Blog Posts Tagged with "Leadership"

59d9b46aa00c70238bb89056cfeb96c0

Innovation and Compliance

March 26, 2012 Added by:Thomas Fox

Can compliance be innovative? Or can innovation inform your compliance program? Innovation in the compliance arena is key. As compliance programs mature and as companies mature in their approach to compliance, innovation will continue to lead best practices...

Comments  (0)

Ebe141392ea3ebf96ba918c780ea1ebe

Eating the Security Dog Food

March 23, 2012 Added by:Wendy Nather

It's harder to be accused of nefarious activities if you are completely above-board, show you're willing to be subject to appropriate limits, and make a point of relinquishing any powers you might have. Call it CYA, call it leading by example, whatever. It's ethically important...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Changing of the Guard: A Perspective on the Changing CISO Role

March 19, 2012 Added by:Rafal Los

Security means different things to different people - but by and large we can agree on the need to defend our organizations against those bad guys who wish to do it harm whether it's from a purely destructive perspective or something more sinister...

Comments  (0)

6ba13f7544750cd81809eb83d296112a

Roundtable: Opportunities for HR in Consumerization of IT

March 15, 2012 Added by:Kyle Lagunas

Providing access to all sorts of internal systems for both employees and managers can make for a more adaptable organization regardless of size. IT has struggled with this loss of gatekeeper control, but the sound fiscal results are changing the minds of the C-suite...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

CyLab Report: Corporate Boards Neglecting Cyber Security

March 13, 2012 Added by:Headlines

"Less than two-thirds of the Forbes Global 2000 companies surveyed have full-time personnel in key roles responsible for privacy and security in a manner that is consistent with internationally accepted best practices and standards..."

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Is it Time to Reinvent the CISO?

March 13, 2012 Added by:Rafal Los

Is the CISO willing to take on more business-focused responsibilities, and look at information security from a less technical solution-oriented perspective - and if so is that sustainable? If you're looking for advice I have a little bit here for you...

Comments  (1)

C787d4daae33f0e155e00c614f07b0ee

RSA Conference 2012: Day One Highlights

February 28, 2012 Added by:Robb Reck

The biggest key to the success of any security program is achieving goal congruence with the organization. Every security objective should directly support the overall objectives of the company. Security must figure out how our projects contribute to the organization’s success...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The CISO as a Capable Catalyst

February 22, 2012 Added by:Rafal Los

"If a CISO initially receives any capability when starting the position, that was capability that was left over from their predecessor. It is now the CISO's responsibility to earn more capability and solidify what may already exist..."

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

Responsibility vs Capability in the CISO Role

February 17, 2012 Added by:Rafal Los

Capability is often seen as the ability to enforce - whether its corporate politics, budget, or a top-down reporting structure. If you don't have the capability to force people to follow organization-wide decisions it is difficult to have a solid organization...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Creating Sustainable Compliance Performance

February 16, 2012 Added by:Thomas Fox

Thriving employees - who are not only “satisfied and productive but also engaged in creating the future” for their organization - out produce non-thriving employees. These concepts matter within the context of promoting a culture of compliance within your organization...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Enterprise Ethics: Anticipating Ripples in the Pond

February 04, 2012 Added by:Thomas Fox

It is better to consider the ripple effects of your decision making before throwing that rock into your company’s ethics pond. If you do not do so you can easily run the risk of consequences for which you may have no response for, yet be held accountable for in your company...

Comments  (0)

6462807771e81d9c33eb99307f5f3e77

On Enterprise-Wide Risk Management

January 23, 2012 Added by:Michele Westergaard

Certain tasks can be defined via policy as needed but are really the small part of the role. An overarching role is to understand the key issues facing the organization, creatively challenge business processes by asking what can go wrong, then working to plug the potential holes...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Security and the Theory of Constraints

January 16, 2012 Added by:Danny Lieberman

Security management is tricky. It’s not only about technical controls and good software development practice. It’s also about management responsibility. If you remember the Theory of Constraints, there is only one thing that limits a system's (or company's) performance...

Comments  (0)

54b393d8c5ad38d03c46d060fa365773

Security: Three Tips When Speaking to the Board of Directors

December 16, 2011 Added by:Jason Clark

Many CISOs are getting questions specifically about whether they are protected from targeted attacks, malware, and data breaches. And many of these questions are coming from people who don’t really know what terms like “targeted attack” or “malware” actually mean - the Board of Directors...

Comments  (4)

44fa7dab2a22dc03b6a1de4a35b7834a

Measuring Information Security Effectiveness

December 11, 2011 Added by:Bill Gerneglia

“The face of cyber threats has rapidly evolved from curious college kids taking their hand at hacking to an enormous global ecosystem of cyber-crime. Companies need a comprehensive approach to security technology, education and awareness and a very small number have truly mastered all three...”

Comments  (0)

Bd623fa766512fdf6b57db66f522b741

Infosec: Homer Simpson or George Washington?

November 28, 2011 Added by:Ali-Reza Anghaie

Consider three fields when pondering infosec strategies: Defense, Economics, and Healthcare. All three have grasped nonlinear preventative and swarm tactics in a way we would be wise to consider. And like infosec, all three also have snake oil salesmen and demons to satiate...

Comments  (1)

Page « < 2 - 3 - 4 - 5 - 6 > »