Security Experts:

Management & Strategy
long dotted

NEWS & INDUSTRY UPDATES

Cyber risk intelligence company SurfWatch Labs has released a new application designed to provide C-level executives and board members with clear information on cyber risks faced by their company.
JPMorgan Chase, one of the largest banks in the United States, has confirmed that its systems were breached this summer.
The 2014 ICS Cyber Security Conference will address real world problems and discuss actual ICS cyber incidents, many of which have never been told before.
Freenode is asking users to change their passwords after some servers have been compromised by an unknown third party.
Veracode has closed a late-stage $40 million funding round led by Wellington Management with participation from previous investors.
Remote connectivity services provider LogMeIn announced the acquisition of Meldium, a startup that specializes in cloud-based single-sign-on (SSO), password management, and identity and access management (IAM) solutions.
Japan's security-conscious government admitted that details about the flight path and exact location of the prime minister's plane had been posted on the Internet for anyone to see.
The first European edition of Suits and Spooks, the cyber security conference that brings together decision makers and influential thought leaders in the industry, will be held in London on September 12. Register now and hold your spot!
Goodwill Industries revealed that some of its customers' payment cards were compromised after the systems of a third-party vendor became infected with malware.
BeyondTrust, a provider of Privileged Account Management and Vulnerability Management solutions, has agreed to be acquired by private equity firm, Veritas Capital.

FEATURES, INSIGHTS // Management & Strategy

rss icon

Danelle Au's picture
Enterprises can gain tremendous competitive advantages by having IT focus on the things that matter – users and information rather than infrastructure maintenance and building.
Torsten George's picture
When an organization is solely focused on strengthening its compliance posture to pass an audit, they primarily look at control failures and gaps and try to mitigate them.
Mark Hatton's picture
You need to identify your security shortcomings before someone else does. Simulate attacks and tests to associate known vulnerabilities, previous attack patterns, and security/network data to identify potential attack paths to your company’s most important data.
Joshua Goldfarb's picture
An organization that keeps records of its security incidents should be able to study that data to understand the top ways in which it is generally becoming compromised.
Jason Polancich's picture
In order to make our ecosystem a safer place for all of us, small and large, the big guys out there are going to have to start - at least in part - handling the security of their small business partners, suppliers and customers.
Adam Ely's picture
Security teams and lines of business have reached a turning point on BYOD. It’s now become more important than ever for the CISO to figure out how to manage risk without inhibiting users.
Torsten George's picture
While the initial investment in a proof of concept can be costly, the end results might not only justify the additional expenses, but in the long-term save you money (and your job).
Mark Hatton's picture
Having a CISO not only solves the diffusion of responsibility problem by putting one person in charge, it also helps to transform the security culture in your organization.
Marcus Ranum's picture
There are two ways to start establishing security metrics. One is what I think of as the “bottom up” approach and the other being “top down”. For best results you might want to try a bit of both.
Marc Solomon's picture
With the right approach to security you can protect your organization’s sensitive information from both insiders and outsiders.