IT Leadership

IT leadership and management news, analysis, research, how-to, opinion, and video.

business people conference room collaboration boardroom

Having a boardroom conversation about cybersecurity and material risk

Those who embrace a material risk approach to addressing cyber threats will command the attention of senior leaders and steadily drive improvements into their organization’s security posture.

Man framing with hands in front of face to focus

How managers can best communicate the importance of cybersecurity to employees

We must challenge ourselves to think differently about how and what we’re communicating if we want to be successful in making security a priority for our employees.

business people conference room collaboration boardroom

Corporate boards will face the spotlight in cybersecurity incidents

The board will be closely watched in the face of a cyberattack or data breach.

data security

Take a new approach to data security: protect all of it

Don't just pick and choose data and documents to protect: secure unstructured data, too.

rsa conference 2016

Making the most of your time at the RSA 2018 conference

A guide to the RSA 2018 conference. Going to RSA 2018? Failing to plan is planning to fail.

European Union [EU] flag-lock on top of a map of Europe

Beware the GDPR vaporware

NetApp’s legal head Sheila FitzPatrick on why companies can’t simply buy or outsource their way to GDPR compliance.

4 compliance

14 top tools to assess, implement, and maintain GDPR compliance

Running behind on meeting the EU’s new GDPR privacy rules? These tools can help you meet the requirements and stay in compliance by deadline.

ep 20 salted hash

Salted Hash Ep 20: GDPR: Looming deadlines, massive penalties

The May 25 deadline for the General Data Protection Regulation (GDPR) is quickly approaching. Organizations large and small are scrambling to align with these new requirements, but the task isn't an easy one. In fact, the idea of...

risk assessment - safety analysis - security audit

The time is now for a comprehensive, risk-based approach to build cyber resilience

Most C-suite stakeholders are unsure of where their organization stands in its cyber security capabilities and resilience.

strategic planning notes and ideas

Building a cybersecurity strategic plan

These types of plans are cybersecurity road maps that establish pathways an organization can follow to improve its overall risk management approach.

Stack of legal documents with compliance and regulatory stamp

Taking cybersecurity beyond a compliance-first approach

A compliance first approach to security is fundamentally insecure. It's time for companies to change the mindset, go beyond simply meeting regulatory requirements and focus on truly protecting data.

What’s on CISOs Minds in 2018?

Business risk, the cyber supply chain, attackers, data security and awareness training top the list

vulnerable breach hacked indecision

How to approach business leaders about cybersecurity when they don’t follow the breach headlines

Hint: hit them where it hurts the most – their own personal reputation and livelihood.

umbrella businessman protection stormy dark insurance

Is compliance the best insurance for managing cybersecurity risk in 2018?

Cybersecurity challenges and risks continue to emerge as top threats to business as usual for large and small organizations alike. The ability to meet these threats requires understanding emerging standards. Compliance with these new...

cybersecurity boards

Hacking security awareness: the program-changing magic of the advisory board

Most successful company programs have a few common traits, one of them being an advisory board. Advisory boards can propel security awareness programs into uncharted levels of success, yet most programs today don't utilize this simple...

drowning in red tape bureaucracy ai machine learning

What does the GDPR and the "right to explanation" mean for AI?

Security teams increasingly rely on machine learning and artificial intelligence to protect assets. Will a requirement to explain how they make decisions make them less effective?

overwhelmed man stressed analytics information overload

The Importance of Discerning Between Job Burnout and PTSD

It is important to discuss the key differences between PTSD and burnout in order for us to avoid making light of a serious psychological disorder

overwhelmed man stressed analytics information overload

Cybersecurity job fatigue affects many security professionals

Infosec professionals face occupational hazards such as long hours, high stress levels, and career frustration that can lead to mental health issues.

hipaa compliance 1

Is your cloud service provider ready for HIPAA?

Is your industry’s compliance with the Health Insurance Portability and Accountability Act of 1996 covered in the cloud?

Stack of legal documents with compliance and regulatory stamp

2018 cybersecurity resolutions: check the health of your cyber compliance

Regardless of cybersecurity budgets, we can always optimize what we currently have, to better secure our organizations. The “basics” apply to every organization, of any size – if you don’t have all the boxes for compliance checked,...

Load More