The Internet of Things (IoT)

August 21, 2015January 1, 2016 / Miguel Bigueur / Leave a comment

IOT

IoT may not be apparent in the lives of many but it’s largely already present. Perhaps it’s a lack of imagination, ingenuity, or observation, on the part of consumers but IoT encompasses far more than anyone had previously envisioned. IoT touches virtually every aspect of our daily lives with the purpose of adding conveniences that didn’t exist before. How does this impact industry including auto manufacturers and healthcare providers? These questions are what drives this discussion and will be explored in this paper by referencing recent events as they are happening today.

Continue reading →

Risk vs. Costs of using a template or custom IT Security policy

August 21, 2015January 1, 2016 / Miguel Bigueur / Leave a comment

Policy

Example IT security policy power point presentation:

Assumptions:

You were just hired as the CISO for ABC Medical Services, a large, hospital chain that:

provides services in six hospitals within the New England area,
has IT systems supporting both administrative (e.g., email, accounting systems, etc.) and critical life support medical services,
accepts credit card payments for hospital services,
does not have an IT Security Policy, and
did not previously have a dedicated IT Security function.

The hospital’s Board of Directors is composed of only medical professionals, with no IT background, but the C level officers (e.g., CEO, CIO, CFO, etc.) are all very proficient in their specialties. The Board of Directors and the C level officers only have a superficial understanding of IT security.

Continue reading →

Plan A B or C Choice Showing Strategy Change Or Dilemmas

figure 1

Incident coordinator pressing INCIDENT RESPONSE on an interactive touch screen. Computer security concept. Man in blue suit is highlighting an open lock among forensic tool icons signifying a breach.