View All News

CISO Get Started

Bring yourself up to speed with our introductory content

View All Get Started

Evaluate CISO Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

  • The CISO role's evolution from IT security to policy wonk

    As the need for a dedicated information security officer catches fire beyond firewalls, how should companies engineer the expanding CISO role? Continue Reading

  • Regaining control of cloud compliance

    As assets are moved to the cloud, organizations must take steps to ensure that cloud compliance requirements are upheld by third-party vendors. This is a major undertaking that requires knowledge of federal, state and international law; changing regulations; cloud security; and non-traditional information security controls and best practices. In this issue of Information Security magazine, we look at the shared responsibility model between organizations and service providers to protect data in the cloud.

    Many companies have elevated the visibility of the CISO function in response to a series of high-profile breaches. Some organizations are hiring fulltime CISOs for the first time. Others are shoring up their ranks. At mature organizations, it is not unusual to have board-level discussions about cyber-risk oversight, with concerns ranging from assets at risk, to information security responsibility and reporting structures. As the CISO position continues to be defined, we look at the role beyond IT.

    Investments in cybersecurity startups are taking off. Driven by CEO and board-level demand for promising technology aimed at protecting corporate networks and sensitive data, investors are pouring money into cybersecurity companies. While most investments are aimed at turning a profit for venture-capital firms, some companies are investing to reap the benefits of working with new technology and influence product development. We look at strategic partnerships and how funding startups can pay off. Continue Reading

  • Should security funds be dedicated to hiring or tools?

    Security funds can be tough to come by, so when managers get them should they focus on strengthening security through hiring or through purchasing tools? Continue Reading

View All Evaluate

Manage CISO

Learn to apply best practices and optimize your operations.

  • The CISO role rises: How is it working out?

    An unusual game of musical chairs is unfolding as companies scramble to ensure information security and shore up their ranks to the tune of regulators. Continue Reading

  • What cybersecurity spending strategies will best help enterprises?

    Increased cybersecurity spending budgets don't happen very often, but when they do CISOs should take advantage of it. Here's how to strategize spending an increased security budget. Continue Reading

  • The data governance keys to successful GRC automation

    Compliance officers have typically equipped themselves with spreadsheets to track compliance and manage audits, but the scope and complexity of today's regulatory environment stretch traditional methods to its limits. More organizations are turning to GRC software tools to help automate compliance assessment tasks from data collection to gap analysis. But while such tools have the potential to cut costs and create smoother compliance workflows, they can be challenging to implement.

    In this SearchCompliance handbook, we'll examine how compliance officers and IT managers can deploy automated GRC strategies that support the organization's data governance objectives. Topics discussed include:

    • Integrating GRC software with enterprise applications
    • Storing GRC data in the cloud
    • Ensuring the GRC tool responds to the demands of big data
    • Realizing the MDM benefits of automated GRC

     Continue Reading

View All Manage

Problem Solve CISO Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

View All Problem Solve