Becoming a Global IT Leader

According to the latest issue of CIO magazine, as organizations expand to new locations around the world, a growing number of IT leaders are finding themselves collaborating with colleagues, staff and business partners in places with drastically different personal, work and ethics practices. The following is a review of the main points of this excellent article:

"IT professionals must be prepared to drive innovation in today’s globally interconnected markets," says Sandra Smith, director of Brown University's IT Leadership Program. "To this end, they need transferable leadership skills effective across all markets, industry and cultures."

A successful global IT leader can come from any background, notes Doug Bordonaro, chief data evangelist at analytics developer ThoughtSpot, where he works with numerous Global 500 companies. Ultimately the most successful business people have three core traits: respect for foreign cultures, a skill that is in demand, and the …

What is a VPN and Why is it a Good Idea?

A virtual private network, or VPN, can help secure your web browsing and protect your anonymity online from anyone who wants to steal or monetize your data. A VPN creates a virtual encrypted tunnel between you and a remote server operated by a VPN service. All external internet traffic is routed through this tunnel, so your data is secure from prying eyes. Best of all, your computer appears to have the IP address of the VPN server, masking your identity.

To understand the value of a VPN, it helps to think of some specific scenarios in which a VPN might be used. Consider a public Wi-Fi network, perhaps at a coffee shop or airport. Like many of us, you might connect to it without a second thought. But do you know who might be watching the traffic on that network? Can you even be sure the Wi-Fi network itself is legitimate, or could it be controlled by a hacker who's after your personal data? Think about passwords, bank account data, credit card numbers, and private information that…

Transformational Trends in IT for 2018

According to CIO magazine, the relentless pace of technological change is impacting consumer expectations at a faster rate than ever, making any prediction challenging. Data security and privacy will continue to take center stage: How personal data is used. The ramifications of data breaches. And the importance of data to companies. Other trends we are likely to see include:

AI and IoT Converge
IoT will become part of the fabric of an organization in 2018. The challenge for CIOs and our teams will be how to integrate device management into overall IT infrastructure in a way that doesn’t overwhelm the organization.

Applications Managed in Real Time
Companies are beginning to explore what they can really do with the security, agility and flexibility of virtualized network services.

Cybersecurity, Fully Embedded
Threat detection capabilities embedded into platforms. End-to-end managed security infrastructure for the network, the developer, and applications. Proactive, predictive and cognit…

First Amendment and Free Speech Online

"Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances."

That's it. That's all the United States Constitution's First Amendment actually says.

There's a lot in just those few sentences, and it's crucial to know when and how it applies to common situations. Especially given the widespread use of Social Media.

For examples of First Amendment arguments presented by constitutional law expert, Lata Nott, executive director of the Newsium Institute's First Amendment Center, follow this link:

Digital Identity Guidelines

"Digital Identity" is the unique representation of a subject engaged in an online transaction.

"Identity Proofing" establishes that a subject is actually who they claim to be. 

"Digital Authentication" is the process of determining the validity of one or more authenticators used to claim a digital identity. 

Authentication establishes that a subject attempting to access a digital service is in control of the technologies used to authenticate. For services in which return visits are applicable, successfully authenticating provides reasonable risk-based assurances that the subject accessing the service today is the same as the one who accessed the service previously. Digital identity presents a technical challenge because it often involves the proofing of individuals over an open network and always involves the authentication of individuals over an open network. This presents multiple opportunities for impersonation and other attacks which can lead to fraudule…

“ one can hack my mind”: Comparing Expert and Non-Expert Security Practices”

Originally published two years ago by a team of three researchers from Google, I encountered this paper again at a conference I recently attended about how to deal with ransomware threats. Their findings provide excellent advice for everyone and I thought it would be good to share it again.

The paper discusses the results of two surveys: One involving 231 security experts, and another with 294 web-users who are not security experts. Both groups were surveyed about what they do to stay safe online. The intent was to compare responses from the two groups in order to better understand any differences in professional’s and casual user’s approaches to security.

Here are the top 5 practices by group:

Security Experts Non-Experts 1. Install Software Updates 1. Use Antivirus Software 2. Use Unique Passwords 2. Use Strong Passwords 3. Use Two-Factor Authentication 3. Change Passwords Frequently 4. Use Strong Passwords 4. Only Visit Known Websites 5. Use a Password Manager 5. Don’t Share Pers…

SANS Network Security Conference 2017 Las Vegas, NV September 10-17

“Established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. A range of individuals from auditors and network administrators, to chief information security officers are sharing the lessons they learn and are jointly finding solutions to the challenges they face. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community."

"SANS provides intensive, immersion training designed to help you and your staff master the practical steps necessary for defending systems and networks against the most dangerous threats - the ones being actively exploited. The courses are full of important and immediately useful techniques that you can put to work as soon as you return to your offices. They were developed through a consensus process involving hundreds of administrat…