September 15, 2015
FinalCode's software allows IT to keep tabs on all their corporate docs.
August 27, 2015
An up-to-date application security program -- as well as knowing how to connect with stakeholders -- is critical to being a successful CISO today, said Renee Guttmann, vice president, Office of the CISO at Accuvant Inc.
May 29, 2015
News roundup: Cybersecurity is finally garnering attention at the boardroom table, but not necessarily for the right reasons. Plus: Ponemon's "Cost of Data Breach"; D-Link vulnerabilities; NitlovePOS; bad bots.
April 23, 2015
Experts at a Verizon event at RSA Conference 2015 say no data breach response plan is complete until certain human factors are considered.
CISO Get Started
Bring yourself up to speed with our introductory content
It's the responsibility of security leaders to create a positive work environment for security teams, which can be tough to do in such a demanding field. Here's how. Continue Reading
Renee Guttmann, vice president of the Office of the CISO at Accuvant, talks to SearchSecurity about security leadership, and offers advice to today's aspiring CISOs. Continue Reading
An IT security governance board is a key feature in security budgeting, but who makes up this body? Expert Joseph Granneman outlines the best structure for security governance boards. Continue Reading
Evaluate CISO Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
As the need for a dedicated information security officer catches fire beyond firewalls, how should companies engineer the expanding CISO role? Continue Reading
As assets are moved to the cloud, organizations must take steps to ensure that cloud compliance requirements are upheld by third-party vendors. This is a major undertaking that requires knowledge of federal, state and international law; changing regulations; cloud security; and non-traditional information security controls and best practices. In this issue of Information Security magazine, we look at the shared responsibility model between organizations and service providers to protect data in the cloud.
Many companies have elevated the visibility of the CISO function in response to a series of high-profile breaches. Some organizations are hiring fulltime CISOs for the first time. Others are shoring up their ranks. At mature organizations, it is not unusual to have board-level discussions about cyber-risk oversight, with concerns ranging from assets at risk, to information security responsibility and reporting structures. As the CISO position continues to be defined, we look at the role beyond IT.
Investments in cybersecurity startups are taking off. Driven by CEO and board-level demand for promising technology aimed at protecting corporate networks and sensitive data, investors are pouring money into cybersecurity companies. While most investments are aimed at turning a profit for venture-capital firms, some companies are investing to reap the benefits of working with new technology and influence product development. We look at strategic partnerships and how funding startups can pay off. Continue Reading
Security funds can be tough to come by, so when managers get them should they focus on strengthening security through hiring or through purchasing tools? Continue Reading
Learn to apply best practices and optimize your operations.
An unusual game of musical chairs is unfolding as companies scramble to ensure information security and shore up their ranks to the tune of regulators. Continue Reading
Increased cybersecurity spending budgets don't happen very often, but when they do CISOs should take advantage of it. Here's how to strategize spending an increased security budget. Continue Reading
Compliance officers have typically equipped themselves with spreadsheets to track compliance and manage audits, but the scope and complexity of today's regulatory environment stretch traditional methods to its limits. More organizations are turning to GRC software tools to help automate compliance assessment tasks from data collection to gap analysis. But while such tools have the potential to cut costs and create smoother compliance workflows, they can be challenging to implement.
In this SearchCompliance handbook, we'll examine how compliance officers and IT managers can deploy automated GRC strategies that support the organization's data governance objectives. Topics discussed include:
Integrating GRC software with enterprise applications Storing GRC data in the cloud Ensuring the GRC tool responds to the demands of big data Realizing the MDM benefits of automated GRCContinue Reading
Problem Solve CISO Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
The executive turnover at enterprises after a data breach is fairly high. Expert Mike Villegas gives some advice on how CISOs can avoid losing their job. Continue Reading
CISOs sometimes need to work a bit harder to gain the same respect given to other C-level positions, but there are ways for CISOs to gain more respect. Continue Reading
CISO roles and responsibilities are built on impossible standards and unrealistic expecations. Expert Joseph Granneman explains this trend and why enterprises need to reverse it. Continue Reading