How one healthcare CISO is navigating the COVID-19 disaster

Gourav Mukherjee is a managing partner at vCISO firm Immersion Security. Since January he has been acting CISO at a private equity-backed healthcare company with hundreds of locations across the US. In addition to managing security for the organization, Mukherjee now must deal with business continuity issues. “They have internal security staff but don’t have the expertise and leadership above a director level and are without a CISO at the moment,” he says.

Mukherjee contracted COVID-19 during a meeting in Florida. He has been in isolation and though he described the experience as akin to having flu and bronchitis at the same time, he is through the worst of it. “I think I was better equipped because I work in the security space and provide virtual services. For me to move some of the in-person meetings that I have in the last week to online wasn’t a big deal.”

To read this article in full, please click here

How one healthcare CISO is navigating the COVID-19 disaster

Gourav Mukherjee is a managing partner at vCISO firm Immersion Security. Since January he has been acting CISO at a private equity-backed healthcare company with hundreds of locations across the US. In addition to managing security for the organization, Mukherjee now must deal with business continuity issues. “They have internal security staff but don’t have the expertise and leadership above a director level and are without a CISO at the moment,” he says.

Mukherjee contracted COVID-19 during a meeting in Florida. He has been in isolation and though he described the experience as akin to having flu and bronchitis at the same time, he is through the worst of it. “I think I was better equipped because I work in the security space and provide virtual services. For me to move some of the in-person meetings that I have in the last week to online wasn’t a big deal.”

To read this article in full, please click here

4 steps to construct redundancy into your safety group

Avoid central points of failure or compromise.

This fundamental tenet of information security applies not only to systems and networks, but to individuals during a time of pandemic. Key cybersecurity staff, more often than not, possess singular knowledge of an organization’s infrastructure, including credentials. What happens if COVID-19 incapacitates a critical member of the security team for an extended time—or worse?

While the odds of any given individual winding up in the intensive care unit because of COVID-19 is small, given a large enough employee pool a certain number will inevitably become severely ill. Ensuring that no individual’s absence grinds your business to a halt should be top of mind for every security leader right now.

To read this article in full, please click here

4 steps to construct redundancy into your safety crew

Avoid central points of failure or compromise.

This fundamental tenet of information security applies not only to systems and networks, but to individuals during a time of pandemic. Key cybersecurity staff, more often than not, possess singular knowledge of an organization’s infrastructure, including credentials. What happens if COVID-19 incapacitates a critical member of the security team for an extended time—or worse?

While the odds of any given individual winding up in the intensive care unit because of COVID-19 is small, given a large enough employee pool a certain number will inevitably become severely ill. Ensuring that no individual’s absence grinds your business to a halt should be top of mind for every security leader right now.

To read this article in full, please click here

4 steps to construct redundancy into your safety workforce

Avoid central points of failure or compromise.

This fundamental tenet of information security applies not only to systems and networks, but to individuals during a time of pandemic. Key cybersecurity staff, more often than not, possess singular knowledge of an organization’s infrastructure, including credentials. What happens if COVID-19 incapacitates a critical member of the security team for an extended time—or worse?

While the odds of any given individual winding up in the intensive care unit because of COVID-19 is small, given a large enough employee pool a certain number will inevitably become severely ill. Ensuring that no individual’s absence grinds your business to a halt should be top of mind for every security leader right now.

To read this article in full, please click here

4 steps to construct redundancy into your safety staff

Avoid central points of failure or compromise.

This fundamental tenet of information security applies not only to systems and networks, but to individuals during a time of pandemic. Key cybersecurity staff, more often than not, possess singular knowledge of an organization’s infrastructure, including credentials. What happens if COVID-19 incapacitates a critical member of the security team for an extended time—or worse?

While the odds of any given individual winding up in the intensive care unit because of COVID-19 is small, given a large enough employee pool a certain number will inevitably become severely ill. Ensuring that no individual’s absence grinds your business to a halt should be top of mind for every security leader right now.

To read this article in full, please click here

4 steps to construct redundancy into your safety staff

Avoid central points of failure or compromise.

This fundamental tenet of information security applies not only to systems and networks, but to individuals during a time of pandemic. Key cybersecurity staff, more often than not, possess singular knowledge of an organization’s infrastructure, including credentials. What happens if COVID-19 incapacitates a critical member of the security team for an extended time—or worse?

While the odds of any given individual winding up in the intensive care unit because of COVID-19 is small, given a large enough employee pool a certain number will inevitably become severely ill. Ensuring that no individual’s absence grinds your business to a halt should be top of mind for every security leader right now.

To read this article in full, please click here

Singapore Authorities tries a second, expanded bug bounty

The Singapore Government has announced a new short-term bug bounty program to for external hackers to find vulnerabilities in nine key government-run websites.

The bug bounty is being overseen by the Government Technology Agency of Singapore (GovTech) and the Cyber Security Agency of Singapore (CSA).

The three week bug hunting program is limited to internet-facing systems and will focus on nine widely-used systems, including the GovTech-run SingPass and MyInfo websites for transacting with government agencies online; the Singapore Land Authority’s OneMap website and and mobile app; and the Monetary Authority of Singapore’s MASNET and MAS corporate websites used by financial institutions.

To read this article in full, please click here