volume 3 | issue 5 | may 2019...rajkumar@eccouncil.org index editor’s note jay bavisi...
Post on 02-Feb-2021
2 Views
Preview:
TRANSCRIPT
-
Volume 3 | Issue 5 | May 2019
-
CISO MAG | May 2019 CISO MAG | May 2019
Volume 3 I ssue 5
32
Volume 3 I ssue 5
倀刀伀嘀䤀匀䔀 䘀伀刀 夀伀唀倀爀漀嘀椀猀攀 椀猀 愀渀 䤀渀搀攀瀀攀渀搀攀渀琀Ⰰ 瀀爀漀搀甀挀琀 愀最渀漀猀琀椀挀 爀攀猀攀愀爀挀栀 搀爀椀瘀攀渀 䄀搀瘀椀猀漀爀礀 ǻ爀洀 猀瀀攀挀椀愀氀椀稀椀渀最 椀渀 䜀刀䌀 愀渀搀 䌀礀戀攀爀 匀攀挀甀爀椀琀礀 倀爀漀昀攀猀猀椀漀渀愀氀 匀攀爀瘀椀挀攀猀⸀
圀栀愀琀 猀琀愀爀琀攀搀 眀椀琀栀 琀眀漀 瀀攀漀瀀氀攀 椀渀 ㈀ 椀猀 渀漀眀 愀渀 攀渀琀椀琀礀 猀瀀愀渀渀椀渀最 愀挀爀漀猀猀 爀攀最椀漀渀猀 眀椀琀栀 愀 最氀漀戀愀氀 瀀漀爀琀昀漀氀椀漀 漀昀 氀攀愀搀椀渀最 挀甀猀琀漀洀攀爀猀⸀
匀椀渀挀攀 椀琀猀 椀渀挀攀瀀琀椀漀渀 椀渀 ㈀ Ⰰ 倀爀漀瘀椀猀攀 栀愀猀 攀砀瀀愀渀搀攀搀 椀琀猀 昀漀漀琀瀀爀椀渀琀 椀渀 㜀 挀漀甀渀琀爀椀攀猀 愀渀搀 栀愀猀 愀爀漀甀渀搀 㜀㔀⬀ 匀甀挀挀攀猀猀昀甀氀 瀀爀漀樀攀挀琀猀 攀砀攀挀甀琀攀搀⸀
䄀猀 漀昀 琀漀搀愀礀Ⰰ 倀爀漀瘀椀猀攀 椀猀 愀 吀爀甀猀琀攀搀 挀礀戀攀爀 猀攀挀甀爀椀琀礀 瀀愀爀琀渀攀爀 椀渀 唀䄀䔀 昀漀爀 琀栀攀 䰀愀爀最攀猀琀 倀漀氀椀挀攀 䘀漀爀挀攀Ⰰ 䰀愀爀最攀猀琀 刀攀愀氀 䔀猀琀愀琀攀 䘀椀爀洀Ⰰ 䰀愀爀最攀猀琀 吀攀氀攀挀漀洀 䌀漀洀瀀愀渀礀Ⰰ䰀愀爀最攀猀琀 䔀渀琀攀爀琀愀椀渀洀攀渀琀 䤀猀氀愀渀搀 愀渀搀 猀琀爀椀瘀椀渀最 昀漀爀 洀甀挀栀 洀漀爀攀⸀
伀唀刀 䈀唀匀䤀一䔀匀匀 䰀䤀一䔀匀
吀攀挀栀渀漀氀漀最礀 䜀漀瘀攀爀渀愀渀挀攀Ⰰ 刀椀猀欀 愀渀搀䌀漀洀瀀氀椀愀渀挀攀 愀搀瘀椀猀漀爀礀 戀甀猀椀渀攀猀猀
圀䤀一一䤀一䜀 䤀匀 一伀圀 䄀 䠀䄀䈀䤀吀 䤀一 倀刀伀嘀䤀匀䔀
䤀渀搀甀猀琀爀礀 猀瀀攀挀椀昀椀挀 Ⰰ 吀栀爀攀愀琀 䌀攀渀琀爀椀挀 䌀礀戀攀爀匀攀挀甀爀椀琀礀 䄀猀猀甀爀愀渀挀攀 愀渀搀 䴀漀渀椀琀漀爀椀渀最
刀☀䐀 䤀匀 吀䠀䔀 䌀伀刀䔀 伀䘀 䄀䰀䰀 匀䔀刀嘀䤀䌀䔀匀 䄀一䐀 倀刀伀䨀䔀䌀吀匀
倀爀漀搀甀挀琀 䔀渀最椀渀攀攀爀椀渀最 愀渀搀 刀☀䐀 椀猀 氀漀挀愀琀攀搀 椀渀 䈀攀渀最愀氀甀爀甀⸀
䜀刀䌀 䌀伀䜀一䤀吀䤀嘀䔀 倀䰀䄀吀䘀伀刀䴀 䌀夀䈀䔀刀 匀䔀䌀唀刀䤀吀夀 倀䰀䄀吀䘀伀刀䴀
椀渀渀漀瘀愀琀椀漀渀 搀椀猀琀椀渀最甀椀猀栀攀猀戀攀琀眀攀攀渀 愀 氀攀愀搀攀爀 愀渀搀 愀 昀漀氀氀漀眀攀爀
嘀椀猀椀漀渀 吀漀 戀攀 琀栀攀 挀甀猀琀漀洀攀爀猀 瀀愀爀琀渀攀爀
漀昀 挀栀漀椀挀攀 昀漀爀 猀愀昀攀最甀愀爀搀椀渀最 琀栀攀椀爀 搀椀最椀琀愀氀 愀猀猀攀琀猀
䴀椀猀猀椀漀渀 ㈀ ㈀ 吀漀瀀 ㌀ 䌀礀戀攀爀 匀攀挀甀爀椀琀礀 刀攀猀攀愀爀挀栀 䘀椀爀洀猀 椀渀 䄀猀椀愀 一漀⸀ 䜀刀䌀 倀氀愀琀昀漀爀洀 䜀氀漀戀愀氀氀礀 一漀⸀ 䜀刀䌀 䌀漀渀猀甀氀琀椀渀最 䘀椀爀洀 䜀氀漀戀愀氀氀礀
伀唀刀 䐀一䄀
-
CISO MAG | May 2019 CISO MAG | May 2019
Volume 3 I ssue 5
54
Volume 3 I ssue 5
In the InfoSec community, it is quite commonly said that data is the new oil
that is fueling the entire world at several different levels, including the cars
we drive. With several vulnerabilities in the automotive industry and road
safety grabbing more attention than ever, it is of paramount importance that
