Luxury retailer Neiman Marcus is searching for its first CISO following the company's major data breach last year. Security experts weigh in on the attributes of ideal candidates and offer advice for how they should tackle the job.
As the cybersecurity skills gap widens, and more jobs are left unfilled, three higher education institutions are implementing innovative programs to help build a pipeline of qualified information security professionals.
The word 'security' takes on a whole new level of importance when you take a job in federal law enforcement. Joshua Belk, CSO of the FBI's San Francisco division, offers career insights for security pros.
Embedding some information security practitioners within business units could help improve IT security awareness in many enterprises, reducing security risk, says Steve Durbin, global vice president of the Information Security Forum.
Conventional wisdom dictates that the high demand for IT security practitioner would cause salaries to rise, perhaps significantly. But a new study by SANS shows only a slight fattening of paychecks for many IT security professionals.
The recent Verizon Data Breach Investigation Report notes more than 16,000 incidents in the past year where sensitive information was unintentionally exposed. "Nearly every incident involves some element of human error," the report notes.
Target needs someone who is up for the challenge of evaluating the entire security landscape of the global retail giant, asking tough questions, making changes to mitigate risk - all to help earn back trust.
To help address the shortage of qualified cybersecurity professionals, (ISC)Â² is offering colleges and universities a variety of assistance with bolstering cybersecurity education and preparing students for certification.
President Obama has reportedly decided that the government shouldn't exploit encryption flaws, such as Heartbleed, in most instances unless there's "a clear national security or law enforcement need." But how should that need be determined?
In many if not most enterprises, the chief information security officer reports to the chief information officer. After all, enterprises cannot function without IT, and security is a support function to safeguard data and systems. Or is it?
Women in information security are becoming even more of a minority because of poor treatment and stereotypes, says Professor Eugene Spafford. What's the cost to organizations, and how can they break the mold?
An analysis of the Target breach prepared for a Senate committee is a political document that might help its patron's agenda but doesn't go far enough to identify technical solutions to help enterprises avoid Target-like breaches.
(ISC)Â² is celebrating its silver anniversary as a global organization educating and certifying information security professionals. What are the key threats and trends driving the profession's future growth?