Blogs

Showing Blog Posts: 1–10 of 25 tagged Business

  • Cyber Security Awareness Month: Engage Your Users

    by Fahmida Y. Rashid on October 21, 2014

    Security professionals should take advantage of Cyber Security Awareness Month to spotlight security initiatives within their organization. Use this month to get the board and C-suite to think about security. This is also a good time to demystify security for your end users. The Department of Homeland Security has conducted a series of events every year in October since 2004 to improve security…

  • No ROI Means No Priority: The Fallacy of Why Cybersecurity Doesn’t Get the Attention It Deserves

    by Gib Sorebo on October 13, 2014

    For years, cybersecurity professionals and many IT specialties have lamented that our concerns don’t get enough attention and (more importantly) funding from senior management. We complain that we’re relegated to one of many back office functions like procurement, human resources, or facilities, functions that we, ironically, treat with the same level of boredom and disdain that we feel are…

  • Security Audit: The Pitfalls of Third-Party Assessments

    by John Linkous on September 9, 2014

    Everyone is aware of last year’s data breach at Target. Millions of records of cardholder data were stolen and Target is still recovering, with current costs at $148 million. What's not well-known, or openly discussed, is the behind-the-scenes conversations the company has had with its PCI assessor and the standards organization. The PCI Security Standards Council (SSC), consisting of major credit…

  • Identity Management and the Cloud: It's Easier Than You Think

    by John Linkous on August 14, 2014

    How do you create an identity management cloud? Identity management (IDM) has in the past hovered on the periphery of information security. No longer. As organizations become more aware of the risks of not keeping track of users, what they access, and what privileges they have, identity management is moving to the forefront. And identity management is not just limited to the largest enterprises, …

  • Security Metrics: How Are You Measuring Security?

    by Joshua Marpet on August 12, 2014

    Do you have an information security practice? How do you measure its effectiveness? By the number of tickets generated? The number of viruses found and stamped out? Or by how quiet it is?—"If they don't bother me, they must be doing their job!" Have the security metrics guidelines changed in the last few years as infosec moved away from a helpdesk mentality, towards a penetration tester's…

  • Blurring the Lines: How CISOs Become True Business Leaders

    by John Linkous on June 25, 2014

    It was interesting to note that this year's RSA Conference 2014 focused on the CISO leader, and how CISOs and other security professionals can expand their roles throughout the organization. The first full day of the conference included a half-day session discussing the many aspects of business that affect CISOs, from audits to understanding employee behavior and dealing with Boards of Directors. …

  • Security Decisions: Changing the Way We Buy Security in the Enterprise

    by John Linkous on June 20, 2014

    When you hear the words "security product procurement," what's the first thing that pops into your head? Many enterprise customers who make security decisions for evaluating and purchasing technology often first think of the competitive landscape: How does one vendor's product compare to another? While this approach has been used since the dawn of commercial security products, there's a better…

  • The Cybersecurity Skills Gap: A Real or Manufactured Crisis?

    by Gib Sorebo on May 5, 2014

    Over the last few years, we’ve been bombarded with messages proclaiming a cybersecurity skills gap and associated statistics of positions going unfilled. For example, Cisco’s Annual Security Report estimated there were more than a million unfilled positions for security professionals world-wide. The Defense Department has said it plans to triple the number of “cyberwarriors” it employs by 2016 to…

  • Privacy in the Age of Ubiquitous Computer Vision

    by Joshua Marpet on April 17, 2014

    With Google Glass, cell phone cameras, hidden cameras, and ever cheaper surveillance cameras, can there truly be user privacy? With Google Glass and facial recognition apps, tagging people can happen at full walking speed, without a pause or possibility of the action being recognized. Is there any parallel in other realms? At one point, a car with an expired registration would only get exposed…

  • CISOs, Business Security, and the Business of Security

    by Christopher Burgess on April 3, 2014

    So you want to be a CISO, really? Business security, or the business of security, has evolved and is evolving, according to Todd Fitzgerald of Grant Thornton International, who shared his thoughts in his RSA Conference 2014 session, "So Why on Earth Would You WANT to Be a CISO?" Fitzgerald captured the challenge facing all who are thinking of moving into the CISO career track when he shared a…

This document was retrieved from http://www.rsaconference.com/blogs on Thu, 27 Nov 2014 18:01:07 -0500.
© 2014 EMC Corporation. All rights reserved.