Your Next Move: Chief Information Security Officer

Association of Information Technology Professional

This article details the necessary experience and education needed for a career as a chief information security officer

The Small Business Guide to Information Security

Galido

Information Technology Blog - - The Small Business Guide to Information Security - Information Technology Blog. Information security is a major issue in the business world, and security breaches cost businesses millions of dollars per year.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The 10th Cyber & Information Security Research (CISR) Conference at Oak Ridge Tn, 7-9 April 2015

CTOvision

The 10th Cyber & Information Security Research (CISR) Conference, 7-9 April 2015, will be held at the Conference Center, 2nd Floor, Building 5200, Oak Ridge National Laboratory, Oak Ridge, Tennessee. The conference brings together cyber security researchers, program managers, decision makers, security vendors, and practitioners to discuss many challenging tasks and novel solutions pertaining to cyber security. Related articles. By Charles Hall.

Your First 100 Days as a New Chief Information Security Officer

Smarter With Gartner

Your first 100 days in the chief information security officer (CISO) role are an opportunity to establish your credibility and elevate the security organization’s internal brand. Download eBook: 2021 Top Priorities for Security and Risk Management Leaders.

3 Ways to Protect Firms’ Information Security as they Digitize

CEB IT

The way companies create, sell, and market products, and run the operations to do so, is increasingly based on the use of technology and digital information (see chart 1), and this trend of digitization will only continue more quickly across the next five years. And digitization, fueled by business-led IT (line managers initiating and funding their own technology projects), places untenable pressure on the way that IT information security teams work.

9 biggest information security threats through 2019

Network World

The information security threat landscape is constantly evolving. To help you navigate the terrain, each year the Information Security Forum (ISF) — a nonprofit association that researches and analyzes security and risk management issues on behalf of its members — puts out its Threat Horizon report to provide members with a forward-looking view of the biggest security threats over a two-year period.

4 information security threats that will dominate 2017

Network World

Looking ahead to 2017, the Information Security Forum (ISF) , a global, independent information security body that focuses on cyber security and information risk management, forecasts businesses will face four key global security threats in 2017. To read this article in full or to leave a comment, please click hereAs with previous years, 2016 saw no shortage of data breaches.

IDG Contributor Network: Cyber crime as a service forces changes in information security

Network World

But for organizations still maturing their defensive measures, here’s what the transformation of cyber crime into an industry means for how you approach information security. To read this article in full or to leave a comment, please click hereCyber crime has been commercialized. Infecting computers with ransomware or using an advanced persistent threat to pilfer intellectual property no longer requires deep technical knowledge.

IDG Contributor Network: 3 new information security jobs for the digital enterprise

Network World

The responsibilities of information security are rapidly changing as enterprises digitize. In this new context, information security is expected to take a strategic role by helping business leaders understand the security implications of their digital strategies; support a quicker pace of technology exploitation and experimentation; and govern a larger, more varied project portfolio. To read this article in full or to leave a comment, please click here

The 15 best cities for information security pay

Network World

To read this article in full or to leave a comment, please click here (Insider Story High-flying salaries in some unexpected places Image by Greg Gjerdingen Before moving to this top city for InfoSec pay, you might want to read the latest John Sanford novel, brace for a bitter cold winter and develop a taste for tater tot hot dish. Yes, that's right, if you want to get the most bang for your InfoSec salary buck, a move to Minneapolis might be in your future.

What it takes to become a chief information security officer (CISO)

Network World

Career Tracker: What it takes to be a chief information security officer. Jeff Foltz did not set out to be an information security professional. To read this article in full or to leave a comment, please click here (Insider Story download. He arrived at his current role as CISO at Fidelity National Financial by making the most of a series of opportunities and constantly building his skillset.

IDG Contributor Network: To improve information security, enterprises and government must share information

Network World

Information security is forever weaved into our daily lives. From the massive data breaches impacting Target, Yahoo and Anthem to IoT-powered DDoS attacks that take down substantial portions of the internet for extended periods of time, information security impacts everyone. To read this article in full or to leave a comment, please click here

AI will transform information security, but it won’t happen overnight

Network World

To read this article in full or to leave a comment, please click hereAlthough it dates as far back as the 1950s, Artificial Intelligence (AI) is the hottest thing in technology today. An overarching term used to describe a set of technologies such as text-to-speech, natural language processing (NLP) and computer vision, AI essentially enables computers to do things normally done by people.

The Accellion Data Breach Seems to Be Getting Bigger

GizModo VR

accellion data breach business finance information governance cryptography technology internet articles security security breaches information security data security vulnerability computer security

Report 110

IDG Contributor Network: How to build a thriving information security function despite the talent shortage

ComputerWorld IT Management

It seems that the industry has reached a nearly unanimous conclusion about a key essential for tight information security -- people. You don't have to look at online job postings for long to recognize that most of the posted IT jobs relate to information security, with employers attempting to fill many such positions to shore up their cybersecurity posture. As an example, following a major security breach at the U.S.

