September 15, 2015
FinalCode's software allows IT to keep tabs on all their corporate docs.
August 27, 2015
An up-to-date application security program -- as well as knowing how to connect with stakeholders -- is critical to being a successful CISO today, said Renee Guttmann, vice president, Office of the CISO at Accuvant Inc.
May 29, 2015
News roundup: Cybersecurity is finally garnering attention at the boardroom table, but not necessarily for the right reasons. Plus: Ponemon's "Cost of Data Breach"; D-Link vulnerabilities; NitlovePOS; bad bots.
April 23, 2015
Experts at a Verizon event at RSA Conference 2015 say no data breach response plan is complete until certain human factors are considered.
CISO Get Started
Bring yourself up to speed with our introductory content
CISOs regularly have to present a security assessment report to the board of directors. Expert Mike O. Villegas has some tips to make it more engaging. Continue Reading
The vendor management process can be tricky, especially at the beginning when deciding what to buy and from whom. Expert Mike O. Villegas has some advice. Continue Reading
Learn how the perimeter-based architecture failure, a professional threat economy and greater hacking penalties are driving the need for a next-generation security architecture. Continue Reading
Evaluate CISO Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
David Reis, CISO at Lahey Hospital & Medical Center, discusses important steps a healthcare organization, as a HIPAA covered entity, should take to remain compliant. Continue Reading
Effective security communication to board members is an important way to get cybersecurity on their radar. Expert Mike O. Villegas explains how to make this happen. Continue Reading
When your organization plans out how to handle a data breach, managing public perception should be given special consideration. One piece of advice: Don't play the victim. Continue Reading
Learn to apply best practices and optimize your operations.
Trimming down a security portfolio and budget is a struggle for many security professionals. Here's how to trim security portfolios without affecting security. Continue Reading
Here’s how to conquer the steady stream of new technologies and find the best security tools beyond point solutions. Continue Reading
Security reports are a good way for CISOs to communicate with the board of directors. Here are specific topics that should be included in the reporting. Continue Reading
Problem Solve CISO Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
As assets are moved to the cloud, organizations must take steps to ensure that cloud compliance requirements are upheld by third-party vendors. This is a major undertaking that requires knowledge of federal, state and international law; changing regulations; cloud security; and non-traditional information security controls and best practices. In this issue of Information Security magazine, we look at the shared responsibility model between organizations and service providers to protect data in the cloud.
Many companies have elevated the visibility of the CISO function in response to a series of high-profile breaches. Some organizations are hiring fulltime CISOs for the first time. Others are shoring up their ranks. At mature organizations, it is not unusual to have board-level discussions about cyber-risk oversight, with concerns ranging from assets at risk, to information security responsibility and reporting structures. As the CISO position continues to be defined, we look at the role beyond IT.
Investments in cybersecurity startups are taking off. Driven by CEO and board-level demand for promising technology aimed at protecting corporate networks and sensitive data, investors are pouring money into cybersecurity companies. While most investments are aimed at turning a profit for venture-capital firms, some companies are investing to reap the benefits of working with new technology and influence product development. We look at strategic partnerships and how funding startups can pay off. Continue Reading
An unusual game of musical chairs is unfolding as companies scramble to ensure information security and shore up their ranks to the tune of regulators. Continue Reading
It's the responsibility of security leaders to create a positive work environment for security teams, which can be tough to do in such a demanding field. Here's how. Continue Reading