July 31, 2017
Lev Lesokhin encourages CIOs to shift cyber security efforts left -- to the development process. He explains what he means in this SearchCIO video interview.
May 23, 2017
This year was the 10th anniversary of the annual Eskenzi PR IT Analyst and CISO forum. The latest event took place in the immediate aftermath of the WannaCry ransomware outbreak. Proceedings were ...
May 12, 2017
The Trump cyber executive order arrived, with a focus on cyber-risk management and reports. But key details are missing in terms of implementing changes.
February 22, 2017
One expert warned there can be a disconnect between what security remediation means to CISOs and what researchers announce because of divergent objectives.
CISO Get Started
Bring yourself up to speed with our introductory content
With years of cybersecurity and military IT experience, the District of Columbia's first information security officer brings a well-developed toolkit to the job. Continue Reading
With digital transformations underway in many industries, CIOs aren't the only ones who need to have the next big thing on their radar. What security innovations should you follow to ready your organization's information security programs?
The internet of things is both a security threat and potentially a security boon. Big data, machine learning and a growing number of systems with pseudo artificial intelligence may help ease the workloads of security analysts. Bitcoin's distributed database technology known as blockchain can add security to a variety of systems, but scalability remains an early concern. Quantum computing? That one may be too far out -- five years at least -- to be considered a near-term technology disruptor to enterprise information security programs.
Whether your organization is focused on manufacturing and infrastructure -- such as industrial control systems -- or consumer and information technology -- such as the internet of things -- everything is rapidly becoming connected and potentially accessible from the internet. Many information security programs are not on track for the internet of things, complex clouds and other technology disruptors. We dust off the crystal ball in this issue of Information Security magazine and ask infosec experts and venture capitalists to look into the future.Continue Reading
When we asked CISOs and venture capitalists about disruptive technologies that could transform enterprise security models -- and how to prepare for them -- a few trends stood out. Continue Reading
Evaluate CISO Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Nexsan's Gary Watson explains that the GDPR right to be forgotten will be an important piece of the compliance picture and means deleting data securely, completely and provably when customers ask for it. Continue Reading
Most cloud access security brokers offer CISOs a way to set policy and gain better understanding of multiple cloud services and data in use across the enterprise. As CASBs have gained momentum in recent years, use cases for them have expanded. Do these tools fill the gaps around visibility and control of software as a service and other cloud services?
Although cloud service visibility and data leak protection continue to be the biggest drivers, cloud access security brokers can do more than just help with your shadow IT problem and unsanctioned application activity in the cloud.
Organizations are increasingly looking to use cloud access security brokers to identify anomalies in data movement between on-premises and cloud apps as well as multiple cloud services. Malware identification and encryption of data have become important. More enterprises are also beginning to use CASBs or similar intermediary security technologies to provide some level of security policy management for custom identity-as-a-service platforms.
In this issue of Information Security magazine, we look at cloud access security brokers and the best ways to evaluate new models, such as infrastructure as a service and platform security.Continue Reading
An early career as a geologist helped the veteran financial services CISO thrive in the security field. The CISO role is now broader than technical functions, he says. Continue Reading
Learn to apply best practices and optimize your operations.
Securing the digital enterprise is becoming increasingly complex, but companies should not forget the cybersecurity basics and tap into the power of its available technology, people and processes. Continue Reading
Connectivity has created new threat landscapes, but iRobot CISO Ravi Thatavarthy says it's important to remember fundamental IT security principles when it comes to security in IoT devices. Continue Reading
IT security chiefs and people who handle risk need to have clear communication if they want effective cyber-risk management, MIT's Michael Siegel says. Continue Reading
Problem Solve CISO Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
The new CISO at Delta Air Lines earned her wings by sticking with security from the start. As the airline industry faces new challenges, Deborah Wheeler takes on a leadership role. Continue Reading
Security vendor hype is a problem CISOs often have to deal with. Expert Mike O. Villegas discusses some ways to cut through the hype and make smart purchasing decisions. Continue Reading
Healthcare organizations need to connect procurement and cybersecurity to avoid common mistakes that could compromise medical device security, says a healthcare CISO. Continue Reading