Klogix: Profiles in Confidence – John Masserini
Truly honored to be a featured CISO in the Klogix Profiles in Confidence magazine. Feats of Strength is a business-focused information security magazine created by K logix. They provide a…
Ethisphere/Opus: Risk Management as a Team Sport
Honored to be included in this multi-topic whitepaper on how to manage risk throughout the enterprise by partnering with your business lines. In this special Risk Management report by Ethisphere…
Radware: Places to find cybersecurity talent
An interview with Radware around identifying cybersecurity talent in unexpected places within your enterprise. Companies are scrambling to fill cybersecurity positions. Some 41 percent of CIOs surveyed by recruiting firm…
SecurityWeek: Fighting CyberSecurity FUD and Hype
An interview with SecurityWeek around how FUD permeates the cybersecurity industry and how security vendors use it to sell unnecessary products. Increasingly, vendors have come under scrutiny with the never…
TechTarget: Security’s role in business continuity
TechTarget interview around aligning Crisis Management and Business Continuity with the control structures of the organization. All CISOs have responsibilities and pressures that make the job fun, interesting and sometimes…
CSOonline: Should security pros get special H-1B visa consideration?
An interview with CSOonline around the hiring challenges the security industry continues to face. New U.S. Attorney General Jeff Sessions may disagree about whether there is a shortage of skilled…
SecurityCurrent: CISOs Investigate: User Behavior Analytics
The report includes an overview of the technology, staffing implications, recommendations for selling User Behavior Analytics (UBA) to the C-Suite and possible objections. It also features a market assessment based…
SC Magazine: Diversity, one key to solving cybersecurity job gap
I recently had the honor of participating in an IBM/International Consortium of Minority Cybersecurity Professionals (ICMCP) event in Manhattan. This is coverage of the panel I was on which discussed…
The Army of Things in an IoT World
The Internet of Things is here.. By now, you’re probably well aware of the fate recently befallen on the Brian Krebs site KrebsOnSecurity.com. A Distributed Denial of Service (DDoS) attack…
SecurityCurrent: Podcast with Barmak Meftah, President and CEO AlienVault, About Threat Detection and Response
In this conversation, MIAX Options CSO John Masserini discusses the threat detection and response space with AlienVault President and CEO Barmak Meftah. An early adopter of threat intelligence, Masserini notes…
SecurityWeek: Inside The Competitive Testing Battlefield of Endpoint Security
Interview in SecurityWeek around the pros/cons of legacy antivirus endpoint and next-gen antivirus endpoint solutions. There is bad feeling between what can be described as traditional antivirus (Trad AV) and…
SecurityInnovation: CISOs Guide to Application Security
As infrastructures become increasingly fragmented and distributed, the need for a strong application security program becomes more and more critical. Cloud-based hosts, server-less architectures, and Applications as a Service require…
The Little Green Devil – Android GODLESS has arrived
Consider this if you will, that at the end of 2015, Google estimated there were 1.4 billion Android devices in use worldwide, and its over 2 billion devices when you…
SC Magazine: Case study on Privileged Access
The MIAX Security team was honored to be a case study on deploying a real-world, fully integrated Privileged Access Management solution. The MIAX Options Exchange needed more than a way…
Privileged Account Management: A BeyondTrust Case Study
A case study on the enterprise-wide deployment of a fully integrated privileged account management solution, the potential deployment challenges, and the numerous post-deployment security and productivity benefits. Challenge: Provide Regulatory…
The Best Security Control You Never Use
Consider for a moment the business lines that drive your company’s revenue. If the president of that business unit had an 85% assurance that a new business venture would be…
The Current State and Future of Biometrics
Recently, I had the opportunity to sit down with Morey Haber, VP of Technology, BeyondTrust to discuss the future of biometrics and the role it played in advanced authentication techniques.…
One2One Summits: Episode 9: David Cass and John Masserini
One2One Summit podcast where David Cass, CSO for IBM Cloud and SaaS solutions, and I sit down and discuss the challenges of modern technology in a legacy environment, the hiring…
A Perspective From The Outside
Being someone who’s spent the better part of his InfoSec career in the greater NYC area, one tends to become acutely aware of the millions of people who surround them…
A CISO’s Guide to RSA Conference 2016
Look, let’s be frank – the week of the RSA Conference is a scheduling nightmare. On easy days it takes effort to manage, and on difficult days it’s completely unwieldy.…
SecurityCurrent: 10 CISOs Say Passwords are Failing and Must be Augmented or Supplanted
A SecurityCurrent interview around the demise of passwords and a need for a capable password-replacement solution. Ten CISOs from across industries weigh in on the effectiveness of passwords, with most…
Alice and Bob’s Entangled Quantum Relationship
Quantum Key Distribution (QKD), Quantum Entanglement (QE), and Quantum Random Number Generators (QRNG) are turning the cryptography world upside down. Indeed, one of the most enjoyable aspects of being in…
Three Things to Consider in 2016
With having a bit of downtime over the holiday season this year, I had an opportunity to catch up on a lot of my fellow security pundits predictions for 2016.…
It’s All About the (Privileged) User
Some time ago, I had a moment of introspection, which oddly, sounded a lot like Redd Foxx, in his best deadpan Fred Sanford delivery…. ‘It’s the privileged user …. Dummy!’…
An Open Letter to Security Vendors – Part III
The Good.. The Bad.. The Tech.. In Part I, we discussed the issues around vendors marketing approach and the failed messaging that’s resulted. In Part II, we reviewed the need…