Access "On the Job"
This article is part of the February 2005 issue of 12 security lessons for CISOs they don't teach you in security school
DISPATCHES 12 lessons they don't teach you in security school about being a CISO You may trust your perception of how businesses operate and what your role as a CISO is in making them safe, but nothing can really prepare you for the reality of when you walk into that office for the first time. CISOs shouldn't focus on the latest and greatest technology, but on getting things done enterprise-wide and incrementally improving the security. Every task, objective and operation needs to be vetted by stakeholders, working groups or committees. To top it off, the constant calls from vendors (each with a silver-bullet solution to all your problems) don't aid the process. When I assumed the CISO post at JPMorgan Chase after 12 years of consulting, I had many preconceived notions about how things worked and what needed to be done. Suffice it to say that most of my assumptions were thrown out the window before the first week was out. So, how should you maximize your time as a CISO? It's not something they teach you in security or business school. After a year on the job... Access >>>
Premium Content for Free.
Secure Reads: The Network Security Bible
A review of the Network Security Bible by Eric Cole, Ronald Krutz and James W. Conley
Desktop Security: Senforce Portable Firewall Plus
Senforce's Senforce Portable Firewall Plus
Wireless security product review: AirTight Networks' SpectraGuard 2.0
A review of AirTight Networks' SpectraGuard 2.0
Database Security: Ingrian i211 DataSecure Platform
Ingrian Networks' Ingrian i211 DataSecure Platform
In MSSPs We Trust
Regulatory and cost-cutting pressures are forcing enterprises to reexamine the value of managed security services.
On the Job
12 lessons they don't teach you in security school about being a CISO.
- Secure Reads: The Network Security Bible
Recent Releases: Security product briefs, February 2005
Learn about the security products launched in February 2005.
IronPort C-Series Messaging Gateway: Antivirus, Antispam tool
Enhance your email security strategy with IronPort's C-Series Messaging Gateway. In this product review you will get information on cost, installation, reporting, configuration, and antivirus and antispam technology.
Hot Pick: Funk Software's Odyssey Client 3.03 and Odyssey Server 2.01
Funk Software's Odyssey Client 3.03 and Odyssey Server 2.01
SSHv2: Safe & Secure
The overhauled encryption protocol helps harden networks.
Security: Measuring Up
by Pete Lindstrom, Contributor
Metrics are the key to measuring security. Learn how to gather data and calculate the answers you need.
- Recent Releases: Security product briefs, February 2005
Logoff: The battle against spyware
On the Radar
Perspectives: Symantec, Veritas pairing to change security
Symantec's merger with Veritas will change security managers' lives.
Editor's Desk: Nessus charges for signature updates
No Free Lunches
- Logoff: The battle against spyware
More Premium Content Accessible For Free
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...
Mobile device security is one of the biggest nightmares InfoSec pros face in the era of bring your own everything (BYOE). Simply banning employees ...