Edward DeMarco Jr. of the Risk Management Association understands the regulatory challenges financial institutions will face in 2012. But to overcome those hurdles, improved communication is needed across the enterprise.
When the Commonwealth of Pennsylvania suffered a major security breach a few years back, vulnerabilities in a Web application were to blame. CISO Erik Avakian explains how the state developed a process to correct flaws in application code.
It's not a question of if employees will bring their own mobile devices to work and connect to your systems. It's a matter of when. But the benefits of BYOD outweigh the risks, says Malcolm Harkins, CISO of Intel.
Breaches have an adverse impact on the fundamental operations of a business or government and without fully understanding that, executives and managers cannot smartly run their operations successfully.
Regulators push tougher cybersecurity measures. But the challenge for smaller organizations isn't compliance - it's budgets. Wendy Nather of 451 Research defines the 'Security Poverty Line' and what to do about it.
The information security job market is evolving into highly specialized areas, says Eugene Spafford, noted professor at Purdue University. So, how must students now prepare themselves for these new career paths?
A key component of any breach response preparation effort is to make certain that all staff members are trained in who to contact within the organization about a security incident "even if they are not sure whether it's a breach," says Dawn Morgenstern, privacy official at the Walgreens national drugstore chain.