About three thirds (76%) of companies currently have cyber insurance, but less than a third of them (32%) get policies that cover all risks, according to two representatives from insurer RLI Corp. who spoke during this week’s (ISC)2 Security Congress 2018 in New Orleans. While having a cyber policy is always a good idea, there is a fair amount of complexity that makes it difficult to determine how much coverage you need. Often third parties such as cloud providers are involved, creating coverage nuances that companies must be aware of when taking out a policy. Beyond that, companies often don’t have a good grasp on all their assets, or how much risk they can sustain, and as a result base

Stop saying humans are the weakest link in security. That was the main message delivered by former White House CIO Theresa Payton during her keynote at (ISC)2’s Congress 2018, taking place this week in New Orleans. “The technology is the weakest link. The human is at risk. We have to change how we think about this in our industry,” said Payton, who is now president and CEO of Fortalice Solutions, and stars in the CBS show “Hunted.” Even though cybersecurity teams implement various measures, follow rules and frameworks, and complete compliance checklists, breaches still occur, she said. That’s because technology is designed to be open for interoperability and usability. Rather than blame users, a better approach to security is needed.

Stop saying humans are the weakest link in security. That was the main message delivered by former White House CIO Theresa Payton during her keynote at (ISC)2’s Congress 2018, taking place this week in New Orleans. “The technology is the weakest link. The human is at risk. We have to change how we think about this in our industry,” said Payton, who is now president and CEO of Fortalice Solutions, and stars in the CBS show “Hunted.” Even though cybersecurity teams implement various measures, follow rules and frameworks, and complete compliance checklists, breaches still occur, she said. That’s because technology is designed to be open for interoperability and usability. Rather than blame users, a better approach to security is needed.

Privacy is one of the greatest challenges of the digital age. Who has the right to access an individual’s personal data and when? That’s the question at the heart of a series of court cases regarding search and seizure of mobile phones at U.S. border crossings. Currently border agents are allowed to access and search metadata, including the origin, time and date of phone calls, without a search warrant. However, true data typically requires a warrant, according to Scott M. Giordano, vice president of data protection at Spirion, a data management software provider. He addressed the topic to a packed room during (ISC)2’s Congress 2018, taking place this week in New Orleans. U.S. privacy laws are in desperate need of

Privacy is one of the greatest challenges of the digital age. Who has the right to access an individual’s personal data and when? That’s the question at the heart of a series of court cases regarding search and seizure of mobile phones at U.S. border crossings. Currently border agents are allowed to access and search metadata, including the origin, time and date of phone calls, without a search warrant. However, true data typically requires a warrant, according to Scott M. Giordano, vice president of data protection at Spirion, a data management software provider. He addressed the topic to a packed room during (ISC)2’s Congress 2018, taking place this week in New Orleans. U.S. privacy laws are in desperate need of