Information security program management
- March 24, 2020
What's happening at the 2020 RSA Conference? Our team keeps you up to date with pre-conference coverage and breaking news from the infosec world's biggest event.
- August 14, 2019
Learn the latest from this year's Black Hat conference, Aug. 3 to 8. Our team is in Las Vegas to report on what's new in information security risks, trends and defense tactics.
- May 01, 2019
Why worry over Huawei? A U.S. ban of this Chinese company's products should remind CISOs that now is the time to consider security issues related to the rollout of the 5G network.
- March 07, 2019
Find out what's happening at the at the 2019 RSA Conference in San Francisco, the information security industry's biggest event, with breaking news and analysis by the SearchSecurity team.
- November 08, 2018
This week's Risk & Repeat podcast discusses the MIT CSAIL Securing the Enterprise conference and how experts there advocated for new strategies and approaches to infosec.
- June 25, 2018
Accenture's Tammy Moskites spoke with SearchSecurity at RSA Conference 2018 about the gender gap in the infosec industry and what can be done to close it.
- March 27, 2018
After battling the fallout from an Atlanta ransomware attack for five days, Mayor Keisha Bottoms said City Hall has finally begun to recover and turn systems back on.
- June 13, 2017
Recently, SearchSecurity editorial director Robert Richardson checked in with (ISC)2's CEO David Shearer as the organization prepares for its fall Security Congress.
- December 02, 2016
A new survey uncovered confusion in the C-suite about governance, risk and compliance responsibilities and which security compliance requirements may affect companies.
- March 01, 2016
Many companies become aware of a security event but take hours or days to perform triage and finally remediate it. Incident response procedures can vary based on the organization, and the type of security incident, which could involve DDoS attacks, ...
- July 29, 2015
Video: Security operations centers are critical to continuous network monitoring and detecting data breaches. Eric Cole discusses SOCs and the role security automation plays in them.
- June 12, 2015
News roundup: The call for ubiquitous HTTPS has grown stronger as of late; the White House and Apple are hoping to help push the movement. Plus: The cost of cybersecurity management to rise 38%; a 165% ransomware increase; gender salary gap closes?
- May 29, 2015
News roundup: Cybersecurity is finally garnering attention at the boardroom table, but not necessarily for the right reasons. Plus: Ponemon's "Cost of Data Breach"; D-Link vulnerabilities; NitlovePOS; bad bots.
- May 15, 2015
News roundup: Microsoft released security details of its new Edge browser, but is enough to restore user confidence? Plus: Millennial security threats; new ransomware, GPU-based malware; black hat cybersecurity services.
- April 28, 2015
A panel discussion at RSA Conference 2015 outlined strategic methods enterprises can use to build and advocate for an insider threat program.
- April 23, 2015
Executives now listen to their security managers but experts speaking at the RSA Conference 2015 say infosec leaders must learn business security skills and think long term.
- March 05, 2015
While regulatory compliance is valuable and necessary for enterprises, cyberthreat experts say a compliance-centric security strategy may leave organizations with few resources to ward off emerging cyberthreats.
- November 10, 2014
At the 2014 Advanced Cyber Security Center conference, industry experts touted the increasing importance of information sharing and incident preparation, yet also admitted both are easier said than done.
- July 29, 2014
Corporate boards have increased their awareness of security issues, but experts say they still lack information security principles.
- July 17, 2014
New Ponemon Institute data shows enterprise executives rarely if ever talk with their security teams, and that threat modeling may be underused.
- May 05, 2014
Experts say the resignation of Target CEO Gregg Steinhafel shows that executives at other companies must now take security seriously -- or else.
- March 12, 2014
Veteran CISOs say Target's move to create and fill its CISO role is a good one, but that can't be the end of the Target security program overhaul.
- November 14, 2013
At the ACSC conference, security leaders from industry and government proposed several new information-sharing models for cybersecurity threat data.
- October 02, 2012
Security expert Jayson E. Street explains why security pros must learn to communicate effectively to gain trust from management and empower employees.
- September 11, 2012
To get executive buy-in, the retailer's risk management program architect had to define success and make sure everyone could speak the same language.
- May 31, 2012
Senior executives may be the most likely to disobey all your hard-won corporate security training. Here are five reasons why.
- May 24, 2012
Editor Eric B. Parizo says controversies involving Oracle security patches and InfoSec World 2012 prove the importance of differing opinions.
- May 17, 2012
CISO responsibilities can be overwhelming, according to a new IBM survey. One solution may be to divide the role into two jobs.
- April 04, 2012
Blunt experts at InfoSec World said enterprise IT security strategy often misses the mark, but some attendees suggested the experts are out of touch.
- December 20, 2011
Legislation is aimed at stopping piracy, but security professionals and industry groups say it could weaken security, hamper innovation and limit competition among small businesses and startups.
- August 02, 2011
A new study by the Ponemon Institute found the cost of cybercrime to enterprises has increased 56% over the previous year.
- June 27, 2011
Can CISOs turnaround IT security programs to be more proactive? Experts say many programs are frozen in a reactive mode.
- June 23, 2011
SearchSecurity.com's "Eye On" series examines a security topic each month. In June, the series explores cloud contracts, compliance demands, security awareness and risk-based decision making.
- February 17, 2011
Bridging the chasm between information security and utility infrastructure teams is the only way to solve smart grid security issues. Fortunately, NERC CIP compliance is forcing change.
- August 30, 2010
Senior Site Editor Eric B. Parizo says infosec pros need to participate in the public dialog for the good of the industry and offers harsh words for companies who silence their own security talent.
- November 16, 2009
As companies shave operational costs by hiring more remote workers, IT security teams should plan to protect sensitive data being used by a highly mobile workforce in 2010.
- November 09, 2009
Security threat reports help drive security vendor business, but they can also provide some useful information for IT security pros.
- April 21, 2009
Columnist Eric Ogren says IBM's announcements at the 2009 RSA Conference should remind security pros that security should be built into business initiatives rather than layered on as an afterthought.
- February 21, 2008
The national security anxieties that caused the collapse of a merger deal between 3Com, Bain Capital and a Chinese company were warranted, most industry experts say.
- May 12, 2005
In the heavily regulated world of financial services, security policy compliance is paramount. In this interview, MassMutual Financial Group CISO Bruce Bonsall relays the process his organization uses to ensure that security is factored into every ...
- January 20, 2005
If you're among the growing number of enterprises planning to merge IT and physical security resources and budgets, you need to read this.
- January 20, 2005
Guidelines to help merge physical and logical security.
- June 25, 2003
Who's Who in Infosec is an ongoing series featuring profiles of security professionals and their contributions to the industry.
- April 01, 2003
In the wake of an incident, CISOs should make the most of the opportunity to increase information security budgets.
- October 21, 2002
Current chief security officers and consultants offer their opinions on how a security officer should function and on how technology savvy the CSO should be.
- June 12, 2002
Quantifying security ROI hefty challenge for ITq
- April 15, 2002
Measuring security ROI a tall order
- September 29, 2000 29 Sep'00