Blog Posts Tagged with "Management"
April 06, 2013 Added by:Anthony M. Freed
In a convergence culture, accountability for risk is accepted across the organization, and when that happens, risk management becomes a priority to the business, informing strategy and objectives. By helping identify and mitigate risk across finance, operations and IT, the CISO puts security in context of what could affect profit.
February 12, 2013 Added by:Robert Siciliano
Sometimes it’s the worst things that can happen that become the eye-opening best things that effect positive change. The year 2012 saw numerous high-profile data breaches, epic hacks, full-on hacktivism and lots of major identity theft ring busts.
October 01, 2012 Added by:Tripwire Inc
As security is becoming more important in the overall risk posture of organizations, boards are becoming more interested hearing directly from security executives which requires a different level of communication that CISO/CSOs may not be used to presenting...
September 09, 2012 Added by:Robb Reck
We add new security tools by seldom get rid of the old ones. So, it’s no surprise that when our companies require us to reduce our budgets we don’t really know how to do it. In the face of these tightening budgets we need to adapt and survive. This leaves us with three options...
August 28, 2012 Added by:Tripwire Inc
The common reason to push the security team over to the side or down the org chart is due to a belief that what they do isn’t a core value proposition for the company. By reinforcing the idea that security is low priority it creates impediments for the business and the security team to negotiate risk and work collaboratively...
August 08, 2012 Added by:Robert Siciliano
The CIO has become as important as the CEO. It’s a pivotal position that often can make or break the success of a corporation. As criminal hackers have launched campaigns against numerous organizations, the CIO has become much more than an information officer. They are the guardian of corporate secrets...
August 08, 2012 Added by:Thomas Fox
This is not the problem where the legal department or compliance department is viewed as the Land of No, inhabited by only Dr. No. It is, instead, the perception that legal or compliance simply institutes requirements without even talking to the people they affect the most, the business unit employees...
August 04, 2012 Added by:Richard Stiennon
The company dominates its market and any tweaks to operational efficiencies such as pairing down the product catalog, rationalizing SKUs, normalizing points given to distributors, and optimizing sales, R&D, marketing, and the executive office, will lead to greater profitability and stock performance...
July 30, 2012 Added by:alan shimel
There was a time that Black Hat was where the edge met the establishment, but Black Hat has gone totally corporate and seems to have lost the edge. All of the edge seems to have gone to BSides. I love both Black Hat and BSides and think each needs a little bit of what the other has to be whole, viable and successful...
July 19, 2012 Added by:Ben Kepes
Corporate IT changes dramatically with a move to the cloud – no longer do people need to spend time racking and stacking servers, patching software and other low level tasks – in the long run organizations will not have email server administrators, desktop software support personnel or systems administrators...
July 18, 2012 Added by:Thomas Fox
Compliance is ar form of risk you can measure, evaluate and then manage. If the risk becomes too great, that may create an unacceptable level which your company will not tolerate. One of your key roles of a compliance practitioner is to reduce the level of risk which your company cannot or will not tolerate...
July 15, 2012 Added by:Tripwire Inc
Want to add layers, or change your defense in depth approach? Your Information Systems team is just the beginning. What business unit will you impact? How will they be impacted, and when is the optimum time to do this? Depending on scope, this could even ripple through your business continuity program...
July 09, 2012 Added by:Headlines
"These new members of our vast cybersecurity team bring a wide array of experience and skills. Building on the successes of our strong and robust team, we are taking the DHS cybersecurity program to new levels that will ultimately enhance the security and safety of our nation..."
July 08, 2012 Added by:Robb Reck
Give each system and process a priority rating. The ones with the highest rating get the training, money and man-power assigned to master, maintain and run them. The ones with lower ratings get a project plan set up for decommissioning. As in most things in life, true excellence is in quality, not quantity...
June 28, 2012 Added by:Brent Huston
Malware with comparisons to Stuxnet are all the rage these days. Much of what is in the media is either hysteria, hype, confusion or outright wrong. As an infosec practitioner, your job is to explain to folks in a rational way about the trends and topics in the news carefully, truthfully, and rationally...
May 02, 2012 Added by:benson dana
I once worked at a place where a senior manager collected the passwords of employees. There had been resistance to giving up this policy, and the excuse was that this unit's mission was unique and that this was necessary. How often does the internal auditor hear this excuse?
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015