Successful CISOs distinguish themselves by the length of their tenure in the job, which in many cases depends on their ability to communicate with the board of directors and senior managers, says Mat Newfield, CISO of Unisys. And that involves much more than demanding additional money and people.
How can the many job openings for cybersecurity specialists be filled? "Reskilling" can play a critical role, says Greg Touhill, the nation's first federal CISO, who's now president of Cyxtera Technologies. In an interview, he offers a preview of his upcoming presentation at the RSA Conference 2019.
In their first few days on the job, cybersecurity staff should experience both a macro-introduction to the organization as a whole and
a micro-survey of the organization's cybersecurity risk factors, objectives, current threat environment, security program, tools, and
This guide proposes a two-track...
Given current, turbulent conversations around physical and cybersecurity, it's hard to get an exact pulse on the state of the industry and where to start shoring up corporate processes to protect information. But with business and personal safety on the line, it's become increasingly important to be able to identify...
The Forum of Incident Response and Security Teams recently announced the release of new training resources to help organizations build and improve product security incident response teams. Damir "Gaus" Rajnovic of FIRST discusses the global need for these resources.
What advice does the world's first CISO have for the current generation of CISOs? Stephen Katz emphasizes, first and foremost, that cybersecurity must be treated as a business risk management issue rather than a technology issue. He'll be a featured speaker at ISMG's Security Summit in New York Aug. 14-15.
This edition of the ISMG Security Report features Elvis Chan, a supervisory special agent at the FBI, discussing ongoing efforts to thwart Russian interference in the U.S. midterm election this fall, and Alberto Yepez of ForgePoint Capital addressing cryptocurrency security issues.
The Reserve Bank of India issued a notice to all cooperative banks advising them to apply caution while deploying third-party core banking applications and check for appropriate security standards. The move came after credential theft incidents at some banks. But will banks heed the advice?
The Virtual ID system that can be used in lieu of Aadhaar number for identity verification is now operational across banks and enterprises. However, UIDAI has extended its migration deadline to Aug. 31 to enable all organizations to be ready. Experts weigh in on the enterprise readiness for Virtual Aadhaar.
The difficulty in hiring new information security personnel and need to combat the ever-rising number of threats is driving many organizations to seek increased incident response automation, and in many cases to get it by working with managed security service providers, says AlienVault's Mike LaPeters.
Three key challenges facing security practitioners worldwide are visibility, metrics and orchestration, says Vishal Salvi, CISO for India's tech powerhouse Infosys. The threat landscape, rather than compliance, is driving security decisions, he says.
Recent failures of IT systems at some major airports and banks are a reminder that as an organization launches a digital transformation project, or seeks to move more of its processes to the cloud, those efforts won't necessarily proceed smoothly or securely, says Skybox Security's Justin Coker.
The latest challenge to face CISOs: Finding the best way to keep their organization secure while at the same time navigating political edicts that may lack any technical detail or present solid facts or alternatives to suspect technology, says Jaya Baloo, CISO of KPN Telecom.