ITSPmagazine | At the Intersection of IT Security & Society™
View this email in your browser
“There will come a time when it isn't 'They're spying on me through my phone' anymore. Eventually, it will be 'My phone is spying on me'.” 

― Philip K. Dick
This newsletter is brought to you by:

Click on the logo to visit their company page on ITSPmagazine and learn about them.

ITSPmagazine is a free publication and all the content we create is made possible by our own passion and the generosity of our sponsors. We are ever so grateful for your support.

*Are you considering an ITSPmagazine sponsorship?
Visit our Media Kit, or simply contact us to talk about it.

If you have a story to share and want to join us as we cover our next set of conferences
InfoSec EU, RSAC APJ, Black Hat USA and DEFCONwe invite you to discover the benefits of our conference coverage sponsorship program and let us know if you are interested in joining us for our adventures.
We look forward to many more exciting events!


Stay tuned, enjoy this week's content, and share it recklessly with everyone.
They will thank you.

Now that the RSA Conference content has been produced and shared we must catch up on some of our timeless chronicles and experts corner articles.

But before we do that, we announce that we are back to our regular schedule with our weekly Unusual Gathering and this one was most certainly worth the wait. 

Yes, of course, we missed you too! 😉



Unusual Gathering | Episode XXV | Guests Stina Ehrensvard And Joseph Carson

Conversations At The Intersection Of IT Security And Society

Stina Ehrensvard | Joseph CarsonHosts

It’s a password-less future. Or is it?

Passwords were supposed to be dead 15-20 years ago.
But, hey, here we are still talking about them. Why?

To begin to answer this question, let’s start with why we are using passwords and what is seriously wrong with them.

If passwords do remain, what is their role going to be? Have we abused the password as a system by applying it everywhere with not enough consideration of the possible negative consequences of this practice, even when paired with a second or multi-factor strategy?

The answer may sit squarely in how we, as a society, look at trust. Trust is at the core of our human interactions and it scales according to different situations. But to start, it must be there as the base to be built upon. It is not a given, shouldn’t be taken for granted, and is a process that can be adapted for the online world and whole validation system if the model is defined in such a way that it works in conjunction with human nature, not against our natural inclinations.

New regulations may be required, additional privacy standards may need to be applied, and most certainly some cultural changes will be necessary to see these stars align. The good news is, our unusual gathering guests on today’s show all feel comfortable that the future of the Internet looks bright, safe, simpler and dynamic.


Read the full article and enjoy the podcast
📜 A chronicle and a podcast 🎙
from Sean Martin for 'At The Edge' Column 

By Sean Martin

In today’s episode, Sean Martin chats with Anand Raghavan, Co-founder & Chief Product Officer at Armorblox, and Chuck Drobny, President & CEO at GlobaLogix, about two hot topics that are a regular thorn in our InfoSec sides: phishing and business email compromise. They explore how the industry is leading us to overcome this challenge, beginning with user awareness training and IT security training, before taking a turn to the technology stack, user workflows, business automation and security management orchestration.

📜 A chronicle and a podcast 🎙
From Sean Martin and Selena Templeton for 'The Academy' Column 

By Sean Martin and Selena Templeton

Sean Martin and Selena Templeton had the great pleasure of sitting down with Heather Ricciuto, Academic Outreach Leader at IBM Security, at this year’s RSA Conference. In this podcast, we talk about all things educational when it comes to attracting and retaining cybersecurity talent. Traditionally, companies like IBM have focused on recruiting from 4-year universities, but how are you going to build a pipeline when you’re recruiting from the same top schools and competing for the same talent?

📜 A chronicle and a podcast 🎙
From Sean Martin for 'The Academy' Column 

By Sean Martin

Today I am joined by two long-time cyber professionals doing great things to help fill the cyber talent pool with candidates from all walks of life: Julian Waits from Devo and ICMCP, and Ed Moyle from The Prelude Institute. InfoSec isn’t the first industry faced with a shortage in the workforce, so we don’t need to reinvent the wheel. Listen in as we talk through some of the scenarios to uncover how we might learn from other industries and roles, such as that of nursing.

Sponsored Content

Inside The Mind Of A CISO

With rapidly expanding attack surfaces, motivated adversaries, and the growing shortage of full-time infosec professionals, organizations are fighting a losing battle. One thing is clear: We need a new approach.

Join Bugcrowd CSO David Baker and ESG Senior Analyst and Group Director Doug Cahill on Thursday, April 18 at 10am PT / 1 pm ET for a discussion on the key findings of the ESG Research Insights Report, Security Leadership Study - Trends in Application Security, including topics like:

Challenges with current application security testing methods
Crowdsourced security adoption and benefits
Security leadership application security priorities
DevSecOps adoption with the enterprise

Register For This Webinar

From Our Experts Corner
Are New Vulnerabilities A Tipping Point In 2019?

The theme of the vulnerability onslaught continues in 2019. And things are only getting more complex as we continue to write more lines of code to control all of the things we are connecting to the Internet. In this Experts Corner, Doug Mechaber gives some insight into these complexities as it relates to identifying and measuring vulnerability-driven risk.

Read More →
From Our Experts Corner
How NAC And CIS Controls Go Hand-In-Hand

For midsize companies, the best practices outlined in the “First 5 CIS Controls” provide a solid foundation for securing their IT environments and reducing their level of exposure to the vast majority of security threats. Ofer Amitai, CEO and co-founder of Portnox, discusses how NAC provides coverage for these controls.

Read More →
Sponsored Content

Unleash Your Analysts. Evolve Your SOC.

As the front line defense in stopping adversaries, SecOps teams are critical in securing the enterprise. Yet as the complexity of data types and volumes increase, SOC analysts are drowning in data that is overwhelming in volume, noise, and difficult to extract insights from. 

It’s time for SecOps to evolve

From Our Experts Corner

There’s a cloud-based avatar of you that knows your habits, desires, needs and preferences with timeliness and pinpoint accuracy. It sounds futuristic, but it’s entirely achievable now thanks to the data you willingly supply companies with. But what happens, Leigh-Anne Galloway, Cyber Security Resilience Lead at Positive Technologies, asks, when any one of these multitudes of data sources is breached?

ITSPmagazine is, and will always be a free publication.

As we grow ITSPmagazine, we are offering very affordable sponsorship opportunities.

If you like what we do, share our values, and would like to associate your brand with ITSPmagazine, we invite you to consider becoming a sponsor.

Explore Our Media Kit

Help us spread cybersecurity awareness and education.

Thanks for sharing our newsletter with family, friends, neighbors, peers, and colleagues!

Keep in touch with us


imsmartin consulting
Copyright© 2019 imsmartin consulting, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list