Information Security: Four Ways to Prepare for Cyber Crises

CEB IT

Preventing confidential information leaking into the wrong hands has become high priority for every big company in the past decade. Information “breaches” have never been more costly to companies, or difficult to prevent. Information security staff play a critical role in resolving all these problems. Centrally documenting Information Security’s tribal knowledge helps everyone access important knowledge quickly.

Information Security: What You Should Know About Agile, DevOps, and Continuous Delivery

CEB IT

Information security teams, who themselves are no strangers to a rapidly changing work environment , are under pressure to ensure that all this activity doesn’t result in important confidential data ( itself more valuable than it’s ever been ) leaking out of the company – either from carelessness or criminal intent. 10 Ways Digitalization is Upending Information Security. unfulfilled security requirements) in the past twelve months.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Information Security: The 8 Types of Risk Assessment You Should Know About

CEB IT

For information security teams who are trying to impose order on a huge and complex new risk category , it’s imperative that their colleagues understand the importance of helping with the “risk assessment” they are trying to conduct, and in complying with the results of that assessment. Blog Corporate Data and Information Security Customer Data and Information Security Information Risk Information Technology

The Small Business Guide to Information Security

Galido

Information Technology Blog - - The Small Business Guide to Information Security - Information Technology Blog. Information security is a major issue in the business world, and security breaches cost businesses millions of dollars per year.

The 10th Cyber & Information Security Research (CISR) Conference at Oak Ridge Tn, 7-9 April 2015

CTOvision

The 10th Cyber & Information Security Research (CISR) Conference, 7-9 April 2015, will be held at the Conference Center, 2nd Floor, Building 5200, Oak Ridge National Laboratory, Oak Ridge, Tennessee. The conference brings together cyber security researchers, program managers, decision makers, security vendors, and practitioners to discuss many challenging tasks and novel solutions pertaining to cyber security. By Charles Hall.

The 6 Reasons Employees are Lax about Information Security

CEB IT

Information security teams can spend all the money in their budget on fancy technology but it’s for naught if employees don’t use it. Unsurprisingly then, given the amount of money currently being spent by firms in keeping their data and their systems secure , information security teams have almost doubled their spending on employee awareness in the past three years, from $1,597 per 1000 IT users in 2013 to $3,086 per 1000 IT users in 2016 , according to CEB data.

10 New Information Security Roles for the Digitization Era

CEB IT

High demand and a limited pool of people with the right skills and experience make information security staffing a perennial challenge. Further complicating things is the fact that information security teams have not yet adapted to their changing role in digitizing companies. Digitization requires security staff to play a more diverse range of roles to meet a wider spectrum of demand from the rest of the firm. Product security specialists/managers.

Security Think Tank: Information security professionals have key role in GDPR compliance

Computer Weekly

What is the role of information security professionals in helping organisations to ensure they are compliant with the EU’s General Data Protection Regulation (GDPR) by 25 May 2018

IT Infrastructure: 3 Steps to Respond to Today’s Information Security Concerns

CEB IT

The plethora of recent high-profile breaches , and the funding and attention lavished on information security teams , have forced many IT infrastructure groups – those that are responsible for the company’s hardware, software, networks, data centers, and so on – to reprioritize their strategic plans and focus on information risk management. In fact, the security group is the only part of the infrastructure function where staffing levels are increasing.

Information Security Budgets: More Money and More Staff, But Growth Finally Slowing

CEB IT

Information security functions have become far more important to their companies in the past decade, and that’s reflected in how the resources they’re allocated has grown and grown. Overall, there are a few changes that information security teams should expect in the coming year; the slide below has highlights. Security Staffing and Budget Increases. Security budgets grew an average of 16% in 2016 but are poised to only grow 9% in 2017.

Budget 150

Is Information Security the Right Profession for Me?

Linux Academy

Wondering if information security is the right profession for you? I’ve been working in information security for many years and have had the opportunity to fill a variety of roles. In this post, I’ll fill you in about some of the available jobs in information security and what it takes to succeed in each one. First off, there are many different jobs within information security. Security Analyst (Blue Teamer).

Red Owl Analytics: Enabling information security and compliance teams to proactively tackle insider risk

CTOvision

Red Owl Analytics is a highly regarded provider of a software solution that enables security and compliance teams to proactively tackle their most pressing problem-- insider risk. Their enterprises are awash in data, insider-related security breaches have become a constant, and regulators continue to demand better oversight and surveillance. Guy finished his Army career as a special assistant to the Director of the National Security Agency.

4 information security threats that will dominate 2017

Network World

As with previous years, 2016 saw no shortage of data breaches. Looking ahead to 2017, the Information Security Forum (ISF) , a global, independent information security body that focuses on cyber security and information risk management, forecasts businesses will face four key global security threats in 2017.

