Security Management Strategies for the CIO
Email Alerts
-
Security 7 Award winners sound off on key information security issues
The 2008 Security 7 Award winners have their say on information sharing, perimeter security, relationships, convergence, strategy and history. Also in this issue, Schneier and Ranum debate risk management. E-Zine
-
Tips from the 2007 Security 7 Awards
The winners of the 2007 Security 7 Awards are strategic thinkers, community advocates and problem solvers. Read what they have to say about information security. Also, learn more about log management essentials and how to get the most out of Snort. E-Zine
-
CISO survival guide: 18 of the best security tips
Put this on your summer reading list to ensure security's a breeze. This issue includes 18 sizzling tips for dealing with office politics, security extranets, protecting your brand and handling emerging technologies. E-Zine
-
How to tell if you need the help of security integrators and consultants
In this month's issue of Information Security magazine, find out the pros and cons of working with a security services company, how third-party consultants can help managers, how much it should cost and how to choose the right firm. Get the inside sc... E-Zine
-
Security 7 Award winners: Simply the best
In this month's issue of Information Security magazine, meet the Security 7 Award winners for this year -- security superstars who go above and beyond. Take a look inside for this year's winners. We review "S*PAM KiNgs: The Real Story Behind The High... E-Zine
-
Exclusive: Security salary and careers guide
Compare your security salary, assess your skills and rate your savvy in our exclusive careers guide, designed to give you the upper hand and the tools you need to make tough career decisions. This issue includes features on whether security certifica... E-Zine
-
Security survivor all stars explain their worst data breaches
Five executives clean up after some of the worst breaches in recent memory. They'll tell you how to outwit, outplay and outlast the bad guys. Plus, read features on risk methodologies and mobile security policies. E-Zine
-
Security 7 Award winners unmasked
These Security 7 Award winners are the pros who are the first to identify DDoS attacks, secure trillions in banking funds, lock down Tier 1 carriers, manage the world's fifth largest network and defend hundreds of thousands of employees and partners.... E-Zine
-
What's the best IT security advice you've ever received?
In this issue of Information Security magazine, get the best IT security advice from security luminaries such as Sara Santarelli, Dan Geer, Eugene Spafford, Scott Charney, Radia Perlman and others. Read reviews on Aventail's EX-1500, Aladdin Knowledg... E-Zine
-
12 security lessons for CISOs they don't teach you in security school
In month’s Information Security magazine, JPMorgan Chase's Anish Bhimani reveals 12 security lessons he didn't learn until after becoming a CISO. We also review "The Network Security Bible" to help you decide if it's a must-read. Learn about the late... E-Zine
-
Bridging the IT security skills gap
While poaching security talent may plug short-term gaps, outreach and education will solve the long-term shortfall in IT security professionals. Feature
-
CSA Certificate of Cloud Security Knowledge
CSA Certificate of Cloud Security Knowledge Certifications
-
Certification Central - CISSP
Studying for, obtaining and maintaining your CISSP certification has now become more convenient with SearchSecurity.com. Survey
-
CISSP Practice Test
CISSP Practice Test Survey
-
Information security book excerpts and reviews
Visit the Information Security Bookshelf for book reviews and free chapter downloads. Information Security Book
-
Security School Course Catalog from SearchSecurity.com
A catalog of our free online security courses led by information security experts on popular security topics. Security School
-
RSA Conference 2011: News, interviews and updates
The RSA Conference is a valuable resource in staying educated on the latest advances, threats and emerging trends in the information security industry. Conference Coverage
-
RSA Conference 2010: news, interviews and updates
RSA Conference 2010 is valuable resource in staying educated on the latest advances, threats and emerging trends in the information security industry. Here you will find the most current updates and news on the upcoming RSA Conference 2010, scheduled... Special News Coverage
-
Sample Chief Information Security Officer resume
Resume
-
Career management 101 for information security pros
