Information security functions have become far more important to their companies in the past decade, and that’s reflected in how the resources they’re allocated has grown and grown. Blog Budgeting and Planning Information Risk Information Technology Manage Your People MORE

Companies’ information security teams are under more demand than ever and, worse, they need to staff a host of new roles to cope with that demand. Information security teams will benefit greatly from seeking out a more a more versatile range of backgrounds, experiences, and perspectives. MORE

Whether it’s product designs, business practices, manufacturing processes, pricing models, or proprietary data, the company assumes that its information security team, processes, and policies will keep the information secret. Implications for the Chief Information Security Officer. MORE

While working on the Windows 10 upgrade project, I ran into a situation which I needed the information from an MSU file for the task sequence. Specifically, I needed the KB number. MORE

Organizations need to start thinking about information security as an element that enables businesses, facilitating increased competitive advantage that allows them to manage risk and protect all of the dollars that have been spent on creating a brand. MORE

Most people think of risk quantification as the practice of assigning a dollar value to information risk, but even ranking different types of risk into an ordinal scale (first, second, third, etc) involve a degree of quantification. MORE

The way companies create, sell, and market products, and run the operations to do so, is increasingly based on the use of technology and digital information (see chart 1), and this trend of digitization will only continue more quickly across the next five years. MORE

If you own a business, you know all too well the importance of securing not only your personal information but also the information obtained from your clients. Technology lets you create huge files and store an unbelievable amount�of information that you can easily access with a simple push of a button. Unfortunately, there are those out there who prey on businesses, especially small businesses that MORE

A long while back, I wrote a speculative post around what I dubbed " information logistics " -- the disciplines associated with getting the right information in the right place at the right time -- and at the right cost. For starters, we''re starting to use information differently.  MORE

Information security teams can spend all the money in their budget on fancy technology but it’s for naught if employees don’t use it. Blog Collaborate Across the Organization Information and Data Risk Management Information Risk Information Technology MORE

The network is the enabling capability for “Always-on” and serves as a foundational element to the convergence between information technology (IT) world and telecommunications (telecom). MORE

Don’t (just) focus on new technology : Infrastructure organizations continue to increase their spending on information security solutions as their primary strategy for improving security. MORE

But for now, chief information security officers (CISOs) should take three core lessons on board. CISOs also play a critical role in helping the senior M&A team understand how information risks associated with M&A can manifest as business risks with poor financial outcomes. MORE

Although the threat management tools and techniques available to chief information security officers (CISOs) have also improved, this still leaves much to do. However, by the time information security teams respond, attackers have most likely already caused a lot of damage. MORE

In this age of digital transformation, it is obvious that the information assets of an organization are increasing, but putting a value on something so seemingly intangible isn’t easy – especially as information is fluid and doesn’t behave like other assets. The way we view information has changed forever. Many enterprises believe that the data and information they hold on customers and prospects is key to the success of the business. John Mancini. MORE

An information-sharing enclave is a group of users, organizations, or systems who need to share information, along with the rules and protocols used to make this sharing possible. One example of an information-sharing enclave is a Navy Carrier Strike Group, or CSG. MORE

If you missed my appearance on CXO Talk on Friday, here is your chance to catch up! Thanks to Michael Kringsman for having me on the show! MORE

High demand and a limited pool of people with the right skills and experience make information security staffing a perennial challenge. Further complicating things is the fact that information security teams have not yet adapted to their changing role in digitizing companies. MORE

As a result, chief information security officers (CISOs) are presenting to their Boards on a more frequent basis, for longer at a time, and for the entire board, rather than just a subcommittee. Chart 1: CEB’s information security framework Source: CEB analysis. MORE

In his 1982 book Megatrends, John Naisbitt wrote “We are drowning in information but starved for knowledge.” Today, we are drowning in data and starved for information. Data is useless unless you can convert it to information and ultimately into knowledge. MORE

The goal of the caucus is to inform policymakers of the technological, economic and social impacts of advances in AI and to ensure that rapid innovation in AI and related […]. MORE

Chart 1 below can help with understanding the different types of risk assessment that information security teams need to conduct, and may also help explain the process, and the importance of it, to colleagues. MORE

Information Management makes information available and useful. The problems most organizations have are silo data or outdated information management approach. How to avoid the following pitfalls in order to improve the overall information management effectiveness. MORE

As the trickle of companies incorporating digitalization into their corporate strategy turns into a flood, information security professionals are warning anyone who’ll listen about the vast array of products and services that may contain critical vulnerabilities in their software. MORE

Information security teams face an unprecedented level of demand for their services right now. The strain on the time and resources of information security teams is understandable ( as Yahoo can attest ), and even though their companies are stumping up money, information security budget growth is slowing. Automating operations and governance activities offers the best chance to meet information security demands. MORE

But now information risk teams are automating security governance by providing security capabilities via micro services and APIs. Information security teams like using microservices and APIs because of their simplicity and ease of use. Blog Information Risk Information Technology MORE

Instead of simply conducting due diligence on the immediate vendor, information risk teams should look beyond into as much of the rest of the supply chain as necessary (see chart 1). MORE

10 Ways Digitalization is Upending Information Security. A recent survey of around two dozen heads of information security produced a useful overview of the nature of this problem and how some of the world’s most forward-thinking teams are responding. MORE

The Information Security Profession – Where do I Start? I am often asked by individuals to provide advice or guidance on how to get started in the field of information security. MORE

Information security teams are busier than they’ve ever been and, although they have been given more funds to cope, there is still a great need to prioritize and focus on the risks that are most likely to harm their business. MORE

The larger that your company grows, the more vital that it is for all the information your company processes to be properly organized at all times. Information organization quality is directly correlated with just how actionable the information is. Accurate information organization puts your company in the best position to develop fully customized white label […]. MORE

A trend we have noticed in engagements across multiple sectors of the economy is an absolute thirst for information on best practices for protecting information at home. Every employee of every company, from the most senior executive to most junior intern, is now leveraging advanced interconnected technologies in amazing new ways at home. In doing […]. CTO Cyber Security News MORE

Preventing confidential information leaking into the wrong hands has become high priority for every big company in the past decade. Information “breaches” have never been more costly to companies, or difficult to prevent. MORE

The Internet of Things (IoT) has quickly become the next “be all to end all” in information technology. Despite these current challenges, the blending of Things and cloud computing can deliver real value today in the creation of “Information Excellence”. MORE

The sales process has undergone a sea change under the influence of the web and the flood of information available on it. In fact given the ease of obtaining information, it is not uncommon for the customer to know more about competing products than the salesman. Potential customers can easily research products and services before contacting a company. MORE

Information security is continually moving up business and board agendas, but information security professionals find it challenging to help business leaders to understand fully the cyber risks across increasingly digital businesses MORE