Security Leadership

Security Leadership news, information, and how-to advice

now hiring sign
01 stupid title


How to reduce losses caused by theft at POS

Retailers can take steps to try to prevent or at least reduce losses due to theft at point of sale (POS) and shrink.

maze direction

The CSO Security Career Survival Guide

CSO's Security Career Survival Guide

gregg steinhafel

What security leaders need to know about the Target breach settlement

Consider these three points before discussing the Target consumer breach settlement with other leaders

cloud head

Your guide to compliance in the cloud

You can ensure cloud compliance with PCI DSS, HIPAA and other regulatory requirements, but it takes investigation and persistence to get the answers and documentation you need to prove it.

backwards up slide

Working backwards

This article describes the method of "working backwards" to envision a worst case scenario and then systematically place controls in place that would have prevented the worst case scenario from occurring.


‘Compliance fatigue’ sets in

With compliance frameworks expanding, becoming more complicated and covering more things, some organizations say they are overwhelmed with trying to keep up. Experts are sympathetic, but say the alternative is to increase the risk of...

workers overhead

Don't overlook your biggest security flaw -- your talent

What's your best line of defense against cybersecurity threats? Skilled, experienced, highly trained IT talent. Don't skimp on hiring, training and retention, or your business may suffer the consequences.


MongoDB tool vulnerable to remote code execution flaw

MongoDB, one of the Web's leading NoSQL platforms, is a popular alternative to table-based relational databases. One of the GUI tools used to manage MongoDB (phpMoAdmin) has a serious vulnerability that, if exploited, allows an...

8 steps successful security leaders follow to drive improvement

These are the steps successful security leaders follow to reframe their efforts and enjoy the success of an improved program, less stress, and recognition from other leaders

pci security compliance

Verizon report: Security testing compliance down from last year

Compliance rates between audits increased substantially across all PCI DSS requirements except for security testing, according to a report released Wednesday by Verizon. In particular, the ratio of companies compliant on Requirement...

Survey: Infosec pros under increasing pressure, short-staffed

The majority of security professionals, 54 percent, said they were under more pressure in 2014 than the year before, and 84 percent said they needed more staff, according to a report released today

man taking selfie

Six entry-level cybersecurity job seeker failings

Here's how many cybersecurity entry-level job seekers fail to make a great first impression.

security innovation

Security innovation: Where will it come from next?

Innovative security products used to be easy to find, because we all knew where to look. Now, with the market evolution, there are many sources for highly disruptive advanced security products, and they might be found in a place you...

030415blog hillary clinton checks her email

Why the Hillary Clinton email story is a big deal

A security-only look into why using a personal email address for business communication is an all-around bad idea, regardless if you are a CSO or the Secretary of State (but an extremely bad idea if you are the Secretary of State).

big c little c

R.E.S.P.E.C.T.: The way for CISOs to get and keep it

While CISOs have one of the most important jobs in organizations - protecting its digital "jewels" - a survey finds they are not held in high regard by their executive peers. According to those in the field, the way to fix that is to...

job searching akamai

Akamai CSO takes a creative approach to finding security pros

Andy Ellis, chief security officer at Akamai, doesn't try to hire perfect candidates. Here’s why.

job searching

Shortage of security pros worsens

Companies are struggling to hire security pros, which means job options are plentiful for veteran candidates. Cisco estimates a million unfilled security jobs worldwide.

copy machine

What does the collaborative economy mean for information security?

But what if the dynamic changed such that employees could use corporate and office items for their personal profit? Most firms have never thought about the concept and certainly have no processes in place to deal with it. But that’s...

Load More