The Dick Jail Is 'Safe' Again, but Use at Your Own Risk

GizModo VR

Last October, security researchers warned that the Qiui Cellmate Chastity Cage had a serious security flaw that could allow hackers to turn a chastity device into a dick jail.

More Questions than Answers from Data Breach Report

CTOvision

Major breaches in the last year  at large companies like Target and eBay  have made information security discussions more worrying and more widespread, albeit still not universally understood. billion user name and password combinations and more than 500 million email addresses, security researchers say  news that should not be taken lightly. A Tweet from Jeffrey Carr, a cybersecurity guru quoted by Mr. Yardon, echoed the articles title.

Report 228

Software Defined Perimeter, Cloud Security Alliance: Coca-Cola Case Study

CTOvision

One of the many topics coved at the event was software defined perimeter and cloud security alliance. Related articles. CTO Cyber Security News Video Bob Flores Chief information officer Chief information security officer CISO Coca-Cola Computer security Internet of Things Sierra Ventures On September 30 th Sierra Ventures hosted their 9th CIO summit in Palo Alto, CA.

Clubhouse Promises to Get Its Security Under Control (Again)

GizModo VR

Clubhouse—the invitation-only audio app best known for courting everyone from Elon Musk to Mark Zuckerberg —has promised to implement new safeguards after suffering its second high-profile security snafu this month.

The CISO Technology Report: Twice A Week Review For Enterprise Security Professionals

CTOvision

Our site CISOtech.com is a repository of articles and information of interest to enterprise security professionals. Any reporting we do here at CTOvision that has relevance for the CISO is archived at that site, plus evaluations on cyber security technologies of interest. This has become one of our most popular lists, with over 2,000 security professionals subscribing to the report. By Bob Gourley.

Continued Controversy over Smartphone Encryptions

CTOvision

With Edward Snowden’s revelations, the myriad of recent information breaches at large corporations, and the extraordinary level of digitalization in our country, the American public has never placed a higher value on cyber security. Director Comey identifies the new features as a marketing strategy targeting a perceived public demand – a marketing strategy with significant and detrimental consequences for national security.

IDG Contributor Network: The devil is in the details: The importance of tight processes to strong information security

ComputerWorld IT Management

To read this article in full or to leave a comment, please click hereHave you ever pulled a policy or procedure down from the internet, changed a few things and called it your own? If not, you are probably one of a small minority. Most of us have done this from time to time, and building on the work of another (assuming of course that it is not copyrighted) is a good way to start, as long as you make the proper adjustments to meet your specific needs. Therein, however, lies the problem. .

How OPM Could Have Avoided the Data Breach

CTOvision

Recently, a data breach at the Office of Personnel Management ( OPM ) demonstrated once again the vulnerability of data and how even when an organization has seemingly deployed the right tools, security holes can be exploited to gain access to highly sensitive information. This includes highly sensitive records about individuals with clearances and even information that could expose those living undercover. Related articles.

IDG Contributor Network: Information security priorities for Trump's administration

Network World

Emphasize that information security applies to all agencies. Ideally, a cabinet meeting for all new secretaries should be held within three months of the inauguration to underscore that information security is essential for all agencies to complete their missions. Even secretaries whose agencies are not typically associated with either information security or IT need to be included. To read this article in full or to leave a comment, please click here

3 steps to improve collaboration between networking and security pros

Network World

(Enterprise Management Associates finds that enterprises are trying to improve collaboration between their network-infrastructure and operations teams and their information-security and cybersecurity teams. To read this article in full, please click here

Survey 115

Kali Project Encryption and Isolation Using Vagrant and BitLocker

Perficient

In this article I will show you how to use my Vagrant Kali Project Setup tool to quickly and easily accomplish the following on your Windows host: Create a project folder that will provide the workspace for a new project. For more information, or for help assessing the security of your web applications, just contact us at Perficient. Imagine that you work on different engagements or projects in which Kali Linux is one of your primary tools.

The biggest risk in cloud computing is not doing it

David Linthicum

The Top 2 high-impact risks of moving to the cloud are related to information security threats. To read this article in full, please click hereGartner’s latest quarterly report “Emerging Risks Report” surveyed 110 senior executives about risk, audit, finance, and compliance at large global organizations. Not surprisingly, they identified cloud computing as the top concern for the second consecutive quarter.

