Blog

While artificial intelligence (AI) has gotten a lot of attention in recent years as a possible solution for cybersecurity issues, Winn Schwartau argues there’s a long way to go before we can trust AI and its siblings, machine learning (ML) and deep learning (DL), to deliver the results we need. During a presentation on the ethical bias of AI-based systems at the (ISC)2 Security Congress 2019, Schwartau said significant problems with AI need to be overcome before we can fully trust it with something as important as cybersecurity. Schwartau, a top expert on security and privacy, is the Chief Visionary Officer at The Security Awareness Company. During a mid afternoon session at Security Congress, taking place this week in Orlando,

Whenever new data privacy and cybersecurity laws go into effect, they create more work and responsibilities for cyber professionals. This reality hasn’t gone unnoticed by attorney Scott Giordano, who reminded cybersecurity professionals during a session about the California Consumer Privacy Act (CCPA) that the law will create new duties for them. Giordano, Vice President of Data Protection at Spirion, went over details of the law, which takes effect on Jan. 1, 2020, and how organizations should prepare for it. His was one of a series of presentations at the 2019 (ISC)² Security Congress, taking place in Orlando this week, about privacy and security regulations, and their impact on how organizations go about collecting and keeping personal customer data. The California

At public events, speakers and performers often ask the audience to turn off their mobile phones, but Catherine Price really meant it. She asked attendees of Tuesday’s keynote speech at (ISC)2 Security Congress 2019 to actually press their phones’ power button. “I’m going to guess a lot of people are feeling uncomfortable. A lot of you faked it. A lot of you are probably hating me right now,” said Price, a journalist and author of the book, “How to Break Up with Your Phone.” For the next hour, Price discussed the reasons we are so tethered to our phones, what it’s doing to us, and how we can take back control. She addressed the dangers of our constant attachment to

When doing their work, cybersecurity professionals often come across situations that put their skills to the test. And sometimes those tests have far less to do with technology or business than with questions of ethics. When cyber professionals discover vulnerabilities while performing penetration tests or some other security-related work, is it OK to disclose those vulnerabilities publicly? What happens if system owners are made aware of issues but decide to ignore them? And at which point, while testing systems containing private information, do cyber professionals reach a line they should not cross? These questions were part of a lively panel discussion today at the (ISC)2 Security Congress 2019, taking place in Orlando this week. The session, “Ethics Dilemmas Information Security

The spotlight was on safety at the kickoff this morning of (ISC)² Security Congress 2019, taking place this week in Orlando. First, (ISC)² CEO David Shearer talked about the role that association members have in protecting society through their cybersecurity work. Then, Capt. Chesley Burnett "Sully" Sullenberger, the pilot of flight 1549, which landed on the Hudson River in January 2009, related the events of that day and how he and his co-pilot, Jeff Skiles, safely landed their U.S. Airways Airbus with everyone aboard surviving the event. Shearer spent much of his kickoff address on the importance of abstracting what cybersecurity professionals do from the very users they are protecting. “Our customers’ users simply want to be able to do