Security Management Strategies for the CIO
Email Alerts
-
Symantec 2.0: Evaluating their recent acquisitions
In this month's issue of Information Security magazine: With more than $15 billion in acquisitions, can Symantec succeed? We answer all of your important questions about the security giant. We review SealedMedia's Enterprise Digital Rights Management... E-Zine
-
Buying spree: 2003 product survey results
We examine the results of our 2003 product survey. Readers tell us that massive rollouts are in the works... that is, if enterprise information security budgets hold up. Also in this issue: a look at how four organizations handle the daunting task of... E-Zine
-
Third-party risk management: Horror stories? You are not alone
The majority of breaches occur as the result of third parties. MacDonnell Ulsch advises companies to safeguard third-party management agreements. Feature
-
IT content and vendor engagement evaluation survey
When IT professionals, such as you, have an IT project at their organization, there is a need to research multiple pieces of content from a variety of sources including vendors, third-parties and experts. This survey will allow TechTarget to identify... Survey
-
The Huawei security risk: Factors to consider before buying Chinese IT
Cover story: The U.S. government says Chinese IT giants Huawei and ZTE pose too much risk. But do they? Joel Snyder offers his take. Feature
-
Best Antimalware Products 2011
Readers vote on the best business-grade desktop and server antivirus and antispyware products. Guide
-
Readers' Choice Awards 2011
For the sixth consecutive year, Information Security readers voted to determine the best security products. More than 1,500 voters participated this year, rating products in 14 different categories. Guide
-
How to manage security risks in vendor contracts
Financial institutions face numerous regulatory requirements for managing vendor risk. Learn what financial firms need to include in their vendor contracts in order to conform with regulatory guidance and industry best practices for vendor risk manag... Learning Guide
-
Security on a budget: How to control access to a WLAN
WPA and WPA2-Enterprise provide robust WLAN access control, but deploying 802.1X can be overwhelming for companies with limited IT staff and budget. From outsource to open source to preshared keys, this tip describes several less complex or costly al... Security School
-
Corporate Mergers and Acquisitions Security Learning Guide
Mergers and acquisitions are common occurrences in today's information security market. In this SearchSecurity.com Learning Guide, a panel of experts breaks down M&A security priorities and explains the best ways to manage disparate security staffs, ... Learning Guide
-
Information Security announces finalists for 2007 Readers' Choice awards
This year more than 1,500 readers weighed in on nearly 350 products. Preview the list of finalists; winners will be revealed in the April 2007 issue of Information Security. Information Security
-
More from SearchSecurity.com -- November 2006
Highlights from November edition of Information Security magazine Information Security maga
- See more Essential Knowledge on Vendor Management: Negotiations, Budgeting, Mergers and Acquisitions
-
Aveksa acquisition expands RSA's intelligence-driven security strategy
Aveksa acquisition should help RSA compete in burgeoning identity management market. News | 09 Jul 2013
-
CEO: Symantec strategy to emphasize endpoint security, partnerships
Symantec CEO Steve Bennett says future product strategy will align with the 'Symantec 4.0' blueprint, pushing core features and vendor partnerships. News | 12 Jun 2013
-
McAfee in agreement to acquire next-gen firewall maker Stonesoft
McAfee has announced an agreement to acquire next-gen firewall maker Stonesoft for $389 million. News | 06 May 2013
-
Huawei security issues are result of 'rumors,' says Huawei executive
Huawei security issues threating national security are 'rumors' lacking supporting evidence, a Huawei France executive tells LeMagIT. News | 21 Mar 2013
-
Kaminsky: Fostering improved security culture demands societal change
At B-Sides San Francisco, Dan Kaminsky discussed how society inhibits its own security culture, and the need to look beyond status-quo technology. Column | 25 Feb 2013
-
Huawei security chief says vendor supports U.S. cyberespionage defense
At a panel discussion on cyberespionage and critical infrastructure protection, Huawei CSO Andy Purdy said his firm would help find solutions to the problem. News | 08 Nov 2012
-
Microsoft acquires multifactor authentication vendor PhoneFactor
Microsoft has purchased the multifactor factor authentication platform vendor for an undisclosed amount. News | 05 Oct 2012
-
KEYW inks deal to acquire SIEM technology supplier Sensage
KEYW says Sensage will help it develop its cyber response platform. News | 13 Sep 2012
-
Google acquires file scanner VirusTotal
VirusTotal, which uses antivirus engines to check files for hidden malware, has been acquired by Google, according to a statement on the firm's website. News | 07 Sep 2012
-
Symantec CEO ouster doesn't surprise industry analysts
Analysts say new Symantec CEO Steve Bennett must foster innovation, better leverage its assets and meet Wall Street expectations. News | 25 Jul 2012
- See more News on Vendor Management: Negotiations, Budgeting, Mergers and Acquisitions
-
Using tax depreciation to increase security budgets
The depreciation of capital assets, such as security hardware and software, is a tax benefit that every infosec manager should take into consideration. Opinion
-
In enterprises, proactive information security finally taking hold
Editorial director Andrew Briney says frustration with failure is driving proactive information security spending on new technologies. Opinion
