News Stay informed about the latest enterprise technology news and product updates.

Eye On: CISO Management Issues's "Eye On" series examines a security topic each month. In June, the series explores cloud contracts, compliance demands, security awareness and risk-based decision making.

High-profile attacks, inadequate defenses burden IT security programs
Robert Westervelt, News Director

A plethora of high-profile data security breaches that marred the first half of 2011, and other recent high-profile attacks, such as Stuxnet, Operation Aurora and state-sponsored persistent threats, have dominated the discussion in the information security community. These incidents have highlighted a critical question for nearly all enterprises: How can an organization be more proactive, monitoring the threat landscape for actionable information to improve IT security programs?

eye on CISO Management

While log management, security reporting tools and automated patch management systems can be effective in helping prevent successful attacks and collecting data after the fact, experts say in most organizations a more proactive security program is sorely needed, namely one that get’s employees thinking about risk management to thwart attacks before they infect endpoint machines. But turning around a security program stuck in a reactive mode is easier said than done.

Read the rest of this story: High-profile attacks, inadequate defenses burden IT security programs


Gartner Security Summit attendees on IT security, government issues

In this video (right), Senior Site Editor Eric B. Parizo spoke with two government infosec practitioners about a variety of issues, including risk management strategy, cloud computing security and the consumerization of IT at the 2011 Gartner Security & Risk Management Summit.



Dig Deeper on Information security program management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.