Information security program management
- March 05, 2015
While regulatory compliance is valuable and necessary for enterprises, cyberthreat experts say a compliance-centric security strategy may leave organizations with few resources to ward off emerging cyberthreats.
- November 10, 2014
At the 2014 Advanced Cyber Security Center conference, industry experts touted the increasing importance of information sharing and incident preparation, yet also admitted both are easier said than done.
- July 29, 2014
Corporate boards have increased their awareness of security issues, but experts say they still lack information security principles.
- July 17, 2014
New Ponemon Institute data shows enterprise executives rarely if ever talk with their security teams, and that threat modeling may be underused.
- May 05, 2014
Experts say the resignation of Target CEO Gregg Steinhafel shows that executives at other companies must now take security seriously -- or else.
- March 12, 2014
Veteran CISOs say Target's move to create and fill its CISO role is a good one, but that can't be the end of the Target security program overhaul.
- November 14, 2013
At the ACSC conference, security leaders from industry and government proposed several new information-sharing models for cybersecurity threat data.
- October 02, 2012
Security expert Jayson E. Street explains why security pros must learn to communicate effectively to gain trust from management and empower employees.
- September 11, 2012
To get executive buy-in, the retailer's risk management program architect had to define success and make sure everyone could speak the same language.
- May 31, 2012
Senior executives may be the most likely to disobey all your hard-won corporate security training. Here are five reasons why.
- May 24, 2012
Editor Eric B. Parizo says controversies involving Oracle security patches and InfoSec World 2012 prove the importance of differing opinions.
- May 17, 2012
CISO responsibilities can be overwhelming, according to a new IBM survey. One solution may be to divide the role into two jobs.
- April 04, 2012
Blunt experts at InfoSec World said enterprise IT security strategy often misses the mark, but some attendees suggested the experts are out of touch.
- December 20, 2011
Legislation is aimed at stopping piracy, but security professionals and industry groups say it could weaken security, hamper innovation and limit competition among small businesses and startups.
- August 02, 2011
A new study by the Ponemon Institute found the cost of cybercrime to enterprises has increased 56% over the previous year.