Security Leadership

Security Leadership news, information, and how-to advice

ssl secure browser lock

3 ways to reduce BYOD legal liability with the right conversation

As "bring your own device" (BYOD) reshapes the way organizations handle technology, how do we handle the uncertainty of legal liability and security concerns? The key to turning a potential liability into an opportunity lies in having

Kimberly Clark names new CISO

Timothy Youngblood joins Kimberly Clark as their Chief Information Security Officer.

Why security professionals need to get more creative with penetration testing (and how to do it)

Criminals are evolving with their techniques for hacking and breaching corporate assets, so security managers need to as well. Here are some ways companies are going beyond standard pen testing in order to increase awareness

CDW Integrates with Google Apps for Cloud Collaboration

Through a partnership with Google and Esna Technologies, CDW has rolled out native access to the CDW Cloud Collaboration suite within Google Apps.

Think tank challenges Heartbleed handwringing

Recent opinion piece has researchers debating seriousness of the OpenSSL flaw


How to create awareness of the insider threat

Snowden causes companies to consider doing what was unthinkable

How you need to respond to Heartbleed, and how you can explain it to others

With the flood of information surfacing about Heartbleed, it is important to distill to the immediate steps to take to protect our organizations and those we serve. This article covers the five actions for organizations, three for...

The real security lesson Windows XP taught us is to challenge our assumptions

As support for Windows XP comes to an official end, the real security lesson is hidden. Broader than what to do about it today is the consideration of what it means for the future. Find out the one question Windows XP taught us we...

Cloud Computing eGuide

In this eGuide, CIO, Computerworld, and InfoWorld offer advice, tips, news, and predictions regarding cloud implementations in the coming year and beyond. Read on to learn how to make cloud work for your organization.

Cognitive bias: The risk from everyone in your organization, including you

Cognitive bias is subtle enough that most people think everybody else but them suffers from it. But no one is immune, and it can lead to bad analytics and false conclusions, which can damage an organization through errors in judgement

Elavon appoints Agcaoili as new CISO

Phil Agcaoili will be joining Elavon as the Vice President and Chief Information Security Officer


Salted Links: 7 April 2014

The Hash is on the road this week, but while yours truly is flying the friendly skies, the following round-up will keep you in the loop on current events and interesting research. Today's cache includes a unique attack on Microsoft...

Businesses face rising political pressure from data breaches

FTC encourages Congress to pass national breach notification legislation, among other efforts.

Why Projects Fail

CIOs are expected to deliver more projects that transform business, and do so on time, on budget and with limited resources.

Why you need to measure the right things in your incident reporting process to improve your security culture

Shape a successful culture of security with an approach that gives individuals a voice and uses smart measurements to guide action.

Talking insider threats at the CSO40 Security Confab and Awards

InfoSec supervisor Arthur Wang discusses insider threats and his supportive approach to spreading security awareness within an organization.

What’s quality got to do, got to do with it?

At the CSO40 conference next week, I'll be speaking on ISO 9001 and its application to information security. But what does ISO 9001, an international standard of quality management, have to do with information security? Answer: Lots.

Blue bank vault

Banks' suit in Target breach a 'wake up call' for companies hiring PCI auditors

Two banks have filed a lawsuit against Target and Trustwave Holdings, the retailer's security assessor

Why Projects Fail

CIOs are expected to deliver more projects that transform business, and do so on time, on budget and with limited resources.

Focus cyber risk on critical infrastructure: Remote substations are vulnerable

Doug DePeppe has some especially strong feelings about protecting remote substations from cyber attacks. Here is his guest CSO blog to explain why.

Info sec industry still struggles to attract women

Many barriers still stop women from considering info sec as a profession. But both companies and women would benefit in an increase in the numbers, and many firms are now stepping up efforts to recruit them

Our bias for breach prevention is causing blind spots

We have an inherent bias toward prevention, even as we freely admit we can’t prevent a breach. That leads to the neglect of detection, response, and the role of culture in building a successful security program. Explore how and why to

Security analysts evolving from security administrators

There seems to be a global evolution in security talent worldwide - partly from want and partly from need. The technology, talent and techniques once necessary to support a sound security posture are changing as threats and business...

Load More