Menu

Blogs

Showing Blog Posts: 1–10 of 49 tagged CISO

  • Collecting Security Metrics and What They Mean

    by Fahmida Y. Rashid on July 1, 2015

    Perhaps you are in the middle of a security rollout, or have new security initiatives in place. How do you know your project is successful? How do you identify problem spots, the areas which need fine-tuning or modifications? Simply put, what metrics do you have in place to help you understand the project's effectiveness? Measurements aren't supposed to be easy. Threats change on a regular basis, …

  • Peers Share Tales of Cyber-Bullying and Revenge Porn in the Workplace

    by RSAC Contributor on June 19, 2015

    Peer-2-Peer sessions bring together like-minded security professionals into small groups to discuss topics important to them. Larry Dietz, general counsel and managing director of information security at TAL Global, facilitated a P2P discussion about cyber-bullying and revenge porn. In this post, Dietz continues the conversation. The Cyber Bullying and Revenge Porn in the Workplace session was…

  • SOC: To outsource or not to outsource?

    by RSAC Contributor on June 17, 2015

    This post comes from Greg Boison, director of homeland and cybersecurity at Lockheed Martin, who was part of the Transforming SOCs roundtable discussion at the recent Gartner Security & Risk Management Summit. The following is his summary of the discussion. While walking the floor and listening to the sessions at the Gartner Risk and Security Summit, a key issue crystallized for me around Security…

  • Growing Up: A Roadmap to Vulnerability Management Maturity

    by Eric Cowperthwaite on June 8, 2015

    At this year’s RSA Conference, there was strong focus on identifying where your company’s security posture is in terms of maturity. As Brian Krebs touched on in a recent post, there are many different maturity models outlining what your company is doing, and what it should be doing. Of course each company is different, and the path to reducing risk is never a straight line. It is, however, …

  • Security By Any Other Name

    by Wendy Nather on May 21, 2015

    If you went up to a pharmacist and said, “Hi, I need something to cure a case of the APTs,” what do you think she would recommend? A big issue with the security industry has to deal with the way we market and describe security technology. It used to be that products were described by functionality, with point features that were well understood: firewall, anti-virus, anti-spam, web filter, log…

  • CSA Guide to Cloud Computing: Implementing Cloud Privacy and Security

    by Ben Rothke on May 16, 2015

    Full disclosure: this book is sponsored by the Cloud Security Alliance of which I am a founding member. I am also friends with 2 of the authors. Even though cloud computing is mainstream such that even the Federal Government is on board; it’s not necessarily so that it will always make computing cheaper and faster. And all the more so when it comes to security and privacy. The challenge is how to…

  • Next Stop for the CISO: The Office of the CIRO?

    by Tony Kontzer on May 4, 2015

    As if CISOs didn't have enough to worry about already, now we are hearing they should be seriously considering acquiring the skills they need to become the chief information risk officer. Few organizations today have a CIRO, but if the scuttlebutt at the recently concluded RSA Conference is to be believed, they will soon, and CISOs are the logical choices to fill that role. It's reasonable to…

  • Give Boards Metrics They Can Actually Understand

    by Tony Kontzer on April 22, 2015

    Troy Braban was only half-joking with this slide he shared at the RSA Conference in San Francisco: "83.45% of metric presentations at 96.82% of security conferences suck." Fortunately for the the more than 500 attendees who packed his session to hear about security metrics boards actually care about, Braban, the CISO of Australia Post, wasn't talking about himself. The problem most CISOs have in…

  • How to Go From Techie to CISO

    by Tony Kontzer on April 21, 2015

    It hit me like a load of bricks Monday at the RSA Conference in San Francisco: CISOs are following in the footsteps of their CIO brethren. CIOs translated technology's rise in strategic importance to raise their profile within the enterprise. Similarly, CISOs are now taking advantage of the increased scrutiny on the organization's security to raise their profile in the business and gain entry…

  • RSA Conference Preview: Meet Your Guide

    by Tony Kontzer on April 20, 2015

    Hello, RSA Conference attendees. We probably haven't met before; my name is Tony, and I'll be one of your guides throughout this week. I am one of the contributors to the RSAC editorial team, and this year, we are going to take a different approach on how we cover the conference on the blog. This is a change for me, as in the past, I attended as a member of the technology media. As a journalist, …

This document was retrieved from http://www.rsaconference.com/blogs on Wed, 05 Aug 2015 02:24:33 -0400.
© 2015 EMC Corporation. All rights reserved.