PRO+ Premium Content/Information Security

Thank you for joining!

Access your Pro+ Content below.

February 2018, Vol. 20, No. 1

CISOs map out their cybersecurity plan for 2018

This article is part of the Information Security issue of February 2018, Vol. 20, No. 1

When Omar F. Khawaja compiled his priority list for 2018, he didn't include which security technologies he wanted or how many IT staff he hoped to hire. Instead, the CISO at Highmark Health -- a healthcare management and insurance provider whose portfolio includes Allegheny Health Network, United Concordia Dental and Visionworks, among others -- articulated an overarching strategy on how the cybersecurity plan should fit within the national organization's business strategy. "While I do realize that I will need technology to enable many of the things I'm trying to do [this] year and going into 2019, my goal isn't to deploy technology, but to realize certain outcomes," said Khawaja, who works out of Highmark's Pittsburgh headquarters. Khawaja broke his cybersecurity plan down into five key areas of focus. First, he wants to look at how his team makes decisions. "There are always more opportunities to make more impact and add more controls than there are the resources and time to do so," he said. "So how do we create a ...

Access this PRO+ Content for Free!

You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login above.
Please provide a Corporate Email Address.
You forgot to provide your first name.
You forgot to provide your last name.
You forgot to provide a job title.
You forgot to provide a company name.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Features in this issue

CISOs map out their cybersecurity plan for 2018
by Mary K. Pratt
What's on the short list for enterprise cybersecurity programs in the coming year? As attack vectors increase -- think IoT -- we ask information security leaders to discuss their plans.
David Neuman: The CISO position and keeping the cloud safe
by Alan R. Earls
The Rackspace CISO joined the enlisted ranks in the Air Force, eventually becoming an officer with global responsibilities before moving to the private sector.
GDPR breach notification: Time to focus on the requirements
by Steve Zurier
Some large U.S. companies have been working behind the scenes on GDPR requirements for more than a year, but there's strong evidence that many have not been as diligent.

Columns in this issue

Data protection compliance costs less than noncompliance
by Kathleen Richards
Smaller companies -- with fewer than 5,000 employees -- in particular may be hit hard by GDPR requirements and other data compliance hurdles. A new report does the math.
Fred Cohen on strategic security: 'Start with the assumptions'
by Marcus J. Ranum
Cohen is a globally recognized expert in information protection and cybersecurity. Since coining the term 'computer virus,' he has remained a pioneer in information assurance.

View Information Security Archives

Access your Pro+ Content below.

CISOs map out their cybersecurity plan for 2018

Features in this issue

CISOs map out their cybersecurity plan for 2018

David Neuman: The CISO position and keeping the cloud safe

GDPR breach notification: Time to focus on the requirements

Columns in this issue

Data protection compliance costs less than noncompliance

Fred Cohen on strategic security: 'Start with the assumptions'