PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
November 2013 Vol. 15 / No. 9

Executive viewpoint: Mixed messages on software security

(ISC)2 issued their Global Information Security Workforce Study during the RSA Conference  in February; so when their own Security Congress 2013 event opened in Chicago this fall, they were looking for something fresh to say. The solution was a recut of the original data, focusing solely on the responses from the 1,634 respondents "with security executive titles." The results in "A View From the Top: The (ISC)2 Global Information Security Workforce Study CXO Report" largely tracked with the broader Global Workforce Study, but did uncover a strange paradox. The top priority or "concern" was application security, but it also ranked as the lowest priority in terms of time spent. It's a big mismatch, and respondents in this report aren't exactly the slackers in the room. They've been in the security discipline for more than 14 years on average; 12% of them have been at it 25 years or more. They're all C-level, with 57% holding CSO, CISO or CIO titles. They make the big bucks, with a third of them (in the private sector, at least) ...

Features in this issue

  • Virtualization security dynamics get old

    by  Chris Hoff

    Companies have embraced virtualization and cloud computing, but security is still bolted-on. Here's what needs to change.

  • Beyond the Page: Virtual security

    by  Christofer Hoff

    In the November 2013 Beyond the Page on virtual security, Chris Hoff examines the challenges infosec pros face in finding the right security strategy for their enterprise network.

  • Eliminating black hat bargains

    by  Robert Lemos

    Enterprises cannot always keep attackers out of their networks. Instead, defense-in-depth strategies aim to raise the cost to black hats -- in terms of time and money.

Columns in this issue