In many if not most enterprises, the chief information security officer reports to the chief information officer. After all, enterprises cannot function without IT, and security is a support function to safeguard data and systems. Or is it?
To boost cybersecurity, senior leaders - whether a CEO, a board member or a government agency director - need to think of information as a critical asset worthy of protection, risk management experts Val Rahmani and Malcolm Harkins say.
The FFIEC just issued new guidelines on DDoS risks to U.S. banking institutions. What is the substance of these guidelines, and how must banks and credit unions respond? Rodney Joffe of Neustar offers advice.
Information security and privacy work in healthcare environments often requires a depth of specialized knowledge and competency that can be validated through the help of professional credentialing, says CISO Sean Murphy.
Even so-called minor breaches can cost organizations nearly $200,000, according to one finding from NTT Group's annual Intelligence Report. Rob Kraus of Solutionary shares the study's insights and advice.
Women in information security are becoming even more of a minority because of poor treatment and stereotypes, says Professor Eugene Spafford. What's the cost to organizations, and how can they break the mold?
Advanced threats are like the weather. Everyone talks about them, but few have a solid defense plan - or even a solid understanding of the threat landscape. Mike Nichols of General Dynamics Fidelis Cybersecurity Solutions offers insight.
An analysis of the Target breach prepared for a Senate committee is a political document that might help its patron's agenda but doesn't go far enough to identify technical solutions to help enterprises avoid Target-like breaches.
Although European Union leaders expressed concerns about the NSA's surveillance programs to President Obama, that didn't prevent the United States and EU from issuing a communique highlighting cooperation on cybersecurity.