#ciso

Posts mentioning hashtag #ciso

Below are all the posts — topics as well as replies — that mention the hashtag #ciso.

Mention #ciso in your post to continue the discussion!

Will the new CISO Ann Barron De-Camilo dare to clean up non-performing, product checkboxers

It remains to be seen whether she will be able to address and Drain the Swamp that has accumulated over the past 15–20 years. There is still limited clarity on the actual responsibilities within ISS, beyond attending meetings and adopting titles such as “product manager” without a clearly defined product to manage. Additionally, our current risk‑management structure raises concerns — specifically, why more than 800+ ISS stakeholders are assigned to the exact same risk. Just check boxers. Only a few really understand Computer Science principles - 90% of them just Talk - Presentations - Strategy - with no meat..Of-course there a few gems in ISS but their work will be clouded and the CISO never ever gets to know who are these gems really are..


GTO Security Said WHAT?

was stuck in a GTO security meeting with a VP, an SD, and a D who were completely clueless about security. Honestly, my 12-year-old knows more than these muppets. I get it, though. They probably got roped into this gig after the CISO and the whole team were shown the door to save a few quid. "Who needs a security team? They're just a drain on resources."

I won't spill the beans on the meeting, but let’s just say it involved an HR, ethics, and legal issue that any other company would take seriously. Here? It was all about blaming the victim. When I asked security to check reports or audit records, they shrugged and said they don’t keep those. Really? That’s a load of rubbish. The last security team handed me a year-long report detailing profile baselines and behaviour deviations.

The current GTO security crew is either completely lost or they've slashed costs so much they can't even run the show anymore.


These HSK keys are so stupid

HSK = Hardware Security Key for those that don't know. It's a little USB type device with a fingerprint reader on the top that plugs into the USB-C port. It's quite small and VERY easily losable. Even though "technically" you aren't supposed to leave it in the computer, 99.999% of people do.

The entire "frictionless access" is d-mb. Dell spent all sorts of money on these little HSK keys to be more "secure" but, 99.99% of people just leave them in their computer anyways. They aren't "easier" or more convenient since you have to input your PIN first, THEN put your finger on it. Every place I need to login to that isn't requiring an ADM account, which requires an RSA code, I choose to use just my PIN and sc--w the HSK.

It's faster (JUST the PIN,) one step less and to even use the HSK you literally have to click the option to use it. D-mbest sht I've ever seen so far. If it were fingerprint only and you didnt have to "choose to use the key" then ok, fine.

What a massive waste of money Dell spent on this lol. I'd bet money that everybody's HSK PIN is the same exact PIN they use already. If I had to bet more money, I'd bet that most people's PINs are just their phone number w/o the area code lmfao.

I'm not sure but, unless Dell plans on forcing everyone to use this HSK for logins - with no other options such as a PIN, password, RSA - then wtf was the point in this?