Security Management Strategies for the CIO
Email Alerts
-
Creating a compliance culture to boost infosec compliance and risk management
Creating a culture of compliance takes time, but expert Eric Holmquist offers five time-tested tactics to help break down cultural barriers to improve information security risk and compliance management. Tip
-
Linux security best practices for Linux server systems
Linux servers are used throughout many enterprises, and their security posture shouldn't be overlooked. In this tip, King Ables discusses risk assessment pointers for Linux server systems. Tip
-
SOC 2.0: Three key steps toward the next-generation security operations center
According to Forrester Research, traditional security operations are no longer practical. Forrester's John Kindervag discusses the new model, SOC 2.0, why it's important, and how to make it happen. Tip
-
SaaS evaluation: Considerations for a SaaS service-level agreement
Before signing-on with a SaaS provider, it's important to thoroughly examine the impact that SaaS will have on your infrastructure. In this tip, Scott Crawford explains how to examine SaaS impact, and how to incorporate your findings into a comprehen... Tip
-
Performing a security risk analysis to assess acceptable level of risk
No organization is ever completely without risk, but there are steps that can be taken to establish an acceptable level of risk that can be appropriately mitigated. In this tip, Michael Cobb explains how to perform a security risk analysis to help de... Tip
-
How risk management standards can work for enterprise IT
Every organization should be able to articulate how IT threats can harm a business. Forrester Research Analyst Chris McClean explains how a five-step risk management strategy, based on a risk management standard like ISO 31000, makes it easier to exp... Tip
-
PCI compliance requirements affect IT risk assessments
In their book PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance, authors Dr. Anton Chuvakin and Branden Williams discuss how to best approach PCI compliance requirements in your organization. Tip
-
Cloud computing in 2010: Be ready for risk management challenges
As our tip series continues, Michael Cobb predicts some risk management challenges in 2010 as more companies get caught with their head in the 'cloud.' Tip
-
GRC customers point to better efficiency, convergence and consistency
There's no getting around the need for corporate governance, risk and compliance management, but a GRC platform can improve efficiency, convergence and consistency. Forrester Research explains the benefits of a GRC platform implementation. Tip
-
How to justify information security spending on cloud computing
In part 1 of this chapter excerpt from The Shortcut Guide to Prioritizing Security Spending, author Dan Sullivan reviews the data security and compliance measures that must be established between you and your cloud provider. Tip