Menu

Blogs

Showing Blog Posts: 1–10 of 23 tagged CISO

  • Three Reasons Why Employees Chafe at Security Policies

    by Christopher Burgess on December 12, 2014

    How often have you heard someone say, "We can't do it that way, because our security policies prohibit . . . " Perhaps they were discussing customer data security and the means to achieve frictionless engagement. Variants of this conversation occur every day, and if you are the chief information security officer (CISO), you need to maintain these policies. Here are three reasons why employees…

  • Your End-of-the-Year Security Checklist

    by Fahmida Y. Rashid on December 5, 2014

    Let's talk about checklists! Specifically, checklists of things information security professionals should complete between now and the end of the year. Slow period? What slow period? The end-of-the-year is a very busy time for IT security. Last minute modifications and additions to next-year's budget are underway, as well as looking at this year's budget and figuring out what else needs to be…

  • Security Reality: Special Challenges in Q4

    by Fahmida Y. Rashid on November 3, 2014

    The end of the year is a busy time for information security professionals. There are a lot of balls to juggle, and our adversaries are poised to attack if we look in the wrong direction. The team behind Target’s data breach last year took advantage of the retailer’s increased traffic volume—both online as well as through its brick-and-mortar stores—to sneak in and infect the point-of-sale…

  • How Savvy Security Leaders Get the Budgets They Need

    by John Dickson on October 15, 2014

    I have been a student of security for nearly twenty years and have paid close attention to how certain security managers were able to secure scarce company resources to build their security programs while others were not. These are security managers in organization that had not yet encountered a major security breach or a similar "near death" experience. To state the obvious, marshaling resources…

  • Getting the InfoSec Budget You Need

    by Fahmida Y. Rashid on October 1, 2014

    There is a tongue-in-cheek saying that goes something like this: How do security professionals get the security budget they want? Wait for a data breach. It's a sad state of affairs that there is a grain of truth to this poor joke. This month, we explore how security professionals can tackle budget planning for next year. Security spending as a percentage of the overall IT budget has remained…

  • Architecting the Cloud: Design Decisions for Cloud Computing Service Models

    by Ben Rothke on September 8, 2014

    Most books about cloud computing are either extremely high-level quasi-marketing tomes (sometimes written by cloud vendors) about the myriad benefits of the cloud without any understanding of how to practically implement the technology under discussion. The other type of cloud books are highly technical references guides, that provide technical details, but for a limited audience. In Architecting…

  • Carry On: Sound Advice from Schneier on Security

    by Ben Rothke on August 11, 2014

    Bruce Schenier has been called an information security rock star. If that’s the case, then Carry On: Sound Advice from Schneier on Security is his greatest hits collection 2008-2013. The roughly 175 essays in the book represent a collection of articles Schneier wrote for this Crypto-Gram newsletter, his blog and other blogs, magazines, newspapers and other periodicals. Some of the articles, such…

  • The Business of Security

    by Christopher Burgess on August 6, 2014

    Some of the most affable salespersons any of us have ever encountered are in the business of selling security. The business of security takes on many personas: technology, intelligence, awareness, knowledge, automation, hardware, software, legal, identity, BYOD, privacy, insider or outsider, risk and risk tolerance, and identity. At the recent RSA Conference 2014, many presentations touched one…

  • A Comprehensive Cloud Strategy for Data Security

    by Robert Moskowitz on August 1, 2014

    As popular as cloud computing has become, and as fast as it continues to grow, it brings with it a whole new set of data security concerns. Without a robust cloud strategy for ensuring security capabilities, cloud computing has little strategic value, particularly since a single data breach can cost an organization far more than it has gained from the advantages of cloud-based data storage. …

  • Security Metrics You Should Be Watching for New Insights

    by David Wallace on June 30, 2014

    It's been more than 15 years since my identity, bank account, and credit history were taken hostage by some folks in the Bronx. By one set of security metrics, last year was a good year because there was no repeat failure. I've used "fraud alerts" on accounts to notify me in case of improper activity and been vigilant about credit reports and monitoring FICO scores, but I don't know if I'm any…

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 20 Dec 2014 12:57:00 -0500.
© 2014 EMC Corporation. All rights reserved.