Security Experts:

Management & Strategy
long dotted


Win prizes and bragging rights by playing in the SecurityWeek Bracket Challenge and making the best predictions in the 2015 Men's NCAA College Basketball Tournament. Register today!
Premera Blue Cross said Tuesday its computer network had been hacked, potentially exposing data from 11 million people.
Data alone presents a few problems, but many of them emerge from a single misguided view – 
that big data is the answer, not part of the answer.
Internet security experts have set up "Project Honey Train" with an online railway control system as bait, hoping to "get inside the heads of cyber criminals" -- but without the real-life casualties.
Mozilla has unveiled a new, cross platform memory inspection library that can be integrated into its Mozilla InvestiGator (MIG) endpoint security system.
IT pros are feeling the pressure to make their organizations more secure and believe their organizations are pushing products out to market before they are security-ready, according to a new survey.
HP Cyber Risk Report 2015 contains more than 70 pages jam packed with data and analysis detailing the threat landscape and how hackers exploit it.
CloudFlare launches new service designed to protect name servers against DDoS attacks and provide global distribution for DNS traffic.
Intel Security has announced a security platform designed to protect both new and legacy infrastructure and new capabilities within the electric power grid.
Enterprise security firm Blue Coat Systems has agreed to be acquired by private equity firm Bain Capital for roughly $2.4 billion.

FEATURES, INSIGHTS // Management & Strategy

rss icon

Marcus Ranum's picture
When you start keeping a long-term data series, remember that you can't change your algorithm for interpreting it on a regular basis.
Joshua Goldfarb's picture
While intelligence is a critical component of a mature security program, it should not drive security. A risk-driven approach provides a much more comprehensive and scientific approach that allows organizations to keep pace with today’s sophisticated threats.
Rafal Los's picture
As long as the “hikers and bear” analogy is told in boardrooms we will have difficulty communicating the value of a proportionate security model where we design security measures for different types of adversaries with different types of objectives.
Nate Kube's picture
Nate introduces various perspectives on cybersecurity as a moniker, shares some illuminating data, and presents a vernacular to move our field forward.
Torsten George's picture
The NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.
Jason Polancich's picture
If used properly, your cyber data itself can be a treasure trove of information that’s every bit as valuable - and effective - as a survey or a focus group.
Marc Solomon's picture
To help CISOs develop a manifesto, these five principles can serve as a baseline as they strive to become more dynamic in their approach to security, and more adaptive and innovative than adversaries.
Joshua Goldfarb's picture
Although home is where the heart is, it’s important to remember not to devote the overwhelming percentage of security resources to your home geographic area if that’s not where the overwhelming amount of your business and its assets are located.
Rafal Los's picture
As a security professional you must know the three categories of threats your organization faces, how to respond to each — and how to expend your resources.
Torsten George's picture
The transition from a compliance-driven check-box approach to a risk-based model, enables businesses to centralize the ongoing definition, evaluation, remediation, and analysis of their risk posture in a closed-loop process.