Your Next Move: Chief Information Security Officer

Association of Information Technology Professional

This article details the necessary experience and education needed for a career as a chief information security officer

Information Security: The 8 Types of Risk Assessment You Should Know About

CEB IT

“Risk assessment” has become a popular term in business, government, education, and many more places besides. For information security teams who are trying to impose order on a huge and complex new risk category , it’s imperative that their colleagues understand the importance of helping with the “risk assessment” they are trying to conduct, and in complying with the results of that assessment.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The Small Business Guide to Information Security

Galido

Information Technology Blog - - The Small Business Guide to Information Security - Information Technology Blog. Information security is a major issue in the business world, and security breaches cost businesses millions of dollars per year.

Getting started with a career in Cyber Security and Information Security

Doctor Chaos

The Information Security Profession – Where do I Start? I am often asked by individuals to provide advice or guidance on how to get started in the field of information security. Many college students tell me they want to be a hacker, an IT systems penetration tester, or other type of cyber security professional. Cyber InfoSec education infosec security awareness tools training

Information Risk: How to Manage the Company’s Demand for Your Services

CEB IT

Information security teams face an unprecedented level of demand for their services right now. The strain on the time and resources of information security teams is understandable ( as Yahoo can attest ), and even though their companies are stumping up money, information security budget growth is slowing. Automating operations and governance activities offers the best chance to meet information security demands.

Internet Two Seeks Chief Cyberinfrastructure Security Officer

CTOvision

Chief Cyberinfrastructure Security Officer. Internet2® is a member-owned, advanced technology community founded by the nation’s leading higher education institutions in 1996. research and education organizations to solve common technology challenges, and to develop innovative solutions in support of their educational, research, clinical and community service missions. Represents Internet2 cyber security for internal and external communications. By Bob Gourley.

Prepare for The Cyber Threat : What Executives Need to Know to Manage Risk

CTOvision

FBI Director James Comey consistently underscores the threat of cybercrime to corporate America by repeating what security professionals have long known: “there are two kinds of companies in the United States, those who know they have been hacked and those that don’t know they have been hacked.” Conducting a holistic review of the organization to identify areas of vulnerability and improve network security is a proactive measure that no organization should overlook.

Patient Portal Puts a Spotlight on Secure Messaging

CTOvision

Stage 2 requires expanded use of patient portals, as well as implementation of secure messaging, allowing patients to exchange information with physicians regarding their health care. Given the Health Insurance Portability and Accountability Act (HIPAA) requirement for secure communication of Protected Health Information (PHI), a spotlight has been placed on the support for secure messaging. Secure Messaging Requires Authentication and Secure Networks.

The Importance of an Online Encryption Policy

CTOvision

IBM’s latest Cyber Security Intelligence index report shows that: 1.5 There is a 12% year-to-year increase in security events to educate and inform organizations. There are 91,765,453 security events annually. It covers the systematic data management of the company and can also be referred to as information security policy standards when working in an on-premise, cloud, or a hybrid-computing environment.

Things To Do Right Now About Your Cybersecurity Workforce Crisis

CTOvision

Intel Security has released Hacking the Skills Shortage , a report revealing the current cybersecurity workforce crisis. Security and IT teams play important roles, but business leaders from across the organization must be involved to mitigate digital risk. Educate your entire workforce on the nature of the threat, as well as what they need to do to help keep your organization secure. Bob Gourley.

Survey 160

Security industry failing users, says behaviour expert

Computer Weekly

The information security community is failing to educate users in a way that helps then understand cyber threats and change their behaviour, according to consultant Jessica Barker

E-book: Educate Yourself With Dell Insight Partner Views on Cybersecurity

Cloud Musings

Data security breaches and hacker attacks on private businesses , health organizations and government agencies in the U.S. Cybercriminals and hackers walk away with customers’ payment card information and employee data while companies and federal authorities investigate the source of the leaks and spend millions of dollars to repair the harm. Some see these breaches as a threat to national security and in response, the U.S.

Securing your information assets and data, what about your storage?

Storage IO Blog

Securing your information assets and data, what about your storage? Recently I did a piece over at the site Information Security Buzz title How Secure Is Your Data Storage? that takes a cursory look at securing your digital assets from a storage perspective. Keep in mind that data protection can mean many things to different […].

Cybersecurity Mentorship Program Pairs CISOs and Students

SecureWorld News

Each student gets paired with a Chief Information Security Officer (CISO) to test cybersecurity tools for organizations. Featured Security Training Original Content Security EducationIt's like a match made in cybersecurity heaven.

School Gives Malware Infected Laptops to Students

SecureWorld News

BBC News has reported that upon delivery of the laptops to students, teachers began sharing information on an online forum about suspicious files found on laptops that went to Bradford school students. The Department for Education has said that it is urgently investigating this issue.

University of California Employees, Students, Threatened After Breach

SecureWorld News

for secure file transfers and the list of known victims in this breach is growing. The Information Security Office investigated and found that these emails contained a link to a public website where a sample of personal data from UC employees was posted.".

