Menu

Blogs

Showing Blog Posts: 1–10 of 70 tagged Risk Management

  • How to Go From Techie to CISO

    by Tony Kontzer on April 21, 2015

    It hit me like a load of bricks Monday at the RSA Conference in San Francisco: CISOs are following in the footsteps of their CIO brethren. CIOs translated technology's rise in strategic importance to raise their profile within the enterprise. Similarly, CISOs are now taking advantage of the increased scrutiny on the organization's security to raise their profile in the business and gain entry…

  • Pick Out Your Peer-2-Peer Sessions for RSA Conference

    by Fahmida Y. Rashid on April 17, 2015

    If you are interested in sitting in a room digging into a specific security topic with other people, the Peer-2-Peer sessions are for you. The goal is to get peers—people in other organizations with similar job functions and roles—in one place so that everyone can share what they are doing and have learned. Wondering which conversation will be the most relevant to your job role and concerns? We…

  • Don’t Miss Peer-2-Peer Sessions at RSAC 2015

    by Fahmida Y. Rashid on April 15, 2015

    By all means, you should try to attend at least one Peer-2-Peer session while at RSA Conference this year. These sessions let you dig into a specific security topic you care about with your industry peers. It is a great opportunity to learn what other people are doing and walk away with new ideas. Wondering which conversation will be the most relevant to your job role and concerns? We asked each…

  • Which Peer-2-Peer Session at RSAC 2015 Interests You?

    by Fahmida Y. Rashid on April 15, 2015

    Have you checked out a Peer-2-Peer session yet? In a Peer2Peer session, you explore a specific security topic with other like-minded peers and a facilitator. There are quite a few sessions, covering enterprise defense, incident response, and privacy, just to name a few. We asked each session facilitator to provide a short summary to help you decide which session will be the most relevant to your…

  • Measures and Metrics in Corporate Security

    by Ben Rothke on March 18, 2015

    Two of the most famous quotes from Lord Kelvin are “to measure is to know” and “if you can not measure it, you can not improve it”. With that, in Measures and Metrics in Corporate Security, author George Campbell provides a quick and high-level introduction to the topic of metrics and measurement. Campbell is the former Chief Security Officer at Fidelity Investments, where metrics are used…

  • Infrastructure Protection: Plans and Strategies

    by Robert Moskowitz on January 12, 2015

    Modern organizations run on information, and information runs on infrastructure. Protecting that information infrastructure is vital to the organization’s health. Accomplishing effective infrastructure protection requires a broadly coordinated approach. This approach establishes priorities, sets operational goals, and details both human and technological requirements for reducing vulnerability, …

  • The Human Element in the Data Breach

    by Christopher Burgess on November 17, 2014

    We are all familiar with the adage, "to err is human; to really foul things up requires a computer," which implies that the computer may be to blame for many data breach calamities. Alas, it appears the erring human is also culpable. Take, for example, the recent kerfuffle surrounding Apple's iCloud and the compromise of celebrity accounts containing salacious photos. After much slinging of…

  • Security Reality: Special Challenges in Q4

    by Fahmida Y. Rashid on November 3, 2014

    The end of the year is a busy time for information security professionals. There are a lot of balls to juggle, and our adversaries are poised to attack if we look in the wrong direction. The team behind Target’s data breach last year took advantage of the retailer’s increased traffic volume—both online as well as through its brick-and-mortar stores—to sneak in and infect the point-of-sale…

  • Measuring and Managing Information Risk: A FAIR Approach

    by Ben Rothke on October 27, 2014

    If you work in IT, you can’t go a day without some sort of data about information security and risk. Research from firms like Gartner are accepted without question; even though they can get their results from untrusted and unvetted sources. The current irrational panic around Ebola shows how people are clueless about risk. While distressing over Ebola, the media is oblivious to legitimate public…

  • No ROI Means No Priority: The Fallacy of Why Cybersecurity Doesn’t Get the Attention It Deserves

    by Gib Sorebo on October 13, 2014

    For years, cybersecurity professionals and many IT specialties have lamented that our concerns don’t get enough attention and (more importantly) funding from senior management. We complain that we’re relegated to one of many back office functions like procurement, human resources, or facilities, functions that we, ironically, treat with the same level of boredom and disdain that we feel are…

This document was retrieved from http://www.rsaconference.com/blogs on Mon, 27 Apr 2015 20:33:34 -0400.
© 2015 EMC Corporation. All rights reserved.