Managing Online Risk’s Travel Security & Risk Recap (Jan. 2017)

travel-on-earth_fkfx3Pu_

Welcome to our recap of stories relating to Travel Security and Risk. This edition’s stories cover many issues including: protecting health secrets while you travel; staying safe at the airport; keep your mobile safe while traveling; travel risk management; technology, travel & security; security app for traveling athletes; and more.

These are some of the articles, reports, posts, etc. that caught our attention this quarter. We originally send them out through our twitter account @DGOnlineSec, so follow us to get them as we find them. But many of them are such great resources we don’t want you to miss them, so we’ve decided to put them as a weekly recap. Some links will take you to their original sources, whether Lexology, PC Mag, SC Mag, NLR, and/or others. For others you will need to go directly to our Twitter account to access. Enjoy and let us know some of the stories you’ve found interesting this week. Just share in the comments below.

Managing Online Risk’s Monthly Recap (Jan. 2017) – Stories Relating to Online Security & Risk

Security Computer Key Shows Privacy And Safety

Welcome to our recap of stories relating to Online Security and Risk. This month’s stories cover many issues including: Data Privacy Day – Jan 28; deleted vs. destroyed data; security lessons learned in 2016; cute selfie app collects data; 8 steps for better security; EU & privacy directives; AI, robots & security; security terms you should know; 10 people who are security risks; and more.

These are some of the articles, reports, posts, etc. that caught our attention this week. We originally send them out through our twitter account @DGOnlineSec, so follow us to get them as we find them. But many of them are such great resources we don’t want you to miss them, so we’ve decided to put them as a monthly recap. Some have links that will take you to their original sources, whether Lexology, PC Mag, SC Mag, NLR, and/or others. Others you need to go directly to our Twitter account to view. Enjoy and let us know some of the stories you’ve found interesting this week. Just share in the comments below.

Managing Online Risk’s Monthly Recap (Sept, 2016) – Stories Relating to Online Security & Risk

security words on a wrinkled piece paper

Welcome to our recap of stories relating to Online Security and Risk. This month’s stories cover many issues including: When AI goes to the dark side; National Cyber Security Awareness Month; Amy Schumer is most dangerous celebrity on McAfee’s list; Yahoo’s data breach; BYOD & social media biggest internal security threats; wearable technology; 7 deadly Internet security sins; Dropbox hack; anatomy of a social media attack; and more.

These are some of the articles, reports, posts, etc. that caught our attention this week. We originally send them out through our twitter account @DGOnlineSec, so follow us to get them as we find them. But many of them are such great resources we don’t want you to miss them, so we’ve decided to put them as a monthly recap. Some have links that will take you to their original sources, whether Lexology, PC Mag, SC Mag, NLR, and/or others. Others you need to go directly to our Twitter account to view. Enjoy and let us know some of the stories you’ve found interesting this week. Just share in the comments below.

Gwinnett Tech Forum: The Evolution of Wearable Technology

Using smart watch

Partnership Gwinnett hosts quarterly Technology Forums (http://www.gwinnettchamber.org/gwinnett-technology-forum/). I enjoy attending them because they always have interesting topics, knowledgeable speakers, and great networking with technology professionals. The last one I attended was called “The Evolution of Wearable Technology.” Panelists included Rick Erazo (RE), of AT&T Wearable IOT; Todd Charest (TC), Chief Innovation and Product Officer, Ingenious Med; and Peter Presti (PP), Research Scientist at Georgia Tech IMTC Georgia Tech. The panel was moderated by Robert McIntyre (RM), from the Wireless Technology Forum.

The discussion began with some introductory remarks and a history of wearable technology – where it came from up to where it is now. The moderator then presented a series of questions for each panelist regarding how they use the technology, what are the trends and obstacles they see, and how they believe this technology will change employer and consumer behavior. Below I have put some highlights form the discussion.

Check their website for future Forum dates.

Hurdles for wearable technology?

Size, battery life, and consumer behavior.

Factors of adaptability of wearable technology?

Health, productivity, safety and security.

Interesting stats:

  • 10% of wearable devices will be working on a cellular network.
  • 24 million devices were in use by end of 2015.
  • A 36% annual growth is expected in this market through 2017.
  • By 2018 it will be a $12 billion range market.

There is a difference between non-traditional OEM’s of wearable technology and enterprise wearable technology.

Non-Traditional OEM Enterprise
Concerned with how the device “looks” on the body

Personal preferences, tastes, personality traits of the wearer, fashion, lifestyle

 

Concerned with how the device “functions” and affects productivity

Ex. Google glass flopped with consumers but has been taken up by service providers

