Access "CISOs Must Innovate to Enable Business"
This article is part of the June 2008 issue of Five crucial virtualization do's and don'ts
Be an Enabler The hackers are constantly innovating. Why aren't you? If you want to be successful in your position you may need to adjust your way of thinking when it comes to security. You need to be an enabler not a gatekeeper. Security has traditionally been a game of block and tackle defending against outside attacks. Today, however, security needs to protect but also enable a business to thrive and grow. To do this, you need to bolster some skills. You're going to need to be able to communicate (and not rely on acronyms and technology) and you're going to need to be a risk-taker (and I'm not talking about the risk framework kind). You've got to embrace change and technology, and this may smack against everything you're used to or comfortable with. Remember, business innovation is not another threat but rather an exciting opportunity for you. Take technology. Web 2.0, social networking, BlackBerries, iPhones, USB drives--they should be your friends, not the bane of your existence. Why? Because these technologies have the potential to allow organizations ... Access >>>
Premium Content for Free.
Virtualization server security best practices
by Thomas Ptacek
Avoid server virtualization security bad practices with these dos and don'ts. Get info on virtualization products, segmentation, implementation, avoiding malware, and staging, deploying and patching virtual machines, segmentation and implementation.
Product review: Credant Mobile Guardian 6.0
Product review: Klocwork Insight 8.0
Embedded Security Safeguards Laptops
Tech Focus: Secure From Within
Security Awareness Employee Training Essential to Infosec Program
Security awareness training initiatives such as online tutorials, newsletters, MP3s and prizes get the security message across to users.
- Virtualization server security best practices by Thomas Ptacek
Spam blockers losing ground on sophisticated attackers
SPAM Spam hasn't been "solved"; in fact, the scourge has grown worse as attackers continually trump countermeasures and refine their focus on high-value targets.
Product review: Mu-4000 Security Analyzer
Product review: Array Networks SPX2000
Security Services: QualysGuard Security and Compliance Suite
At Your Service
GRC Tools Help Manage Regulations
GOVERNANCE, RISK AND COMPLIANCE We look at three GRC products and the distinct ways these tools can help organizations navigate the complicated regulatory game.
- Spam blockers losing ground on sophisticated attackers
CISOs Must Innovate to Enable Business
Editor's Desk: Be an Enabler
Architect Security and Compliance Programs to Be Complementary
Perspectives: Shake On It
Address Authentication and Transaction Validation Protocols to Stem Identity Theft
Layer8: Tarnishing Good Names
Interview: Financial Services CISO David Pollino
CISO Uses Predictive Analystics to Bolster Risk Management Program
- CISOs Must Innovate to Enable Business
More Premium Content Accessible For Free
For many security teams, "continuous monitoring" is a vague concept associated with FISMA compliance. A continuous monitoring program can be simple ...
The variety and sheer number of network endpoints, users and devices in the enterprise today is driving IT's demands for enhanced security features ...
Enterprises leverage open source software for the perceived quality of the code, but the Heartbleed flaw has made many question their use of ...