-
Shiny-blinky things: Security of IT security products often overlooked
When buying IT security products, enterprises often neglect to consider whether the products themselves are secure. Column
-
How to choose the best antimalware products: Questions to ask vendors
Mike Rothman offers 10 critical questions to ask antimalware vendors when seeking out the best antimalware products for enterprise use. Tip
-
Cisco MARS: What third-party lockout means for SIEM products
Now that Cisco's MARS SIEM product no longer supports third-party product integration, should enterprises migrate away from the product? In this tip, network security expert Anand Sastry discusses how MARS works and whether the technology is still go... Tip
-
Handling mergers and acquisitions: Career success tips for infosec pros
A company merger or acquisition is always a tumultuous time, and can be even more nerve wracking if you're concerned that your position might be eliminated. In this tip, career experts Lee Kushner and Mike Murray give proactive strategies you can use... Tip
-
McAfee update problem: Dealing with bad antivirus DAT files
While buggy antivirus DAT files are the exception rather than the rule, downloading them can cause just as much turmoil as a potential DDoS attack. In this tip from expert Ernie Hayden, learn how to prepare your enterprise network for any sort of maj... Tip
-
How to buy an IPS: Features, testing and review
If you're considering IPS for your enterprise, make sure you know what to look for in the products you're reviewing. In this tip, network security expert David Meier describes how to conduct an IPS comparison and review of various features, including... Tip
-
Security on a budget: How to make the most of authentication tools
Working on an identity and access management project can be hard enough without having to worry about sufficient funding. In this tip, learn how to leverage existing identity and access management tools and software to keep your budget lean and your ... Tip
-
How to look past information security vendor rhetoric
Security professionals are bombarded with messages from vendors (and their marketing messages) heralding sure-fire cure-alls for compliance and information security woes. So what's the best way to differentiate between a useful product and a useless ... Tip
-
Security awareness training: Stay in, or go out?
So you've decided you need security awareness training. Now what? In this tip, Joel Dubin offers a primer on in-house vs. outsourced security awareness training, and guidelines to help an organization decide which choice is best for its needs. Tip
-
Enterprise security in 2008: Building trust into the application development process
The Storm botnet, launched a year ago, proved that malicious hackers were developing more sophisticated botnets -- and more sophisticated business strategies. As Michael Cobb explains, it's just one reason why application security pros need to keep a... Tip
-
How to buy security products: Eight steps to not losing your shirt
Companies don't often purchase new information security products, so when they do, it's critical that they get the right product for the best price. In this tip, contributor Mike Rothman explains common mistakes in the security product purchase proce... Tip
- See more Tips on Vendor Management: Negotiations, Budgeting, Mergers and Acquisitions
-
Incorporating compliance teams in the request for proposals process
Procurement personnel should know when to include the compliance team in the request for proposals process. Answer
-
Exploring the security risks of network management outsourcing
Is network management outsourcing the future of network security or too great a risk? Matthew Pascucci discusses the risks and rewards. Answer
-
Advice for developing a vendor compliance checklist for a vendor review process
Charles Denyer offers advice for developing a vendor compliance checklist to support a vendor review process or a third-party vendor audit. Answer
-
Will independent endpoint protection review improve products?
ICSA Labs recently announced a new endpoint security certification. Could it help improve endpoint security products? Answer
-
Merger management: How to handle potential merger threats to security
During a merger, management of information security becomes even more crucial in order to mitigate threats, including the many new insiders and attentive attackers that want to take advantage of holes in the companies' infosec integration. Ask the Expert
-
UTM appliances: How to choose among UTM vendors
Choosing a UTM appliance is a big job, as testing can take months and the costs aren't negligible. In this expert response, get advice on how many UTM devices to test, and what to consider during the testing process. Ask the Expert
-
Cisco network appliance security: Does 'self-defending' network stack up?
Cisco has for years touted its concept of a "self-defending" network, but what does it actually entail? In this expert response, Anand Sastry explains what "self-defending" means (at least, according to vendors), and whether it's really possible. Ask the Expert
-
Changing information security plans in an economic downturn
In an economic downturn, it may be necessary to reevaluate security budgets. Should security managers change information security plans from Web application security assessments to an enhanced data protection project for 2009? Ask the Expert
-
Comparing cheap security products and appliances to costly appliances
Security appliances range widely in cost and capability, so what's the best way to decide the right appliance for your enterprise? In this security management expert response, learn how to work with vendors to get the security tools you need. Ask the Expert
-
What vendors would you recommend for software write-blockers?
