IBM 2017 Cost of Data Breach Study – United States

IBM® is proud to sponsor the 12th annual Cost of Data Breach Study, the industry’s gold-standard benchmark research, independently conducted by Ponemon Institute. This year’s study reports the global average cost of a data breach is down 10 percent over previous years to $3.62 million. The average cost for each lost or stolen record containing sensitive and confidential information also significantly decreased from $158 in 2016 to $141 in this year’s study.

Source: IBM 2017 Cost of Data Breach Study – United States

Event Registration

Organizations rely heavily on cybersecurity analysts to protect themselves from cyberattacks. With the traditional approach of threat monitoring and investigation, analysts may run the risk of missing the true indicators of compromise or not having sufficient time to deal with legitimate security threats. So what should organizations do to overcome this challenge?

Source: Event Registration

Data Scientist Jobs Top Glassdoor List

It’s official: Data scientist jobs have reached the top of Glassdoor’s Best Jobs in America list in 2016 and 2017 with an overall job score of 4.8 out of 5, a job satisfaction score of 4.4 out of 5 and a median base salary of $110,000.  This is why I went back to grad school to pursue a degree in both Data Science and Security!

Source: Data Scientist Jobs Top Glassdoor List

Insider Threat Detection Use Case – IBM Security

Expose the attacker inside your networkInsider threats account for 60 percent of cyber attacks, and they are incredibly difficult to detect. In fact, most cases go unnoticed for months or years. Regardless of whether the insider is a malicious employee or a contractor whose credentials have been compromised, security teams need the ability to quickly and accurately detect, investigate and respond to these potentially damaging attacks.

Source: Insider Threat Detection Use Case – IBM Security

Guardium Tech Talk: 4 Reasons to Love the New Guardium Data Encryption

Learn more about why people are excited over the encryption capabilities in Guardium Data Encryption v3.0. You need more than a one-size-fits all approach to encryption, and Guardium Data Encryption is outfitted with many new features to help address a wide variety of encryption needs. Join this “don’t miss” tech talk to learn more about these capabilities and the encryption scenarios they support, including: Tokenization Application encryption Teradata encryption Live data transformation (encryption of data without requiring that you create a copy first)

Source: Guardium Tech Talk: 4 Reasons to Love the New Guardium Data Encryption

Cybersecurity Nexus (CSX) 2017

The CSX North America Conference is an annual event focused on cybersecurity and current cyber threats.Run by ISACA (previously known as the Information Systems Audit and Control Association), CSX 2017 will offer keynotes address, education sessions and workshops as well as an exhibition. Participants will learn about the latest cybersecurity training, tools, and tactics.

Source: Cybersecurity Nexus (CSX) 2017

Top 10 cyber security tips

There are some things you can do to protect your personal information from getting exposed to hackers.  Here are 10 tips you need to start doing now.

  1. Make sure your password is secure. Passwords are the first line of defense. Use a password that contains both upper and lowercase letters as well as numbers and special characters. The more complex your password is, the harder it is for hackers to compromise.
  2. Never use personal information in your password. It’s a bad idea to use your name or that of a spouse, child or pet as a password. The same is true of birthdays or phone numbers, as this information is also widely available via a Google search of your name.
  3. Make sure your OS software is up to date. Hackers continuously come up with new ways to infiltrate security systems, so it pays to make sure your browser has the latest security patches. When prompted to update your operating system software, take time to do it.
  4. Don’t leave your computer unattended when logged in to a site. It can be tempting to leave your browser open if you have to leave your PC for a few minutes, but that’s a golden opportunity for snoopers. Close all applications and log off before you step away.
  5. Create a “burner” email address. It’s a good idea to open a free email account with sites like Gmail that you can give out when you’re required to provide an email online or open an ecommerce account. You’ll avoid spam at your primary address and reduce vulnerability.
  6. Password-protect mobile devices. Many people don’t bother creating a password or PIN for their mobile phone or tablet, which is a big mistake. Like PCs, phones and tablets typically have sensitive account information on them that also needs to be kept safe.
  7. Use different passwords for all the registered sites you visit. Many people make the mistake of using the same password for all the sites they visit, but that means that a hacking incident on one site compromises all of their online accounts.
  8. Change passwords frequently. If you change your password frequently, you’ll decrease the likelihood that you’ll lose valuable information in a hacking incident. Aim for making a change to all registered passwords approximately every 30 days.
  9. Set your email to read plain text only. One way hackers target victims is to monitor when emails are opened by embedding an image that displays automatically. If you set your email to display plain text only, you can manually open emails from trusted senders.
  10. Don’t keep a password list. If you’re following good security practices, you’ll create strong passwords and change them frequently. But keeping an unencrypted list of passwords on your PC defeats the whole purpose.

Source: Top 10 cyber security tips

CISO’s Tough Decision: Security On-Prem, Cloud or Both?

Managing application security on-premises and in the cloud can be tricky. Whether CISOs want it or not, cloud transition will happen. As a CISO, you need to be ready to align operations with future company requirements and to determine when security solutions should be hosted on-premises, in the cloud or by using a hybrid model.

Join this webinar featuring Shahar Ben-Hador, Chief Information Security Officer (CISO) and Nabeel Saeed, Cloud Security Evangelist for a lively interactive session that will discuss:

•How to secure your company’s cloud expansion
•Which assets should be hosted in the cloud vs. on-prem
•What pace you should be moving at to reach your end goal
•How to maximize flexibility and performance for IT operations with cloud security


Source: CISO’s Tough Decision: Security On-Prem, Cloud or Both?

IBM Security Bulletin: WebSphere Portal vulnerable to unauthorized access to user directory CVE-2013-3016 – United States

Flash Alert


WebSphere Portal is vulnerable to unauthorized access to user directory

via IBM Security Bulletin: WebSphere Portal vulnerable to unauthorized access to user directory CVE-2013-3016 – United States.

IBM Online Privacy Statement Highlights – United States


The IBM Online Privacy Statement applies to IBM’s and our affiliates’ Web sites that link to the Statement. Below are some of the highlights of the Statement.

via IBM Online Privacy Statement Highlights – United States.