Access "Filling the CISO role: Is there any reason enterprises shouldn't?"
This article is part of the May 2014 Vol. 16 / No. 4 issue of Figuring out FIDO as the first products emerge
Due to a string of high-profile data breaches -- and embarrassing incidents like the National Security Agency leaks committed by Edward Snowden -- more companies are debating the business necessity of having good security practices in place. While vendors emphasize the importance of new technology in mitigating security incidents, a number of organizations seem to be overlooking an obvious hole: the lack of a dedicated security pro in the CISO role. I'm amazed to hear that large organizations still don't have a CISO. When it comes down to it, I don't really know too many businesses that can operate without [IT], and security is just a fundamental component of everything that companies have to do now. Chris Ray, CISO, Epsilon The role of chief information security officer has been around for nearly two decades, since Citigroup recruited industry veteran Stephen Katz to fill the position in 1995. Still, despite the increasing prominence of both the position and information security as whole, some large organizations still forgo hiring a dedicated CISO. As the ... Access >>>
Premium Content for Free.
Beyond the Page: Is Fast Identity Online in your future?
by David Strom, Contributor
This Beyond the Page explores the evolution of two-factor authentication and a range of emerging FIDO-ready technologies.
Another call for federal data privacy laws
by Randy Sabett
The patchwork of state laws has not slowed epic data breaches. Will we see federal data breach notification laws in 2015?
- Beyond the Page: Is Fast Identity Online in your future? by David Strom, Contributor
Password-free authentication: Figuring out FIDO
by David Strom, Contributor
Will open FIDO standards for better interoperability of next-generation authentication technologies actually work?
Filling the CISO role: Is there any reason enterprises shouldn't?
by Brandan Blevins, News Writer
In the wake of the Target breach, many companies still don't have a dedicated CISO.
- Password-free authentication: Figuring out FIDO by David Strom, Contributor
Main Street forces new avenues to security and data privacy laws
by Kathleen Richards, features editor
Can the technology industry solve cybersecurity and data protection issues without federal legislation?
Marcus Ranum and Georgia Weidman hack into cyberdefense
by Marcus J. Ranum, Contributor
Are critics of the penetration test wrong? Find out what breaking and entering your enterprise network can reveal about the state of your security.
Advanced persistent threats: Has the industry moved on?
by Robert Richardson, Editorial Director
APT gives new meaning to targeted attacks that often rely on low-tech tactics and flawed network security.
- Main Street forces new avenues to security and data privacy laws by Kathleen Richards, features editor
More Premium Content Accessible For Free
Strategies for a successful data protection program
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
Devices, data and how enterprise mobile management reconciles the two
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
Putting security on auto-pilot: What works, what doesn't
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...