Premium Content

Access "Executive viewpoint: Mixed messages on software security"

Published: 29 Oct 2013

(ISC)2 issued their Global Information Security Workforce Study during the RSA Conference¬† in February; so when their own Security Congress 2013 event opened in Chicago this fall, they were looking for something fresh to say. The solution was a recut of the original data, focusing solely on the responses from the 1,634 respondents "with security executive titles." The results in "A View From the Top: The (ISC)2 Global Information Security Workforce Study CXO Report" largely tracked with the broader Global Workforce Study, but did uncover a strange paradox. The top priority or "concern" was application security, but it also ranked as the lowest priority in terms of time spent. CISOs may not manage or have direct oversight of development teams, 'but they can handle the software security group.' Gary McGraw, CTO, Cigital It's a big mismatch, and respondents in this report aren't exactly the slackers in the room. They've been in the security discipline for more than 14 years on average; 12% of them have been at it 25 years or more. They're all C-level, with 57% ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

    • Virtualization security dynamics get old by Chris Hoff

      Companies have embraced virtualization and cloud computing, but security is still bolted-on. Here's what needs to change.

    • Eliminating black hat bargains by Robert Lemos

      Enterprises cannot always keep attackers out of their networks. Instead, defense-in-depth strategies aim to raise the cost to black hats -- in terms of time and money.

    • Beyond the Page: Virtual security by Christofer Hoff

      In the November 2013 Beyond the Page on virtual security, Chris Hoff examines the challenges infosec pros face in finding the right security strategy for their enterprise network.

    • Executive viewpoint: Mixed messages on software security by Robert Richardson, Editorial Director

      Software security ranks high among security executives' concerns but low in terms of time spent, according to an (ISC)2 CXO study.

More Premium Content Accessible For Free

  • Continuous monitoring program demystified

    For many security teams, "continuous monitoring" is a vague concept associated with FISMA compliance. A continuous monitoring program can be simple ...

  • Does Windows 8.1 meet the demands of the BYOD age?

    The variety and sheer number of network endpoints, users and devices in the enterprise today is driving IT's demands for enhanced security features ...

  • Application security policy after Heartbleed

    Enterprises leverage open source software for the perceived quality of the code, but the Heartbleed flaw has made many question their use of ...