IDG Contributor Network

Information Security Governance

By Frederick Scholl

Opinions expressed by ICN authors are their own.

Opinion

How to become a cybersecurity RSO

How to build a reliable security program.

Opinion

Rethinking security

6 foundational steps to make your enterprise security program effective.

Opinion

Protecting trade secrets: technology solutions you can use

The fourth and final part of a series on stopping trade secret theft in your organization.

Opinion

Understanding root causes of trade secret breaches

The third part of a series on stopping trade secret theft in your organization.

Opinion

Protecting business assets

Identifying business assets and connecting your security program to them.

Opinion

Engage the world

Personal strategies for information security leaders to better engage with the business.

Opinion

Using the new NIST standards in private industry

Updating the content of NIST 800-53 and NIST 800-37 risk management standards. They are now more aligned with private industry requirements.

Opinion

Where to spend your next security dollar

Use executive security education to build your security program.

Opinion

Stopping trade secret theft in your organization, part 2

A brief primer on trade secret law for security professionals.

Opinion

Secure systems and the three little pigs

How to create a secure systems development practice in spite of Agile, DevOps and changing threats

Opinion

Stopping trade secret theft in your organization

Start of four-part series on trade secret theft. Understanding what a trade secret is. Scope of the trade secret theft problem. Role of cyber security in trade secret theft.

Opinion

Cybersecurity: What does the board want?

Summary of the 2017 NACD Cyber-risk Handbook and its recommendations for directors. Action items for CISOs.

Opinion

Better security through storytelling

Using stories to communicate for Agile, DevOps, and C-Level executive use cases.

Opinion

Government to be more engaged with security in 2017

Cybersecurity will be a top priority for governments, in order to protect citizens from attacks on lifestyle.

Opinion

Learning to love DevOps

Security professionals need to embrace DevOps and use it to their advantage. The DevOps Handbook offers an up to date guide for this process.

Opinion

Time to kill security awareness training

Security awareness is a tired concept and has not worked. It is time to replace it with true education and engagement.

Opinion

9/11: My story

How the information security community can support law enforcement in preventing another large scale attack.

Opinion

Go for the gold!

Using continuous improvement and maturity models to build effective security programs.

Opinion

What information security leadership persona should you project? To successfully govern your program, you need four different styles. This post describes what they are and how to obtain the necessary skills.

Opinion

Don't be the next Humpty Dumpty

How looking at information security as part of enterprise risk management can help your organization

Popular Resources

eBook
Sponsored

5 Steps to Successfully Deploying a Healthy CMDB
White Paper

Maximize the ROI of Detection & Response
eBook
Sponsored

4 Tips to Propel Your Business
Video/Webcast
Sponsored

Carpe Momentum: Seizing the Moments That Matter in a Complex World
Case Study
Sponsored

Case Study- Indian River State College

See All