Data compliance startup Anecdotes raises $5 million to scale its enterprise platform

Venture Beast

Enterprise-grade data compliance platform Anecdotes raised $5 million dollars to expand its cross-framework IT capabilities to new clients. Read More.

2015 National Chief Information Security Officer Survey

Cloud Musings

Recent cases have highlighted identity theft, the loss of personal financial data, and the disclosure of sensitive national security information. The executive in the hot seat for preventing these failures is the Chief Information Security Officer (CISO). Commissioned by the National Cybersecurity Institute at Excelsior College , this data will be used to develop and publish actionable information for use by the day to day cybersecurity professionals.

Information Risk: Balancing the Good and Bad of Data Analytics

CEB IT

Managers like to talk about the power of data and analysis, and the opportunity it gives them to launch new products and reach new customers. But there’s an opportunity cost to any decision, and the growing sophistication of analytical capabilities also makes it more likely that companies’ and, more importantly, customers’ data can be lost or stolen. Poor security standards across an ecosystem can therefore have trickle down effects to your organization.

The Accellion Data Breach Seems to Be Getting Bigger

GizModo VR

Data breaches have a tendency to grow past initially reported figures. accellion data breach business finance information governance cryptography technology internet articles security security breaches information security data security vulnerability computer security

Report 114

UPS Data Breach

CTOvision

Data breaches have captured the attention of the American media several times this year. Sensitive information at eBay was recently compromised as well, and the re. Company Cyber Security Trends Cybersecurity Data breach Data security Information security Malware Target Corporation United Parcel Service UPS

Data 220

How to secure customer data for SaaS success

CTOvision

Johnson explain how SaaS companies can secure customer data on Help Net Security : Recently, some of the biggest names in SaaS have experienced customer support data breaches. Read Robert C.

.Net 223

Under the AI hood: A view from RSA Conference

Venture Beast

Despite hype around AI and ML in security, the RSA Conference revealed promising developments, like an evaluation system for buyers. Read More.

Top 5 trends for endpoint security In 2022

Venture Beast

Hear from CIOs, CTOs, and other C-level and senior execs on data and AI strategies at the Future of Work Summit this January 12, 2022. Learn more Bad actors continue to capitalize on the widening gaps in endpoint security that all organizations are planning to improve in 2022.

Trends 114

Data-Centric Security and Zero Trust Architecture:

CTOvision

It’s been nearly ten years since John Kindervag first published a paper recommending what he called the “zero trust” model of information security. Cyber Security Disruptive IT information technology National securityThe time had come, he announced, to abandon the idea of unbreakable network perimeters, and to deal with the reality that intruders will inevitably find their way into protected networks. In the […].

Internet Two Seeks Chief Cyberinfrastructure Security Officer

CTOvision

Chief Cyberinfrastructure Security Officer. Position Summary: The Internet2 Chief Cyberinfrastructure Security Officer (CCSO) is the leader responsible for establishing the cyberinfrastructure security strategy and direction for Internet2′s global infrastructure programs. The CCSO provides leadership for the Internet2 cyber security program through strong working relationships and collaboration across the staff and community, including policy and operational areas.

IDG Contributor Network: 3 new information security jobs for the digital enterprise

Network World

The responsibilities of information security are rapidly changing as enterprises digitize. In this new context, information security is expected to take a strategic role by helping business leaders understand the security implications of their digital strategies; support a quicker pace of technology exploitation and experimentation; and govern a larger, more varied project portfolio.

U.S. Federal Investigators Are Reportedly Looking Into Codecov Security Breach, Undetected for Months

GizModo VR

federal investigators are purportedly looking into a security breach at Codecov , a platform used to test software code with more 29,000 customers worldwide, Reuters reported on Saturday.

Survey: Data Breaches Driving Customers Away

CIO Dashboard

According to our new Global State of Information Security Survey 2013 , data breaches are driving customers away from businesses around the world. In conjunction with CIO Magazine and CSO Magazine, we recently surveyed 9,300 c-Suite executives, vice presidents and directors of IT & information security from 128 countries. 52% of executives confessed they have lost customers as a result of inadequate information security.

How OPM Could Have Avoided the Data Breach

CTOvision

Recently, a data breach at the Office of Personnel Management ( OPM ) demonstrated once again the vulnerability of data and how even when an organization has seemingly deployed the right tools, security holes can be exploited to gain access to highly sensitive information. This includes highly sensitive records about individuals with clearances and even information that could expose those living undercover.

Information Risk: How to Manage the Company’s Demand for Your Services

CEB IT

Information security teams face an unprecedented level of demand for their services right now. The strain on the time and resources of information security teams is understandable ( as Yahoo can attest ), and even though their companies are stumping up money, information security budget growth is slowing. Automating operations and governance activities offers the best chance to meet information security demands.

IDG Contributor Network: To improve information security, enterprises and government must share information

Network World

Information security is forever weaved into our daily lives. From the massive data breaches impacting Target, Yahoo and Anthem to IoT-powered DDoS attacks that take down substantial portions of the internet for extended periods of time, information security impacts everyone.