Eight questions to help information security professionals determine if their career is on the right track. Information Security maga
- See more Essential Knowledge on Information Security Jobs and Training
-
IT security job market is hot but tricky, expert says
The IT security skills required by some firms have become a lot more specific. The demand for security generalists is waning. News | 20 Dec 2012
-
IT Salary Survey 2012: IT security, compliance pros anticipate raise in 2013
Security and compliance pros taking TechTarget's 2012 IT Salary Survey aren't complacent, indicating openness to new jobs, eagerness for a promotion. News | 20 Dec 2012
-
Unrealistic expectations, skills gap mire market for IT security jobs
Unrealistic HR and hiring manager expectations and a widening security skills gap is challenging CISOs trying to find the right security talent. News | 27 Nov 2012
-
State CISOs cite insufficient funding, lack of skilled IT professionals in survey
The biannual Deloitte-NASCIO survey revealed what state CISOs believe are the top barriers in addressing cybersecurity. News | 29 Oct 2012
-
Lack of skilled security pros challenges CISOs to fill specialties
The market for security professionals is hot, but several experts indicate that the talent pool for IT talent with security skills is dwindling. News | 22 Oct 2012
-
Information technology security jobs hiring outlook
The unemployment rate for IT security pros is 0%, says CompTIA, leaving some companies with key information technology security jobs unfilled. News | 07 Jun 2012
-
Staff IT skills gap hinders security efforts, CompTIA reports
A gap in IT skills affects business productivity and negatively impacts cybersecurity, despite security being a high priority, according to report. News | 14 Mar 2012
-
Infosec certifications valuable in security job market, (ISC)2 finds
Survey of more than 2,000 IT security pros finds many getting raises and promotions despite lagging economy and tighter IT budgets. News | 14 Feb 2012
-
Cybersecurity career experts: Mobile app security skills hot in 2012
The increase in smartphones and other mobile devices has fueled demand for IT security pros with mobile app security and networking skills, say several cybersecurity career experts. News | 28 Dec 2011
-
(ISC)2 survey reveals need for secure application development skills
A survey by certification firm (ISC)2 found a need for IT security professionals to improve application development processes and expertise to weigh cloud computing risks. Article | 17 Feb 2011
- See more News on Information Security Jobs and Training
-
Attack security literacy with brute force
Forget the slogans. Reset your security awareness program with actionable information. Column
-
Is big data education a big failure?
Big data presents big challenges for computer science programs from classification to cloud security. Are industry partnerships the answer? Column
-
Opinion: Definition of the role of CISO still a work in progress
Former CIGNA CISO Craig Shumard says the chief information security officer role within many organizations is now under attack. News
-
Staff infection: IT security education is contagious
If bad attitudes are spreading across the IT staff like germs, better IT security education may just be the cure. Column
-
IT security education climbs the corporate ladder
Managers need more training about technical security threats and input into IT policies that threaten productivity. Column
-
Why information security education isn’t making the grade
Security experts explain why a holistic approach to security is critical to training computer engineers and computer scientists for a career in information security. Opinion
-
CISOs: From no seat to multiple hats
The CISO role in many enterprises is expanding beyond security risk mitigation to risk management, privacy and regulations, and compliance. Opinion
-
Information assurance training programs create new cadre of IT security pros
University information assurance programs are varied, but they are beginning to provide technology disciplines a level of security knowledge. Column
-
Chief information security officer skills go beyond customary technical roles
A trusted advisor and a strong communicator and promoter, a good CISO should be a jack-of-all-trades to rally the IT security team to support the business needs by minimizing risk. Column
-
How to learn IT security in your spare time
When considering how to learn IT security, never underestimate the power of a few minutes of downtime. Column