  1. Why are wearables taking off?
    • Mass adoption of smart phones. (RE)
    • There are better user interfaces and user experiences now. (RE)
    • A wearable is not just the device but also an infrastructure. (PP)
    • We are understanding better behavior change – behavioral engineering – so now we can collect data passively and do something with the data to make lives better. (TC)
  2. Is the wearable the extension of the human or is the human the extension of the wearable?
    • We start with the human first. (TC)
    • We may be transitioning in to a “Borg Lab” (from Star Trek) where humans and wearables will co-evolve (like clothes). (PP)
    • An extension of the human 0 that fashion element that represents who you are to the world – like luxury items. (RE)
  3. How will wearables enhance and challenge the workplace?
    • Wearables can work very well in certain areas – like manufacturing – like id badges – for authentication and to provide access. (RE)
    • Any job that needs interaction with a terminal can use a wearable. (PP)
    • We are collecting a vast amount of data today – information overload – we need to learn how to make sense of it. It will not be fashion but usability that will determine a higher adoption rate in the workplace. (TC)
  4. What about privacy and security?
    • These are the biggest challenges in this market. How do we strike a balance? What is the younger generation’s understanding of privacy, etc.? (TC)
    • What happens to the data collected by the wearable beyond health – photos, etc.? Regulatory policy will come into this space within the next 5-10 years. (PP)
    • These are critical to adoption multi-faceted approach through every step in the use of the wearable for security. We each need to access our risk. Need to look at mobile device management – and update IT policy to include wearables and IoT; especially bio-data of employees. (RE)
  5. Which wearable is your favorite and why?
    • Google Glass – a massive social experiment of what people are willing to accept and not to accept. Fashion vs. form vs. function – what is the right way to build these things? (PP)
    • Samsung Gearup 2 and Timex Metropolitan (RE)
    • Need to look at the breath and depth; my smartphone, Apple Watch (convenience and social acceptability), Fitbit (social norms) (TC)
  6. Which wearable technology company should we buy stock in?
    • Fashion name brands like The Fossil Group which just acquired Misfit. (RE)
    • Small start-ups; Pulse Wave monitoring company (PP)
    • Companies working with cognitive computing; self-driving cars; insurance companies (DC)
  7. Other comments:
    • Problem with Google Glass is that its battery life is too short so it is not good for constant and long-term monitoring (PP)
    • Empowered patients – “sitting (not moving) is the new smoking” – this is a public health concern; we need to get employees moving (PP)
    • This will be a competitive space, but a big challenge is that the data collected in one device is not transferable to different platforms. (TC)
    • Who owns the data? Will you be beholden to a certain brand because they have your data (not ideal). The user should own the data. (PP)
    • It will be a crowded space (RE)

Resources:

NACCSE Women in Cyber Technology Panel 2016

mechanical-gears-background-with-businesswomen_g12edjjo_l

I attend various cyber-security related events throughout the year so I can keep myself updated on the latest in the industry as well as keep up with colleagues and meet new people. The Netherlands American Chamber of Commerce South Eastern Region (http://www.naccse.org) has been organizing a series of panels regarding women in various industries – predominately technology and leading edge. This past panel – their 11th – was on “Women in Cyber Technology” and was held at L’Alliance Française in Atlanta, Georgia in August. The panel was co-hosted by the French American Chamber of Commerce – Atlanta (FACC-Atlanta) British-American Business Council of Georgia, GACC, and Women in Bio Atlanta. Panelists included: Marci McCarthy, CEO of T.E.N; Major Rodriguez Head of the Army Cyber School; Deborah Johns, Technology Recruiter; and the moderator Allison of Turner BCI Global.

The panel discussed issues related to being employed in the sector – what skills and training are required, what can women expect when working in the industry, why is the industry booming, and resources to help women get, maintain, and thrive in this male-dominated industry. Although they wanted to broaden their discussion on cyber technology, it quickly narrowed down to cyber-security, and for obvious reasons considering the recent headlines regarding personal, professional, and national threats due to online attacks.

Below I have listed some quotes and highlights from the panel as well as some of the resources shared by the panelists.

  • “In technology the salary is higher.”
  • “Cyber security is about priorities – you need to understand the risks and re-prioritize continuously.”
  • “What role models did you have while growing up? Did they look like you? Did you see yourself in that role?”
  • “Security clearances are an asset to your marketability – in and outside of the military.”
  • “Top concern on cyber security is the unknown threat because you do not know where it is coming from or sometimes when it has even hit.”
  • “Security professionals are paid to be paranoid.”
  • “To be successful in this field it is good to have a business acumen or business degree background – how is this going to affect my business.”
  • “There is no regular day in cyber security/cyber technology – an attack can happen 24/7.”
  • “You need to be a great communicator and have good relationships throughout the organization.”
  • “Build strong security awareness programs for your organization.”
  • “You need to have great knowledge of the security arena.”
  • “Remind people of cyber hygiene – like don’t click on an attachment or links.”
  • “The first CISO was Steve Katz at CISCO in 1999. We’ve come a long way since then.”
  • “This is a self-selected industry.”
  • “You need logic, to understand how things work.”
  • “Today everything runs off apps – and the more apps the more security issues you have.”
  • “This industry is taxing on your family – you need an understanding spouse.”
  • “There is high burnout – and you need to be comfortable that there may not be life-work balance.”
  • “You need an amazing tem around you.”
  • “The CISO is the James Bond of IT.”
  • “Always have a succession plan in place – a backup – or you will never get a break.”
  • “You need to be dedicated – you WILL work hard.”
  • “You don’t need to for some jobs in the field but it is good to learn to code – Udacity is a good resource. Think of it as learning another language – and knowing another language makes you more valuable.”
  • “You need to know about networking, technical aspects, encryption, governance, risk, and compliance.”

 

Key Information Security Organizations:

ISSA – http://www.issa.org

ISACA – https://www.isaca.org/Pages/default.aspx

ISC(2)- http://isc2.org

TAG Information Security Society – http://www.tagonline.org/chapters-and-societies/information-security/

ICMCP – https://icmcp.org

SANS – https://www.sans.org

 

Key publications and information sources:

SC Magazine – http://www.scmagazine.com

Dark Reading – http://www.darkreading.com

IT Security Planet – http://www.itsecurityplanet.com

Search Security by TechTarget – http://searchsecurity.techtarget.com

T.E.N. and ISE Programs Knowledgebase – http://www.ten-inc.com/knowledgebase.asp