Menu

Blogs

Showing Blog Posts: 11–20 of 40 tagged CISO

  • CISOs Need a Board Coach

    by Rook Security on January 23, 2015

    Boards are concerned about cybersecurity, specifically about how it impacts their reputation and securities (stock). The CISO is capable of assisting the organization in selecting, deploying, and managing the capabilities to address risks identified by the board. What sounds like a perfect match is often not, as many CISOs don't have the business acumen required to be an active participant in…

  • A Guide for CISOs Concerned About Data Collection

    by Fahmida Y. Rashid on January 22, 2015

    In A CISOs Guide to Principles of Data Privacy and Security, David Sheidlower, a CISO of an international media and advertising firm examines the key issues surrounding data privacy and security. The eBook is currently publicly available on Security Current . The Guide addresses privacy policies, Big Data, consent, governance, and security. In the introduction, Sheidlower quotes Ed Mierzwinski, …

  • InfoSec Needs to Work With Government to Shape New Laws

    by Todd Inskeep on January 21, 2015

    The President’s State of The Union address Tuesday night addressed Information Security for the second time in three years. Two years ago, in 112 words, the President announced the NIST Framework, increased information sharing through executive action, and called for the nation to “face the rapidly growing threat from cyber-attacks.” The threat then was theft of corporate secrets and “real threats…

  • State of the Union Puts Cybersecurity on National Agenda

    by Fahmida Y. Rashid on January 21, 2015

    Buried among the slew of national issues such as equal pay, immigration reform, climate change and Ebola, President Barack Obama spent a few seconds talking about net neutrality and cybersecurity in his State of the Union speech Tuesday evening. While it's nice to see security on the general agenda, it's still too early to know the government's plans. The full paragraph from the State of the Union…

  • Inquiring Minds Want to Know: How Do You Implement Business Security?

    by Christopher Burgess on January 16, 2015

    Business security is not a new concept. Storeowners have alarms, video, and guards to keep the ne'er-do-wells of the world at bay. Corporations that handle money have to worry about embezzlers (does the fact that it is “white-collar crime” mean it is more sanitary as a crime?). And all who handle data must address the business of securing their data. Never Assume The number of data breaches and…

  • Enterprise Software Security: A Confluence of Disciplines

    by Ben Rothke on January 15, 2015

    To date, most software security books have focused solely on writing secure code and educating developers on how to do that. In Enterprise Software Security: A Confluence of Disciplines, authors Kenneth van Wyk, Mark Graff, Dan Peters and Diana Burley take a different, and ultimately necessary approach. Their tactic is that treating software security as an autonomous discipline doesn’t work. With…

  • Lockdown: Information Security Threats on the Edge of 2015

    by John Linkous on December 26, 2014

    As we look forward to 2015, this is a good time to take stock of how the information security threats and attack landscape have been changing. Let’s see: major data breaches at global, brand-name organizations, state-sponsored hacking activity, revelations of our own government's attempts to access personal data. It would be easy to proclaim 2014 as the "Year of the Security Threat," but that's…

  • Three Reasons Why Employees Chafe at Security Policies

    by Christopher Burgess on December 12, 2014

    How often have you heard someone say, "We can't do it that way, because our security policies prohibit . . . " Perhaps they were discussing customer data security and the means to achieve frictionless engagement. Variants of this conversation occur every day, and if you are the chief information security officer (CISO), you need to maintain these policies. Here are three reasons why employees…

  • Your End-of-the-Year Security Checklist

    by Fahmida Y. Rashid on December 5, 2014

    Let's talk about checklists! Specifically, checklists of things information security professionals should complete between now and the end of the year. Slow period? What slow period? The end-of-the-year is a very busy time for IT security. Last minute modifications and additions to next-year's budget are underway, as well as looking at this year's budget and figuring out what else needs to be…

  • Security Reality: Special Challenges in Q4

    by Fahmida Y. Rashid on November 3, 2014

    The end of the year is a busy time for information security professionals. There are a lot of balls to juggle, and our adversaries are poised to attack if we look in the wrong direction. The team behind Target’s data breach last year took advantage of the retailer’s increased traffic volume—both online as well as through its brick-and-mortar stores—to sneak in and infect the point-of-sale…

This document was retrieved from http://www.rsaconference.com/blogs on Tue, 21 Apr 2015 04:18:59 -0400.
© 2015 EMC Corporation. All rights reserved.