Premium Content

Access "Executive viewpoint: Mixed messages on software security"

Published: 29 Oct 2013

(ISC)2 issued their Global Information Security Workforce Study during the RSA Conference  in February; so when their own Security Congress 2013 event opened in Chicago this fall, they were looking for something fresh to say. The solution was a recut of the original data, focusing solely on the responses from the 1,634 respondents "with security executive titles." The results in "A View From the Top: The (ISC)2 Global Information Security Workforce Study CXO Report" largely tracked with the broader Global Workforce Study, but did uncover a strange paradox. The top priority or "concern" was application security, but it also ranked as the lowest priority in terms of time spent. CISOs may not manage or have direct oversight of development teams, 'but they can handle the software security group.' Gary McGraw, CTO, Cigital It's a big mismatch, and respondents in this report aren't exactly the slackers in the room. They've been in the security discipline for more than 14 years on average; 12% of them have been at it 25 years or more. They're all C-level, with 57% ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

    • Virtualization security dynamics get old by Chris Hoff

      Companies have embraced virtualization and cloud computing, but security is still bolted-on. Here's what needs to change.

    • Eliminating black hat bargains by Robert Lemos

      Enterprises cannot always keep attackers out of their networks. Instead, defense-in-depth strategies aim to raise the cost to black hats -- in terms of time and money.

    • Beyond the Page: Virtual security by Christofer Hoff

      In the November 2013 Beyond the Page on virtual security, Chris Hoff examines the challenges infosec pros face in finding the right security strategy for their enterprise network.

    • Executive viewpoint: Mixed messages on software security by Robert Richardson, Editorial Director

      Software security ranks high among security executives' concerns but low in terms of time spent, according to an (ISC)2 CXO study.

More Premium Content Accessible For Free

  • Strategies for a successful data protection program

    Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...

  • Devices, data and how enterprise mobile management reconciles the two

    The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...

  • Putting security on auto-pilot: What works, what doesn’t

    For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...