Survey 282

How to password protect PDFs on Macs (for free)

Computerworld Vertical IT

If you are working remotely you may already be using or looking for some way to use password-protected PDFs to help maintain information security. You can use the multi-talented Print dialog to create a secure PDF. To read this article in full, please click here

Beyond Data Protection: Benefits of Good Cybersecurity for Businesses

Galido

Information Technology Blog - - Beyond Data Protection: Benefits of Good Cybersecurity for Businesses - Information Technology Blog. Information security is quickly becoming a critical part of business operations. With more than 70% of your business now stored in the cloud or in a digital form, paying more attention to the security aspect of IT is more of a necessity than an option. Security

Water-authority network upgrade spots problems faster

Network World

The [main treatment] plant was built [about] 15 years ago,” said Kristen Sanders, the authority’s chief information security officer. “So To read this article in full, please click here

Managing compliance is easier in the cloud

David Linthicum

There are cloud systems for PCI compliance (for credit card processing), HIPAA compliance (for health care information security and portability), and Sarbanes-Oxley compliance (for process logging at publicly traded companies), as well as systems to handle similar European regulations. Ensure proper implementation of the security standard that protects customers and businesses from eating costs of credit-card-related financial crime in InfoWorld's PCI Compliance Deep Dive Report. |

Cloud 213

Quarter of firms can't fill open infosec positions

ComputerWorld IT Management

The information security industry hasn't made any significant strides in addressing the workforce shortage, according to a report released this morning by ISACA. To read this article in full or to leave a comment, please click here (Insider Story

IDG Contributor Network: Security talent management for the digitization era

Network World

Stiff competition for talent and a limited pool of security specialists make information security staffing a perennial challenge. Complicating this is the fact that security has not yet adapted to its changing role as organizations digitize. Now more than ever, information security leaders need to understand the new business environment and adapt how they hire, compete for and manage talent for the digital era.

AT&T Becomes the Latest Company Affected by Data Breach

CTOvision

The urgency of improving information security cannot be understated. Since the widely publicized attack on Target Corporation, data breaches have become increasingly common – sensitive information stored with both eBay and the California Department of Motor Vehicles has been compromised in the last six months alone. Demonstrating the usual reluctance to go public with the breach, AT&T did not inform customers of the attack until June. By Shannon Perry.

Are virtual CISOs the answer to your security problems?

ComputerWorld IT Management

Chief Information Security Officers are a relatively rare breed. Information security is, after all, a fairly recent addition to or subset of IT, and while most large organizations now do profess to having a CISO, CSO or head of information security, many still don’t. To read this article in full or to leave a comment, please click here (Insider Story

Security challenge: Wearing multiple hats in IT

Network World

Are you taking on multiple job responsibilities at your company, including some aspects of information security? At many organizations, IT professionals are being asked to handle a variety of security tasks and functions. In a recent online survey of 287 IT and business professionals conducted by CSO, CIO and Computerworld, a majority of respondents (54 percent) said the IT department handles information security at their organization.

Why a security team embraces shadow IT

Network World

But you don't expect such proactive practices from an enterprise's information security team, which a CIO often enlists to place a moat around corporate assets. Mike Bartholomy, Western Union's senior manager for information security. The financial services firm's senior manager for information security says that companies that try to block everything may see it backfire. To read this article in full or to leave a comment, please click here

Is security making the grade? What IT and business pros really think

Network World

Grading on a curve Image by Thinkstock If you sense some discontent in how information security is handled in your company, you're not alone. based IT and business professionals who responded to a recent survey from CSO and its sister sites CIO and Computerworld gave their organizations' security practices a grade of C or below. To read this article in full or to leave a comment, please click here

10 greatest inside security risks

Network World

Internal threats Image by Thinkstock Last year was the worst on record for information security incidents, and the majority of those were due to inside sources, many studies agree. Prime suspects are employees and contractors with privileged user access, says Sam Elliott, director of security product management at Bomgar. Elliott warns that these 10 employees could be your greatest internal security threat.

Study 60

The 15 best job markets for IT security specialists

Network World

Security jobs Image by Thinkstock Information technology budgets are not expected to grow substantially in the New Year, but one area where organizations continue to invest is in information security. That’s a good thing, when you consider that virtually every organization can now expect to experience a security incident of some kind, says nearly every recent study. To read this article in full or to leave a comment, please click here (Insider Story

How to craft a security awareness program that works

Network World

Employees are often considered the weakest link in organizations' efforts to create a strong security posture. Even organizations with security awareness programs in place struggle to instill strong security behaviors. Steve Conrad, managing director of MediaPro , a learning services company that specializes in information security, data privacy and compliance, says organizations can and should do better.

IDG Contributor Network: Top 5 InfoSec concerns for 2017

Network World

Each and every day, it seems, the tech community wakes up to news of another attack on data security and privacy. As IT professionals, we spend our days working to the best of our knowledge and ability to keep company information secure. To read this article in full or to leave a comment, please click hereCloudbleed , WannaCry, ransomware , hackers.

How flexible should your infosec model be?

Network World

Security is a top priority at the Bank of Labor , but the financial institution updates its formal information security policy only once a year, maybe twice, regardless of what's happening in the ever-changing threat landscape. That's not to say that the union bank ignores emerging threats such as new malware variants or phishing schemes, says Shaun Miller, the bank's information security officer.