the world floors the accelerator pedal of a secure vehicle inching toward a
safe future. In our Cover Story, we explore threats in the space and discuss
how drivers can stay on the road with the help of big data and analytics. We
also delve deeper into several big data initiatives in this space including
data collection, smart cars, advanced applications, and reducing driving
distractions.
Move to our Buzz section, where we discuss how stronger mergers &
acquisitions IT due diligence is needed to reduce enterprise risk. The story
explores aspects like things to take care while finalizing the agreement and
importance of IT assessment. In Under the Spotlight, we interview Brian
Harrison, CEO of AVORD Group, who talks about his journey, industries
that are more vulnerable to cyber attacks, approach toward automation and
orchestration of cyber threats, and essentials organization must adopt as
best cybersecurity practices.
Tell us what you think of this issue. If you have any suggestions, comments
or queries, please reach us at editorial@cisomag.com.
* Responsible for selection of news under PRB Act. Printed & Published by Apoorba Kumar, E-Commerce Consultants Pvt. Ltd., Editor: Rahul Arora.The publishers regret that they cannot accept liability for errors & omissions contained in this publication, howsoever caused. The opinion & views contained in this publication are not necessarily those of the publisher. Readers are advised to seek specialist advice before acting on the information contained in the publication which is provided for general use & may not be appropriate for the readers’ particular circumstances. The ownership of trade marks is acknowledged. No part of this publication or any part of the contents thereof may be reproduced, stored in a retrieval system, or transmitted in any form without the permission of the publishers in writing.
