Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Is There Room For The Both Of Them?
Newest First  |  Oldest First  |  Threaded View
JasonSachowski
JasonSachowski,
User Rank: Author
4/3/2014 | 11:16:55 AM
Re: Is There Room For The Both Of Them?
It would seem that the community of InfoSec Futurists are being recognized as Strategists; or maybe even Architects.  At the end of the day does the title of Futurists, Strategist, and so on really make a difference when it comes providing the business with intelligent decisions for future planning?  If we are positioned to get a panoramic view of these drivers and the future impact, could we also go the extra mile and also develop the strategic plans?
Marilyn Cohodas
Marilyn Cohodas,
User Rank: Strategist
4/2/2014 | 10:38:11 AM
Re: Is There Room For The Both Of Them?
Thanks for starting this message thread, @JasonSachowski

I have a follow up questions: Are there "Futurists" in corporate InfoSec programs now? Are they recognized as such or ad hoc members of the team. 
JasonSachowski
JasonSachowski,
User Rank: Author
4/2/2014 | 9:25:44 AM
Is There Room For The Both Of Them?
Using the term "Futurist" might make you think of tarot cards or crystal balls.  Rather, a Futurist is somebody who spends time thinking about and understanding drivers that will shape and impact our future.  You might be thinking, "we have strategists isn't that the same thing", but in reality they are two separate yet interconnected roles; here's some context around this. 

A Futurist might say something like, "By 2020 the use of integrated systems (aka Digital Life Assistants) will be pervasive"; where a Strategist would take this statement and say something like, "By 2020 we must deploy data-centric solutions - such as A,B,C - to secure the co-existence and interoperability of dissimilar data".

So this begs the question, is there room for Futurists and Strategists within your Information Security program?


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Black Hat USA 2022 Attendee Report
Black Hat attendees are not sleeping well. Between concerns about attacks against cloud services, ransomware, and the growing risks to the global supply chain, these security pros have a lot to be worried about. Read our 2022 report to hear what they're concerned about now.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-22489
PUBLISHED: 2022-08-19
IBM MQ 8.0, (9.0, 9.1, 9.2 LTS), and (9.1 and 9.2 CD) are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226339.
CVE-2022-23459
PUBLISHED: 2022-08-19
Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead to memory corruption via a double free or via a use after free. The value class has a default assignment operator which may be used with pointer types which may point t...
CVE-2022-0542
PUBLISHED: 2022-08-19
Cross-site Scripting (XSS) - DOM in GitHub repository chatwoot/chatwoot prior to 2.7.0.
CVE-2022-36577
PUBLISHED: 2022-08-19
An issue was discovered in jizhicms v2.3.1. There is a CSRF vulnerability that can add a admin.
CVE-2022-36578
PUBLISHED: 2022-08-19
jizhicms v2.3.1 has SQL injection in the background.