Organizations looking to improve their privacy management in the event of a breach "have to continually plan and prepare," says Nationwide's Chief Privacy Officer Kirk Herath. That means putting into writing a comprehensive plan.
Kirk Herath, Chief Privacy Officer at Nationwide Insurance Companies, has been in privacy management for more than a decade, and he has two main concerns about today's enterprise: Mobile technology and cloud computing.
When it comes to hot topics, they don't get hotter than authentication, cloud computing and IT governance - all of which I've discussed at length in recent interviews with industry thought-leaders. Let's review some highlights from these conversations.
Globally, countries and organizations now recognize the need for a unified approach for managing IT infrastructure services, says Marlin Pohlman of the Cloud Security Alliance. The trick is developing this new set of global standards.
Wire fraud incidents from China prove current security measures, including multifactor authentication, are too easy to bypass. And security pundits say it all points back to why the financial industry needs more guidance about adequate online security.
"On a global basis, countries are recognizing that they need a uniform commercial code, if you will, for data - a unified approach for managing IT infrastructure services," says Marlin Pohlman of the Cloud Security Alliance.
Top executives seek the CISO's advice to help determine whether cloud computing benefits outweigh the risks. Here are the top five cloud security risks and concerns CISOs must discuss with their leaders.
Altra Federal Credit Union developed a calculated strategy before moving to the cloud -- advice all financial institutions should follow, says Brian Boettcher, VP of IT, who shares his lessons learned.
Securing data in the public cloud isn't much different from other types of IT security. "It's the same advice we give for almost any deployment of IT because it is still the right thing to do," NIST Senior Computer Scientist Tim Grance says.
Researchers explore adapting geolocation technology to identify where data reside on the cloud so organizations can comply with IT security laws and regulations, RSA Chief Technology Officer Bret Hartman says.