Why CIOs Can't Believe All That They Read About Security Breeches (a chief information officer needs an IT strategy to create IT alignment)

The Accidental Successful CIO

This type of assault has almost become part of the definition of information technology. This means that you can’t afford to let your guard down because in most cases the basic steps that you take to secure the company will be good enough to keep most of the bad guys out. You may not be able to protect the company against an attack by skillful, educated hackers. The importance of information technology to your company is too great.

Cybersecurity Culture: How Princeton University's Security Team Created It

SecureWorld News

When David Sherry became Chief Information Security Officer at Princeton University, he says cybersecurity was done well. "I I don't want you to think security at Princeton was some sort of vast wasteland. I wanted to make security both cultural and programmatic.".

Audit: Schools Hit By Ransomware Had Security Holes

SecureWorld News

This was particularly bad timing for graduating seniors looking to apply to colleges, as they were unable to communicate and receive crucial information to make one of the biggest decisions of their young lives. Featured Education Ransomware Original Content

3 Ways to Gain Support for Your Security Awareness Training Program

CEB IT

Security awareness training plays a vital role in helping employees learn how to identify and prevent this type of attack. It is often seen as a “nice to have,'' but a good training program is a cost-effective way of improving information security risk. Security

The Biggest Opportunities in Tech Careers Today

Galido

Information Technology Blog - - The Biggest Opportunities in Tech Careers Today - Information Technology Blog. There is no secret that the way we use information and technology has changed the way the world works. If you are looking to make your mark in what is becoming one of the biggest and most impactful markets in the world, here are some of the best opportunities for careers within the tech world today: Information Security Analyst.

Best IT and Tech Blogs – Must Read Information Technology Resources 2019

Galido

Information Technology Blog - - Best IT and Tech Blogs – Must Read Information Technology Resources 2019 - Information Technology Blog. Information Technology is constantly changing. Thus it is essential to always stay on top of news and information, whether it be by newsletter, following rss feeds and blogs, tutorials or going back to school. What is Information Technology? Our Information Technology Blog Picks. Security IT Blogs.

Tech Blogs – Best Must Read Tech Resources 2019

Galido

Information Technology Blog - - Tech Blogs – Best Must Read Tech Resources 2019 - Information Technology Blog. Thus it is essential to always stay on top of news and information, whether it be by newsletter, following RSS feeds and blogs, tutorials or going back to school. These areas of tech include general IT and technology, security, IT feeds, cloud computing, data center, mobile, social media, tips and tricks, virtualization, and operating system and software blogs.

Best Tech Blogs – Must Read Tech Resources 2019

Galido

Information Technology Blog - - Best Tech Blogs – Must Read Tech Resources 2019 - Information Technology Blog. Thus it is essential to always stay on top of news and information, whether it be by newsletter, following RSS feeds and blogs, tutorials or going back to school. These areas of tech include general IT and technology, security, IT feeds, cloud computing, data center, mobile, social media, tips and tricks, virtualization, and operating system and software blogs.

7 technologies that CIOs can’t ignore in 2021

mrc's Cup of Joe Blog

Secure portals. With the sudden shift to a remote work environment, many employees didn’t have a secure way to access important files, applications, employee calendars, etc… Companies adopted solutions to bypass these issues, but many were temporary fixes rather than long-term solutions.

Top Tech Websites 2019

Galido

Information Technology Blog - - Top Tech Websites 2019 - Information Technology Blog. Thus it is essential to always stay on top of news and information, whether it be by newsletter, following RSS feeds and blogs, tutorials or going back to school. These areas of tech include general IT and technology, security, IT feeds, cloud computing, data center, mobile, social media, tips and tricks, virtualization, and operating system and software blogs. Security Tech Blogs.

Best IT Blogs – Must Read Information Technology Resources 2019

Galido

Information Technology Blog - - Best IT Blogs – Must Read Information Technology Resources 2019 - Information Technology Blog. Information Technology is constantly changing. Thus it is essential to always stay on top of news and information, whether it be by newsletter, following rss feeds and blogs, tutorials or going back to school. What is Information Technology? Our Information Technology Blog Picks. Security IT Blogs.

Join Women in Cybersecurity This Week in Dallas

CTOvision

The annual WiCyS conference is organized by the Cybersecurity Education, Research and Outreach Center at Tennessee Tech in partnership with a regional university. CyberPoint International is committed to encouraging women to choose and have successful careers in cyber security,” said Sherri Ramsay, Senior Advisor, CyberPoint International and a past WiCyS keynote presenter. Speakers for this year’s event include: Regina Wallace-Jones, Head of Security Operations, Facebook.

7 web application development challenges you can’t ignore

mrc's Cup of Joe Blog

It’s all about speed and security. You must create secure applications efficiently, in hours/days rather than days/weeks. Developers are under more pressure to deliver solutions quickly–without sacrificing function or security. Challenge #3: Security.

Fed Tech Roundup November 23

CTOvision

IG: State lax on information security - FCW.com. Education Department faces tough criticism from Congress on its IT security - FCW.com. The following are some of the hot topics in the federal technology ecosystem (from FedTechTicker.com and TopTechTicker.com ): Fed Tech Ticker. 19 years and counting. Nextgov: Pentagon Launches Self-Confirmation Tool for OPM Hack Victims - ExecutiveGov.

