Access your Pro+ Content below.
Cybersecurity and global risk assessment enter the boardroom
This article is part of the September 2013 Volume 15 / No. 7 issue of Information Security magazine
"We need to advance the security agenda to the boardroom," said MacDonnell Ulsch, CEO and chief analyst of ZeroPoint Risk Research. That means turning to managing risk, according to Ulsch. "I know there are those who disagree with this, and who believe that technical security is the answer. To me, it is only part of the solution of managing risk. "It is interesting, too, that so many in the industry are focusing on data protection of regulated data, but that intellectual property [IP] and trade secrets seem less critical, even though these secrets may be the lifeblood of the company," added Ulsch. "If I lose PII and PHI, it's a bad day, and there are consequences. If I lose IP, it may be the end of the company. So managing risk is what security professionals are doing. They know it, now we need the rest of the organization to know it." Ulsch, who joined the Information Security magazine editorial advisory board last month, is among the experts who shared tips and strategies in my article on global risk assessment and security. ...
Features in this issue
Modern firewalls offer greater application awareness and user controls. Protect your migration strategy with these tips from the pros.
This month's special online multimedia supplement to Information Security magazine details the advanced new features of next-generation firewalls and how to make the most of them.
While poaching security talent may plug short-term gaps, outreach and education will solve the long-term shortfall in IT security professionals.
Global risk management based on the lowest common denominator may not ‘comply' with IP or trade secrets. Analysts see big changes ahead.
Columns in this issue
Analysts expect security concerns to drive global risk management, but executives may need convincing.
Not down with Dropbox? Lee Heath embraced shadow IT and improved his company's data security practices in the process.
Forget the slogans. Reset your security awareness program with actionable information.