Menu

Blogs

Showing Blog Posts: 1–10 of 63 tagged CISO

  • Security Planning for the Year Ahead: Are You Hoarding Big Data?

    by David Needle on January 25, 2016

    Another year, another round of threats and challenges you find facing all of you responsible for security at your company or organization. While it’s impossible to anticipate all threats in the ever-changing security landscape, there are steps you can take to be better prepared—if not also proactive—for what’s to come in 2016 and beyond. In the first of a three part series, I want to share…

  • Essential Cybersecurity Science: Build, Test, and Evaluate Secure Systems

    by Ben Rothke on January 19, 2016

    Anyone who has spent time in the information security industry knows what while there is good data around; there is a lot to be desired in terms of empirical and measurable information security data. There’s too much marketing hype, combined with firms who often don’t know how to make sense out of their own data. In Essential Cybersecurity Science: Build, Test, and Evaluate Secure Systems…

  • Your Security Resolutions for 2016

    by Wendy Nather on January 14, 2016

    We start the New Year with the best of intentions. We're going to join an ISAC and work out every day; consume only healthy and organic data; clean out our overstuffed Hadoop clusters and get rid of that out-of-fashion data; and measure our performance to match our goals. Oh yes, and we're going to stay within the security budget. But making lifestyle changes is hard, especially in security, where …

  • The CISO's End-of-Year Questionnaire: How Do You Show Security Success

    by RSAC Contributor on December 28, 2015

    With the end-of-the-year looming, CSOs/CISOs have to update the Board of Directors on how the company fared security-wise over the past year. Todd Feinman, CEO and founder of data management company Identity Finder, provides a checklist to guide that conversation. How do CSOs show security successes? The end of year boardroom discussion will focus primarily on 5 principal questions: 1. Were there…

  • The Security Reading Room: The Best Information Security Books of 2015

    by Ben Rothke on December 23, 2015

    There were a lot of good information security books that came out in 2015, and many that were not worth reading. The following books stand out as the best, listed in no particular order: Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World: Bruce Schneier could have justifiably written an angry diatribe full of vitriol against President Obama, his administration, and…

  • Security Operations Center: Building, Operating, and Maintaining your SOC

    by Ben Rothke on November 30, 2015

    Large enterprises have numerous information security challenges. Aside from the external threats; there’s the onslaught of security data from disparate systems, platforms and applications. Getting a handle on the security output from numerous point solutions, generating millions of messages and alerts daily is not a trivial endeavor. As attacks becoming more frequent and sophisticated and with…

  • Insuring Cyber the Same Way as Natural Disasters

    by Rook Security on September 30, 2015

    There is no doubt that cyberinsurance is a fast-growing product with an important role in our current landscape where security breaches are happening at a breakneck pace. And many claim the market is nowhere near fully saturated...lots of companies remain unprotected. Most every Risk Manager has a disaster plan for what we typically think of as natural disasters: hurricane, fire, even polar…

  • You Can’t Squeeze Blood From a Turnip

    by Tony Bradley on September 23, 2015

    You’ve probably heard the phrase “You can’t squeeze blood from a turnip,” before. The point is that no amount of begging, coercing, pushing, or otherwise coaxing something can yield results if those results simply aren’t possible. Many organizations, however, hand a proverbial turnip to the CISO and expect blood in return. Executive management or the company board have expectations for the CISO. …

  • What Do Companies Expect From a CISO?

    by Tony Bradley on September 15, 2015

    The role of CISO is an important one. It must be. It has Chief right in the title. The question, though, is what exactly does a company expect a CISO to do? You can’t meet or manage expectations if you don’t know what they are, and there’s a good chance you won’t keep your CISO job very long if you can’t meet expectations. A CISO is responsible for securing and protecting information assets but…

  • Taking Responsibility for Information Security

    by Tony Bradley on September 9, 2015

    It’s impossible for any one person to manage every aspect of securing the network, endpoints and data of an entire organization. The top of the security chain of command in most cases is the Chief Information Security Officer, though, so ultimately that responsibility falls on the shoulders of the CISO. Security is everyone’s job. Each and every employee within a company has to have some basic…

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 06 Feb 2016 08:32:46 -0500.
© 2016 EMC Corporation. All rights reserved.