORS
Sean Martin, CISSP, Founder and Editor-in-Chief, ITSPmagazine
Marco Ciappelli, Co-Founder, ITSPmagazine

LEARN MORE

Read More →
What Risks Are Lurking In Your Business Processes?

YOUR EDUCATORS
To be announced soon…

YOUR MODERATOR
Sean Martin, CISSP, Founder and Editor-in-Chief, ITSPmagazine

(ISC)² members can earn 1 CPE credit here on ITSPmagazine

LEARN MORE

Read More →
LEARN ABOUT OUR WEBINAR SPONSORSHIP OPPORTUNITIES

Subscribe to our Audio News and Podcasts Series

 
 
 

What is happening at the intersection of IT security and society?

Subscribe to the ITSPmagazine newsletter.

We always respect your privacy.


ITSPmagazine is, and will always be a free publication.

Our mission is to raise awareness for cybersecurity by making it understandable, accessible, and part of everyone’s everyday life.

If you can and wish to contribute, consider an individual donation.
We are on Patreon.com now.