- See more Opinion on Information Security Jobs and Training
-
Enterprise information security employee retention strategies
Expert Ernie Hayden offers employee retention strategies. Learn how to keep good enterprise infosec staff for the long haul. Tip
-
Mining for infosec talent: How CISOs can fill security positions
Expert Ernie Hayden advises CISOs on best practices for filling security positions within the enterprise when faced with a lack of talent. Tip
-
Information security career success: Certifications vs. experience
Do security certifications provide value and advance information security careers? Peter Rendall offers some surprising opinions from security execs. Tip
-
Information security career paths leading to security specialist jobs
Recruiter Peter Rendall sees information security career paths leading toward security specialist jobs; SIEM, DLP and analysis are especially hot. Tip
-
Choosing between job offers: Gauging security career opportunities
How can you tell which job offer could lead you to becoming a CISO? InfoSec Leaders' Lee Kushner and Mike Murray weigh in. Tip
-
The security career path: Pros and cons of job hopping
Is going elsewhere the only path to the top? InfoSecLeaders.com's career experts Lee Kushner and Mike Murray discuss the pros and cons of job hopping. Tip
-
Career networking strategies: Alternatives to infosec certification
Certification isn't the only -- and may not even be the best -- way to set yourself apart in the eyes of potential employers. Learn networking strategies to get your name in front of the right people. Tip
-
Reviewing your information security career path plan for the New Year
The end of the year is the perfect time to review how your career has played out during the past 12 months and refine future goals. In this tip, infosec career experts Lee Kushner and Mike Murray explain the best questions to ask. Tip
-
How to successfully 'invest' in your career
Credentials that set you apart from other information security applicants can determine whether you land your dream job. In this tip, Lee Kushner and Mike Murray give advice on how to choose effective career differentiators. Tip
-
Handling mergers and acquisitions: Career success tips for infosec pros
A company merger or acquisition is always a tumultuous time, and can be even more nerve wracking if you're concerned that your position might be eliminated. In this tip, career experts Lee Kushner and Mike Murray give proactive strategies you can use... Tip
- See more Tips on Information Security Jobs and Training
-
Goals for how to become a CISO if you're a security technologist
Security technologists aspiring to become CISOs must develop a variety of business skills, as Joe Granneman explains in this Ask the Expert Q&A. Answer
-
How will the cloud affect future network security skills requirements?
Will the ongoing adoption of cloud technology affect the skills that network security engineers need in the future? Matt Pascucci discusses. Answer
-
Which is best: An infosec certification or an IT security degree?
Which will be more likely to further your infosec career: A certification, or an advanced degree? Expert Ernie Hayden weighs in. Answer
-
Seeking an ethical hacking career: How to learn ethical hacking
In this expert response, Nick Lewis explains what an ethical hacker is and what skills such a hacker needs to be successful and compliant with the law. Ask the Expert
-
How to choose the best IT security certification for pen testing jobs
Looking to get into the world of penetration testing, and you're not sure which certification might help? In this expert response, David Mortman explains how to know if pursuing a certification is right for your career. Ask the Expert
-
What is the best security training to advance a career in IT security?
In the security industry, there are tons of options for certification and training, but which are best when looking to advance your career? In this expert response, David Mortman explains what you need to know to climb the ladder. Ask the Expert
-
Why doesn't the CISSP cover information assurance and DIACAP?
The CISSP is the standard when it comes to information security certifications, but why is it required for government security jobs when it doesn't cover information assurance and DIACAP? Security management expert David Mortman responds. Ask the Expert
-
The top 5 network security practices
Looking to brush up your network security practices? Check out these top five recommendations from expert Mike Chapple. Ask the Expert
-
How do I transition to a career in IT security?
