Home » Security Leadership » Strategic Planning/ERM

STRATEGIC PLANNING/ERM Articles

PAGE 5

Survey Says More Companies Hiring CSOs, Holding Steady on Spending

Seventh Annual Global Information Security Survey: In a sign that companies may finally be getting that security is important, more say they have hired a CSO to take charge of their defenses. (Last of a four-part series)

» full story

The Seven Deadly Sins of Security Policy

Are your security policies really managing your organization's risks? Or are they just 'check-the-box' rules? We detail common policy mistakes security pros often make.

» full story

7 Ways Security Pros DON'T Practice What They Preach

IT security pros spend oodles of time trying to hammer best practices into the heads of fellow employees. But in an informal poll conducted by CSOonline, many admitted they don't always follow their own advice.

» full story

No Excuses: Managing Operational Risk

Headlines about high-profile white-collar criminals sometimes mask underlying weakness in business controls and risk management. This book excerpt looks behind the curtain.

» full story

How to Succeed in a Two-Faced IT Security Job Market

More companies are hiring CSOs and moving security tasks in-house. But that doesn't always mean more jobs (article and 3 audio clips).

» full story

Surviving Layoffs: Five Career Lessons from the Security Trenches

Company politics, stonewalling, layoffs -- sometimes it's part and parcel of the security job. Here are one CISO's takeaways.

» full story

What Should WH Cybersecurity Coordinator's Job Description Look Like? One Man's View

Part 2 of Ariel Silverston's "Mission Impossible" series: If President Obama's new cybersecurity coordinator is to have any real impact, there are a few things that will need to be worked into the job description.

» full story

Report: Business Risk of Fraud, Corruption Up Amid Economic Crisis

Control Risks' report suggests businesses heighten efforts to guard against fraud and comply with stringent regulations.

» full story

Mission Impossible? A Plan to Secure the Federal Cyberspace

Security expert Ariel Silverstone looks at what is needed to truly secure the online systems used by the federal government. Does Obama's plan measure up? (First of a three-part series)

» full story

How to Write an Information Security Policy

Jennifer Bayuk explains the critical first step, what to cover and how make your information security policy - and program - effective

» full story

« 3 4 5 6 7 »

STRATEGIC PLANNING/ERM
ESSENTIAL READING

The reactive, event-driven nature of security makes strategic planning more important, not less. Here are practical tips for creating a strategy that is aligned with your organization's business and enterprise risk management goals.

Risk's rewards: Organizing for ERM
Leading companies are coordinating risk management activity, finding efficiencies and better visibility in the process. Here's how they do it.

Beginning ERM in 6 simple steps
ERM look like too big a commitment? Choose one process to improve, create a working group, show progress, and build momentum.

Planning For Failure: Incident Management Is A Top Priority
You can't stop every cyberattack. However, your key stakeholders, clients, and other observers do expect you to take reasonable measures to prevent breaches in the first place, and when that fails, to respond quickly and appropriately. A poorly contained breach and botched response have the potential to cost you millions in lost business and opportunity, ruin your reputation, and perhaps even drive you out of business.
Application Performance Management: The End User is King
Managing enterprise IT is no simple task. However, when it comes to critical applications and capabilities that impact end users and influence business results, the need for visibility into and across IT systems is critical.

» View All Strategic Planning/ERM White Papers