Tag Archive for: CISO

Establishing and Selling The Cost of Cybersecurity – Devon Bryan – CSP 70

/in



CISO Thoughts with David Lindner – March 18th

/in


CISO Thoughts with David Lindner - March 18th

Insight #1

If you can accomplish one thing in your AppSec program this year, it should be keeping secrets out of your source code. The number of secrets in source code is doubling year over year, which will lead to more breaches. There are many options to detect secrets both pre and post-commit, implement them both today!

Insight #2

Security is all about the relationships you build. This is especially true for application security professionals. We must have close bonds with our development teams, to not only understand and empathize with their deadlines but also to understand the implications of any security imposed changes. Pick up the phone, open a Zoom call, build those relationships and your success metrics will improve.

Insight #3

President Joe Biden signed the Cyber Incident Reporting For Critical Infrastructure Act of 2022. This act requires critical infrastructure entities and federal government agencies to report cybersecurity incidents within 72hrs of an incident. Transparency is a key component in the cyber security world and can lead to preventing future exploits. If you don’t fall in the defined entities, I would still strongly suggest you follow the requirements to report incidents in a similar fashion.

David Lindner, Chief Information Security Officer

David Lindner, Chief Information Security Officer

David is an experienced application security professional with over 20 years in cybersecurity. In addition to serving as the chief information security officer, David leads the Contrast Labs team that is focused on analyzing threat intelligence to help enterprise clients develop more proactive approaches to their application security programs. Throughout his career, David has worked within multiple disciplines in the security field—from application development, to network architecture design and support, to IT security and consulting, to security training, to application security. Over the past decade, David has specialized in all things related to mobile applications and securing them. He has worked with many clients across industry sectors, including financial, government, automobile, healthcare, and retail. David is an active participant in numerous bug…

Source…

Head of Security Reportedly Fired; CISO to Leave

/in


Application Security
,
Fraud Management & Cybercrime
,
Next-Generation Technologies & Secure Development

Decision Based on Assessment of How the Firm Was Being Led, Says Memo Quoted by NYT

Prajeet Nair (@prajeetspeaks) •
January 22, 2022    

Twitter: Head of Security Reportedly Fired; CISO to Leave
Are security departures at Twitter tied to its recent embrace of web3 technologies?

Twitter has said it is firing Peiter Zatko, the network security expert it hired in November 2020 as head of security.

See Also: Zero Trust Webinar: Research Insights Exploring the Actionable, Holistic & Integrative Approach to Security


Changes in the composition of Twitter’s security team followed “an assessment of how the organization was being led,” according to a company memo shared with The New York Times.


Zatko, known by the handle “Mudge,” gained fame as a member of the Cult of the Dead Cow ethical hacking collective in the 1990s and later moved to top cybersecurity research positions at the Defense Advanced Research and Projects Agency, aka DARPA, and Google.


Twitter CEO Parag Agrawal, who took over from Jack Dorsey in November, also announced that industry veteran Rinki Sethi, the chief information security officer, will be departing in the coming weeks. The company did not specify if the departure is voluntary.


Sethi in a tweet confirmed her departure and said, “It is with a heavy heart that I announce my impending departure from Twitter. Thanks to all of you that have reached out to check in with me, I appreciate all the kind words, thoughts and love being sent my way.”


Neither Sethi nor Zatko responded to ISMG’s request…

Source…

Twitter Reportedly Fires Head of Security, CISO to Leave

/in


Application Security
,
Fraud Management & Cybercrime
,
Next-Generation Technologies & Secure Development

Decision Based on Assessment of How the Firm was Being Led Says Memo Quoted By NYT

Prajeet Nair (@prajeetspeaks) •
January 22, 2022    

Twitter Reportedly Fires Head of Security, CISO to Leave
Departures possibly related to Twitter’s recent embrace of web3 technologies? (Source: ISMG Files)

Twitter has said it is firing Peiter Zatko, the network security expert that it hired late 2020 as head of security.

See Also: Zero Trust Webinar: Research Insights Exploring the Actionable, Holistic & Integrative Approach to Security

The changes in the security team followed “an assessment of how the organization was being led,” according to a company memo shared with The New York Times.

Zatko, known by the handle “Mudge,” gained fame as a member of the “Cult of the Dead Cow” ethical hacking collective in the 1990s and later moved to top cybersecurity research positions at the Defense Advanced Research and Projects Agency, aka DAPRA, and Google.

Twitter’s chief executive Parag Agarwal, who took over from Jack Dorsey in November, also announced that industry veteran Rinki Sethi, the chief information security officer, will be departing in the coming weeks. However, the company did not specify if the departure is voluntary.

Sethi in a tweet confirmed her departure and said, “It is with a heavy heart that I announce my impending departure from Twitter. Thanks to all of you that have reached out to check in with me, I appreciate all the kind words, thoughts and love being sent my way.”

Neither Sethi nor Zatko responded to…

Source…