Looking to move into a career in IT security? Network security expert Mike Chapple how to take a business or sales background and turn it into just that. Ask the Expert
-
Getting the CEH certification to join an ethical hacking network
With so many security certifications, is it worthwhile to get a Certified Ethical Hacker certificate? Learn whether an ethical hacking certification can help you get ethical hacking jobs. Ask the Expert
- See more Expert Advice on Information Security Jobs and Training
-
network intrusion protection system (NIPS)
A network intrusion protection system (NIPS) is an umbrella term for a combination of hardware and software systems that protect computer networks from unauthorized access and malicious activity. Definition
-
security clearance
A security clearance is an authorization that allows access to information that would otherwise be forbidden. Definition
-
CSO (Chief Security Officer)
Assuming a consistent pattern of titles in companies that have a Chief Executive Officer (CEO) and Chief Information Officer (CIO), the Chief Security Officer (CSO) is the person responsible for the security of a company's communications and other bu... Definition
-
Cisco Certified Security Professional (CCSP)
A Cisco Certified Security Professional (CCSP) is an IT (Information Technology) professional who has received formal training from Cisco Systems in network-related security hardware, software and management... (Continued) Definition
-
Ira Winkler on why cybersecurity degrees are worthless
Video: The author of "Spies Among Us" explains what he thinks constitutes an adequate education for enterprise cybersecurity practitioners. Video
-
Ernie Hayden on the keys for success in the role of CISO
Ernie Hayden discusses the role of CISO and draws on examples from his own career as he lists the most important attributes for a successful CISO. Video
-
NIATEC director on fostering an information assurance training program
Video: NIATEC Director Corey Schou discusses how the information assurance training program prepares the next generation of infosec pros. Video
-
Tipton on (ISC)2 training, strategy and women in information security
(ISC)2 Executive Director W. Hord Tipton discusses (ISC)2 training, strategy, new initiatives and how it’s helping women in information security. Video
-
(ISC)2’s Tipton on CISSP test transparency, board of directors election process
(ISC)2 Executive Director Hord Tipton on why a CISSP cert is still valuable, CISSP test transparency and the board of directors election process. Video
-
CISO interview: Choosing enterprise risk management policy
In this video interview from RSA Conference 2011, CISO Scott Sysol discusses his organization's enterprise risk management policy on various emerging technologies. Video
-
How to be a Chief Information Security Officer (CISO)
If being a Chief Information Security Officer (CISO) is your dream job, this video is for you. Ernie Hayden, consultant and former CISO, gives advice on the essentials, including how to keep things running smoothly enough that you can take time off. Video
-
How to advance in your information career in the current economic storm
It's not news that the current economy is struggling, but what's the best way for infosec pros to position themselves to make it through? Sara Santarelli, Chief Network Security Officer of Verizon, gives her advice how how to advance your information... Video
-
Schneier-Ranum face-off, part 4: Cybersecurity coordinator
Bruce Schneier and Marcus Ranum continue their face-off at ISD 2009 by discussing whether a U.S. cybersecurity coordinator is necessary. Video
-
Bruce Schneier on outsourcing, awareness training
At the 2009 Information Security Decisions conference, security expert Bruce Schneier answered some of readers' burning security questions. Video
-
Bridging the IT security skills gap
While poaching security talent may plug short-term gaps, outreach and education will solve the long-term shortfall in IT security professionals. Feature
-
Attack security literacy with brute force
Forget the slogans. Reset your security awareness program with actionable information. Column
-
Is big data education a big failure?
Big data presents big challenges for computer science programs from classification to cloud security. Are industry partnerships the answer? Column
-
Opinion: Definition of the role of CISO still a work in progress
Former CIGNA CISO Craig Shumard says the chief information security officer role within many organizations is now under attack. News
-
Staff infection: IT security education is contagious
If bad attitudes are spreading across the IT staff like germs, better IT security education may just be the cure. Column
-
Goals for how to become a CISO if you're a security technologist
Security technologists aspiring to become CISOs must develop a variety of business skills, as Joe Granneman explains in this Ask the Expert Q&A. Answer
-
How will the cloud affect future network security skills requirements?
Will the ongoing adoption of cloud technology affect the skills that network security engineers need in the future? Matt Pascucci discusses. Answer
-
IT security education climbs the corporate ladder
Managers need more training about technical security threats and input into IT policies that threaten productivity. Column
-
Enterprise information security employee retention strategies
Expert Ernie Hayden offers employee retention strategies. Learn how to keep good enterprise infosec staff for the long haul. Tip
-
Mining for infosec talent: How CISOs can fill security positions
Expert Ernie Hayden advises CISOs on best practices for filling security positions within the enterprise when faced with a lack of talent. Tip
- See more All on Information Security Jobs and Training
About Information Security Jobs and Training
Information for job-seekers, including salaries for jobs in information security, security training, exam program and courses, career opportunities for women, advancement and promotion strategies plus qualifications for becoming a CSO, CISO or executive.