In a forensics investigation, a software write-blocker can be very helpful. But which vendors offer the best blockers? Security management expert Mike Rothman explains what to look for. Ask the Expert
- See more Expert Advice on Vendor Management: Negotiations, Budgeting, Mergers and Acquisitions
-
snake oil
In cryptographic and other computer products, snake oil is a negative term used to describe exaggerated claims made by vendors who are overly optimistic or purposely seeking to take advantage of consumers who do not have the expertise to judge a prod... Definition
-
McGraw: Use VBSIMM software security model when buying software
Video: Gary McGraw explains how JPMorgan Chase and others use the VBSIMM security model to vet software purchased from third-party vendors. Video
-
Cisco: Integration key to enterprise security strategy
Cisco's Chris Young says the vendor's enterprise security strategy, including the next-generation data center and SDN, hinges on Cisco's integration efforts. Video
-
Evaluating cloud providers: Avoid security issues with cloud computing
Are security issues with cloud computing blocking an implementation? Expert Davi Ottenheimer offers tips for evaluating cloud providers for security. Video
-
Video: Inside the Verizon Data Breach Investigations Report 2011
Verizon's Wade Baker previews the 2011 Verizon Breach Investigations Report and shares surprising insight from the 2010 report on tactics that do and don't help prevent breaches. Video
-
Part 4: Marcus Ranum on the state of information security
At Information Security Decisions 2009, Marcus Ranum explains the effect vendor consolidation will have on technology integration and the need for feature awareness. Video
-
Part 2: Marcus Ranum on the state of information security
At Information Security Decisions 2009, Marcus Ranum analyzes the late golden age of information security and how venture capital (or lack thereof) has dramatically changed the vendor landscape. Video
-
Countdown: Top 5 most important questions to ask endpoint security vendors
After the endpoint security assessment is over and it's time to go talk to vendors, how can you tell between a song and a dance, and what you can truly expect out of a product? Podcasts
-
Virtualization: Disruptive technologies part 4
Is there a future for vendors offering security solutions for virtualized environments, or will security eventually be almost entirely built-in? Experts Chris Hoff, Rich Mogull and Dino Dai Zovi discuss. Video
-
Countdown: Top five ways to sell NOC/SOC integration
NOC/SOC integration offers enterprises a number of benefits, but time and trouble of making the conversion is enough to make executives wary. In this podcast, learn key insights about the business value gained by fostering NOC/SOC integration. Some o... Podcast
-
Top 5 questions to ask when shopping for a compliance product
The Podcast featured here examines what it takes to implement an effective security and compliance framework. Podcast
-
Third-party risk management: Horror stories? You are not alone
The majority of breaches occur as the result of third parties. MacDonnell Ulsch advises companies to safeguard third-party management agreements. Feature
-
Aveksa acquisition expands RSA's intelligence-driven security strategy
Aveksa acquisition should help RSA compete in burgeoning identity management market. News
-
IT content and vendor engagement evaluation survey
When IT professionals, such as you, have an IT project at their organization, there is a need to research multiple pieces of content from a variety of sources including vendors, third-parties and experts. This survey will allow TechTarget to identify... Survey
-
CEO: Symantec strategy to emphasize endpoint security, partnerships
Symantec CEO Steve Bennett says future product strategy will align with the 'Symantec 4.0' blueprint, pushing core features and vendor partnerships. News
-
McAfee in agreement to acquire next-gen firewall maker Stonesoft
McAfee has announced an agreement to acquire next-gen firewall maker Stonesoft for $389 million. News
-
How to choose the best antimalware products: Questions to ask vendors
Mike Rothman offers 10 critical questions to ask antimalware vendors when seeking out the best antimalware products for enterprise use. Tip
-
Incorporating compliance teams in the request for proposals process
Procurement personnel should know when to include the compliance team in the request for proposals process. Answer
-
McGraw: Use VBSIMM software security model when buying software
Video: Gary McGraw explains how JPMorgan Chase and others use the VBSIMM security model to vet software purchased from third-party vendors. Video
-
Huawei security issues are result of 'rumors,' says Huawei executive
Huawei security issues threating national security are 'rumors' lacking supporting evidence, a Huawei France executive tells LeMagIT. News
-
Cisco: Integration key to enterprise security strategy
Cisco's Chris Young says the vendor's enterprise security strategy, including the next-generation data center and SDN, hinges on Cisco's integration efforts. Video
- See more All on Vendor Management: Negotiations, Budgeting, Mergers and Acquisitions
About Vendor Management: Negotiations, Budgeting, Mergers and Acquisitions
Get advice from the experts on vendor management and all vendor communications, such as negotiations, budgeting and merger and acquisitions (M&A). Learn how to get security tools and investments at the best price.