Security Experts:

Management & Strategy
long dotted


Despite all the spending on cybersecurity, attackers are the ones winning the security war. And unless things change dramatically on the defense side, the situation will get far worse, was the grim conclusion RAND Corporation researchers drew in their latest report.
DigiCert has acquired the CyberTrust Enterprise SSL business from Verizon Enterprise Solutions.
Fortinet announced that Judith Sim, chief marketing officer (CMO) at Oracle, is joining Fortinet's Board of Directors.
Rapid7 has filed an S-1 registration statement with the Securities and Exchange Commission for a proposed initial public offering (IPO) and is looking to raise roughly $80 million.
The US government agencies that defend the nation are in the midst of a charm offensive -- trying to win over the hearts and minds of Silicon Valley's tech workers.
Following disclosures of devastating breaches of US government computer networks, officials told lawmakers even more intrusions may be discovered with investigations and deployment of new security tools.
Size and geographical location don't matter when it comes to the maturity of an organization's security program, according to RSA's inaugural Cybersecurity Poverty Index.
According to a new study from the Ponemon Institute, IT security and IT leaders and their staff do not see eye to eye on security objectives.
Cyber risk intelligence company SurfWatch Labs launched SurfWatch Cyber Risk Cloud, an offering that allows organizations to compare their “evaluated cyber event data” to other sources of intelligence.
U.S. Office of Personnel Management (OPM) warned that hackers may have accessed the personal data of roughly four million federal employees.

FEATURES, INSIGHTS // Management & Strategy

rss icon

Mark Hatton's picture
Unfortunately, when it comes to security, what you’ve accomplished means very little. It’s all about where the vulnerabilities still exist.
Jason Polancich's picture
With your own internal cyber bounty program designed to reward your best assets at their positions, you can begin to see real results against attackers and build a team that will compete over the long haul.
Alan Cohen's picture
Today’s network perimeter is increasingly not a single physical or virtual place, yet much of the industry debate is still focused on the perimeter.
Rafal Los's picture
What does “good enough” security mean to you? When you decide that you know what good enough means, you then have to be able to defend it.
Joshua Goldfarb's picture
It is helpful to understand the mistakes of others and to look at making your organization more attractive to hard-to-find and harder-to-retain analytical talent.
Jason Polancich's picture
Without a solid base in knowing who you are as a target and what’s going on around you at all times, everything else you do is essentially a half-measure.
Travis Greene's picture
No IT organization has a seemingly unlimited budget the way that Team Oracle did in the 2013 America’s Cup race. But look closer at why spending on America’s Cup racing seems so out of control and it starts to look a bit more familiar.
Rafal Los's picture
While serving as a security leader, how often have you heard or have yourself said, “If only the executives would pay attention to me?”
Torsten George's picture
How can companies deal with this challenge and transition to a model that uses more data to assess risks? One way is to implement cyber security operational risk management best practices.
Rafal Los's picture
Security leaders struggle to replicate successes from one enterprise to another largely because they are starting from scratch at every new turn.