Access your Pro+ Content below.
CISOs: From no seat to multiple hats
This article is part of the April 2013 / Volume 15 / No. 3 issue of Information Security magazine
If you have worked in information security for the past 15 years, you have witnessed a maturation in the mission of security that is quite remarkable. In its infancy, security was oftentimes viewed as the troglodytes at the end of the corridor, who focused on analyzing packet streams, firewall logs and anti-virus anomalies. Some of the fear that hovered over security practitioners was simply the result of the role that they played, and their secretive and covert way of performing their duties. Still, security practitioners diligently performed their tasks, and sought and gained increasing relevance. Fast forward to the current day, and you will see a new view of security in many enterprises: security is evolving towards a broader focus in risk management. The responsibility of traditional information security has not decreased in importance or duty, but the mindset and role has certainly become more risk-based in nature for security leaders and many current CISOs. And this is appropriate, as information security management at ...
Features in this issue
Are you losing control of access management as SaaS and mobile devices take hold? To achieve better operational consistency and scale, consider a centralized IAM system.
The infections and cyberattacks that botnets are used to launch remain hard-to-detect malware threats that have moved beyond PCs to mobile devices.
Most networks have partial deployment of IPv6 often without IT realizing it. It’s time to take stock of the security implications before attackers do.
Columns in this issue
This month, Information Security Magazine examines security industry changes that can really make a difference: improving identity management and building security into software from the get go.
The CISO role in many enterprises is expanding beyond security risk mitigation to risk management, privacy and regulations, and compliance.
Security experts explain why a holistic approach to security is critical to training computer engineers and computer scientists for a career in information security.
Hacking back isn't the way to win the cyberwar. Gary McGraw says building software and systems with fewer vulnerabilities is stronger protection.