Volume 3 | Issue 5May 2019
EditorialInternational EditorAmber Pedroncelli
amber.pedroncelli@eccouncil.org
Principal EditorRahul Arora
rahul.arora@eccouncil.org
Senior Feature WriterAugustin Kurian
augustin.k@eccouncil.org
Feature Writer Rudra Srinivas
rudra.s@eccouncil.org
Media and DesignMedia Director
Saba Mohammadsaba.mohammad@eccouncil.org
Sr. Graphics DesignerSameer Surve
sameer.s@eccouncil.org
ManagementExecutive DirectorApoorba Kumar*
apoorba@eccouncil.org
Senior Director, Compliance & Governance
Cherylann Vanderhidecherylann@eccouncil.org
Deputy Business HeadJyoti Punjabi
jyoti.punjabi@eccouncil.org
Marketing and Business Development Officer
Riddhi Chandrariddhi.c@eccouncil.org
Digital Marketing ManagerJiten Waghela
jiten.w@eccouncil.org
Publishing Sales Manager Taruna Bose
taruna.b@eccouncil.org
TechnologyDirector of Technology
Raj Kumar Vishwakarmarajkumar@eccouncil.org
INDEX
EDITOR’S NOTE
Jay BavisiEditor-in-Chief
BUZZ Stronger M&A Due Diligence: A Key to Reducing Enterprise Risk
08
COLLABORATIONSInfoSec Partnerships
38
IN THE HOTSEATHigh-Profile Appointments in the
Cybersecurity World
54
UNDER THE SPOTLIGHTBrian Harrison
CEO of AVORD Group
16
COVER STORYBig Data making roads safer
26
IN THE NEWSTop Stories from the Cybersecurity World
48
KICKSTARTERSStartups Making Waves in the Cybersecurity World
6054
1608
60
26
38 48
-
CISO MAG | May 2019 CISO MAG | May 2019
Volume 3 I ssue 5
76
Volume 3 I ssue 5
Advertisement
From the CISO Perspectiveto Cloud Security Assessments
The secret is out:Enterprises large and small have moved to the cloud,
and more are making the move daily. Whether you’re an early adopter or you’ve been battling that persistent
strain of nephophobia going around, it’simportant to thoroughly understand and evaluate
potential cloud vendors, instilling confidence for your organization and your customers.
Learn How to Make the Leap With Confidence
http://bit.ly/2ivU4l9
Download our Cloud Security Toolkit to help you evaluate
potential cloud vendors.
Get insight into how other companies are approaching
cloud opportunities, andinstill confidence across your
organization today.
-
CISO MAG | May 2019 CISO MAG | May 2019
Volume 3 I ssue 5
98
Volume 3 I ssue 5BUZZ BUZZBUZZ BUZZ
98
Stronger M&A Due Diligence: A Key to Reducing Enterprise Risk
By Reggie Best, President, Lumeta Solutions, FireMon
-
CISO MAG | May 2019 CISO MAG | May 2019
Volume 3 I ssue 5
1 110
Volume 3 I ssue 5
1 110
Cybersecurity has
become a major issue
in the success or
failure of M&A activity.
There are countless
cases where M&A has derailed or
prices are renegotiated due to security
issues with the target company. Or,
worse yet, acquirers wind up gaining
little or no value from an acquisition
due to extensive cybersecurity issues
discovered after the deal closes.
While these incidents have
created greater awareness around
cybersecurity in the M&A process,
IT due diligence – a major factor in
reducing security and compliance risk
– remains lacking. Common mistakes
in the IT due diligence process include:
Focusing solely on “getting the deal done”
Acquirers often still focus primarily on
business and financial issues, and do not
fully explore potential cybersecurity
and compliance challenges.
Placing unrealistic demands on IT
IT organizations that are already
stretched thin are often given near-
impossible deadlines to make critical
changes to networks as part of the
integration process, without being
given the information they need to
deliver network availability, security
and compliance.
Performing a limited IT assessment
Many acquisitions or mergers require
the purchased organization to provide
detailed documentation of network
assets. Companies often make the
incorrect assumption that taking a
cross section of an enterprise network
will provide a sufficient model for the
entire enterprise – which often results
in gaps in network infrastructure
visibility.
These practices are puzzling, at
best, and an IT nightmare at worst
– introducing enterprise risk and
resulting in network outages, project
delays and huge cost overruns.
Strengthening IT Due Diligence to Reduce Enterprise RiskWhen it comes to merging two
organizations’ entire networks
without introducing unnecessary risk,
organizations need to implement
stronger IT due diligence throughout
the M&A lifecycle. Here are some
high-level best practices to consider
throughout each phase of the journey.
1) Pre-Merger: Achieve Real-Time Network Visibility
The first and most important step in
successfully merging two networks is
to conduct a detailed examination of
the state of the infrastructure to identify
BUZZ BUZZBUZZ BUZZ
SUBSCRIBE NOW
FOR COMPLETE ISSUE
https://store.eccouncil.org/product/ciso-mag-annual-membership-fee-2/
rajkumareccouncilorg: undefined: undefined_2: undefined_3: 1: 2: undefined_4: undefined_5: undefined_6: undefined_7: undefined_8: Reducing Enterprise Risk:
top related