Information Risk: Third-Party Risk Management Is Failing

CEB IT

Information security teams are busier than they’ve ever been and, although they have been given more funds to cope, there is still a great need to prioritize and focus on the risks that are most likely to harm their business. Traditionally, information security teams have administered risk assessments and made decisions about the risk each third party posed based on predetermined levels, but this is no longer sufficient for the four reasons below.

More Questions than Answers from Data Breach Report

CTOvision

The American media has never paid more attention to data breaches and cybersecurity than it does today. Major breaches in the last year  at large companies like Target and eBay  have made information security discussions more worrying and more widespread, albeit still not universally understood. billion user name and password combinations and more than 500 million email addresses, security researchers say  news that should not be taken lightly.

Report 228

The CISO Technology Report: Twice A Week Review For Enterprise Security Professionals

CTOvision

Our site CISOtech.com is a repository of articles and information of interest to enterprise security professionals. Any reporting we do here at CTOvision that has relevance for the CISO is archived at that site, plus evaluations on cyber security technologies of interest. This has become one of our most popular lists, with over 2,000 security professionals subscribing to the report. By Bob Gourley.

Information Risk: 3 Threat Management Trends to Keep an Eye On

CEB IT

Managing the threat of thieves stealing a company’s confidential data is a vastly different battle to the one being waged even five years ago. Although the threat management tools and techniques available to chief information security officers (CISOs) have also improved, this still leaves much to do. However, by the time information security teams respond, attackers have most likely already caused a lot of damage.

Trends 150

Information Risk: Help the Business Rethink How it Exploits its Secrets

CEB IT

Whether it’s product designs, business practices, manufacturing processes, pricing models, or proprietary data, the company assumes that its information security team, processes, and policies will keep the information secret. Organizations spent resources on developing intellectual property (IP) and funding security functions to, among other responsibilities, keep all this IP secret. Implications for the Chief Information Security Officer.

Information Risk: Three Lessons for CISOs from Yahoo’s Rough Six Months

CEB IT

But for now, chief information security officers (CISOs) should take three core lessons on board. The CISO’s role in M&A should expand : When it comes to M&A, most CISOs tend to spend their time trying to get a head start on post-deal integration, revise the information security team’s strategic plan, or assess the acquisition target’s information security practices. Update Information Security’s strategy to support digitization efforts.

Information Risk: Bug Bounties Have Gone Mainstream

CEB IT

As the trickle of companies incorporating digitalization into their corporate strategy turns into a flood, information security professionals are warning anyone who’ll listen about the vast array of products and services that may contain critical vulnerabilities in their software. As the chief security officer at a technology firm in CEB’s networks explained recently, “We have 40 engineers on staff whose sole job is to break software.

Patient Portal Puts a Spotlight on Secure Messaging

CTOvision

Stage 2 requires expanded use of patient portals, as well as implementation of secure messaging, allowing patients to exchange information with physicians regarding their health care. Given the Health Insurance Portability and Accountability Act (HIPAA) requirement for secure communication of Protected Health Information (PHI), a spotlight has been placed on the support for secure messaging. Secure Messaging Requires Authentication and Secure Networks.

AI will transform information security, but it won’t happen overnight

Network World

Machine learning , the most prominent subset of AI, is about recognizing patterns in data and computer learning from them like a human. The idea is the more data you collect, the smarter the machine becomes. Although it dates as far back as the 1950s, Artificial Intelligence (AI) is the hottest thing in technology today.

Gartner Top 9 Security and Risk Trends for 2020

CEB IT

The shortage of technical security staff, the rapid migration to cloud computing, regulatory compliance requirements and the unrelenting evolution of threats continue to be the most significant ongoing major security challenges. Security

Trends 310

Security Think Tank: EU data security principles apply, regardless of Brexit

Computer Weekly

What are the pros and cons of Brexit for information security professionals and data protection

Changing Government Requirement For Market Research to Continuous Market Assessment

CTOvision

And look for our online assessments categorized with the helpful mnemonic acronym CAMBRIC, which stands for C loud Computing , A rtificial Intelligence , M obility , B ig Data , R obotics , I nternet of Things , C yberSecurity. Artificial Intelligence CTO Cyber Security Chief information security officer Chief Technology Officer Computer security Information security information technologyBob Gourley.

3 Ways to Gain Support for Your Security Awareness Training Program

CEB IT

He didn’t click on or download anything he wasn’t meant to — simply previewing an email attachment was enough for hackers to steal a password, gain access to the network and swipe an unknown quantity of data. Download eBook: Top Security & Risk Management Trends 2021. Security

It’s Never The Data Breach, It’s Always The Cover Up

Forrester's Customer Insights

CSOs and CISOs handle sensitive data, make difficult decisions, and consider their responsibility […]. security risk management data breach information security

Data 57