IBM 152

National Cyber Security Hall of Fame Announces 2015 Inductees

CTOvision

14, 2015 /PRNewswire/ -- The National Cyber Security Hall of Fame has released the names of five innovators who will be inducted into the Hall of Fame at its award ceremony on Thursday, October 29 , at the Four Seasons Hotel in Baltimore, Maryland. He leads Microsoft's Security Development Lifecycle team and is responsible for its corporate strategies and policies for supply chain security and for strategies related to government security evaluation of Microsoft products.

7 Key Foundations for Modern Data and Analytics Governance

Smarter With Gartner

Data and analytics assets exist everywhere across an enterprise and vary in nature, so making business decisions based on the assumption that “all information is equal” is no longer a good approach. 5: Consider risk management and information security.

U.S. Federal Agencies Get C- on Cyber Report Card

SecureWorld News

Senators Portman and Peters, who are the Ranking Member and Chairman of the Senate Homeland Security and Governmental Affairs Committee, expressed their concerns and urged everyone in government to listen. Congress should update the Federal Information Security Modernization Act of 2014.".

Good People at @SecureNinja Provide Cyber Kung Fu Certified Ethical Hacker Course Free

CTOvision

SecureNinja has been a force for good in the community for years, providing education and training and contributing to many online and in person events and activities (including FedCyber ). See the video at this link and embedded below: The video here features Secure Ninja TV host Alicia Webb with Tom Updegrove , 8th degree black belt and his student, Larry Greenblatt , 3rd degree black belt for some great discussions and training. Cyber Security Video Security

Course 216

What Does It Take To Become a Computer Security Specialist

Galido

Every day new businesses and organizations that use systems to store important information are formed. This information is vulnerable to hacks and attacks from outside users. The attacks happen in all types of industries, such as financial, military, healthcare, retailers, education, and even in small businesses that keep secure information such as employee or client’s confidential information. This is where the computer security specialist comes in.

Why Are Cybersecurity Professionals Suddenly So Popular?

SecureWorld News

New research reveals cybersecurity professionals are riding a wave of popularity from those outside of the security community. When asked how they view cybersecurity professionals, respondents from outside security voted like this: 71% of participants say they view cybersecurity professionals as "smart, technically skilled individuals". 51% say they think of security professionals as one of the "good guys fighting cybercrime.".

Study 72

Cyber Strategy and the Dunning-Kruger Effect: Could some policymakers be too unskilled to recognize their ineptitude?

CTOvision

Yep, the article points to an interview that Michael Daniel gave to GovInfoSecurity.com in which cites him: Michael Daniel sees his lack of technical expertise in IT security as an asset in his job as White House cybersecurity coordinator. “Being too down in the weeds at the technical level could actually be a little bit of a distraction,” Daniel, a special assistant to the president, says in an interview with Information Security Media Group. By Bob Gourley.

9 New NIST Cybersecurity & Privacy Goals

SecureWorld News

The NIST Cybersecurity Framework (CSF) helps thousands of organizations around the world to better understand and improve their information security posture. It recently announced it is making new, bold pushes relating to information security and privacy for 2021 and beyond.

IPv6 69

What Is CISA Central?

SecureWorld News

Cybersecurity and Infrastructure Security Agency (CISA), CISA Central is as follows: ". The Cybersecurity and Infrastructure Security Agency says CISA Central is offered in addition to its current suite of resources which are designed to help U.S.

The Endpoint Imperative: The Perimeter is Dead; Long Live the Perimeter!

Cloud Musings

The result: Higher productivity, but bigger challenges for security, data protection, and mobile device management. Jackson and Intel’s Yasser Rasheed explore the new normal for security, with a focus on the end users. With me is Yasser Rasheed Director of Business Client Security with Intel. Kevin: This time, however, I'd like to really talk to you about this security perimeter thing. Education is king.

RSA Conference 2015 – San Francisco 20-24 April 2015

CTOvision

Offering five full days of educational training from experienced industry practitioners, the RSA Conference is widely regarded as one of the world''s leading forums for enterprises and technical information security professionals. As the 2015 theme suggests, info security is an ever-changing industry. In order to stay ahead of threats, you need to challenge today’s security thinking. RSA Conference is the industry’s largest global info security event.

10 Top Ways: Building an Effective Cybersecurity Awareness Campaign

SecureWorld News

If these things are true, how do we share information with others in a way that is proven to work and create a culture of security? Security awareness and how you talk about cybersecurity. Because we in security are the only people for who those words have any meaning.

Actions for Internal Audit on Cybersecurity, Data Risks

CEB IT

Evaluate employee security training to ensure that the breadth, frequency and content is effective. Don’t forget to build awareness of common security threats such as phishing. Determine if IT has an approved vendor list for analytics tools and what efforts are being made to educate the business on the use of approved tools. Companies today collect an unprecedented amount of personal information, and the costs of managing and protecting that data are rising.