Blog Posts Tagged with "Leadership"
March 26, 2012 Added by:Thomas Fox
Can compliance be innovative? Or can innovation inform your compliance program? Innovation in the compliance arena is key. As compliance programs mature and as companies mature in their approach to compliance, innovation will continue to lead best practices...
March 23, 2012 Added by:Wendy Nather
It's harder to be accused of nefarious activities if you are completely above-board, show you're willing to be subject to appropriate limits, and make a point of relinquishing any powers you might have. Call it CYA, call it leading by example, whatever. It's ethically important...
March 19, 2012 Added by:Rafal Los
Security means different things to different people - but by and large we can agree on the need to defend our organizations against those bad guys who wish to do it harm whether it's from a purely destructive perspective or something more sinister...
March 15, 2012 Added by:Kyle Lagunas
Providing access to all sorts of internal systems for both employees and managers can make for a more adaptable organization regardless of size. IT has struggled with this loss of gatekeeper control, but the sound fiscal results are changing the minds of the C-suite...
March 13, 2012 Added by:Headlines
"Less than two-thirds of the Forbes Global 2000 companies surveyed have full-time personnel in key roles responsible for privacy and security in a manner that is consistent with internationally accepted best practices and standards..."
March 13, 2012 Added by:Rafal Los
Is the CISO willing to take on more business-focused responsibilities, and look at information security from a less technical solution-oriented perspective - and if so is that sustainable? If you're looking for advice I have a little bit here for you...
February 28, 2012 Added by:Robb Reck
The biggest key to the success of any security program is achieving goal congruence with the organization. Every security objective should directly support the overall objectives of the company. Security must figure out how our projects contribute to the organization’s success...
February 22, 2012 Added by:Rafal Los
"If a CISO initially receives any capability when starting the position, that was capability that was left over from their predecessor. It is now the CISO's responsibility to earn more capability and solidify what may already exist..."
February 17, 2012 Added by:Rafal Los
Capability is often seen as the ability to enforce - whether its corporate politics, budget, or a top-down reporting structure. If you don't have the capability to force people to follow organization-wide decisions it is difficult to have a solid organization...
February 16, 2012 Added by:Thomas Fox
Thriving employees - who are not only “satisfied and productive but also engaged in creating the future” for their organization - out produce non-thriving employees. These concepts matter within the context of promoting a culture of compliance within your organization...
February 04, 2012 Added by:Thomas Fox
It is better to consider the ripple effects of your decision making before throwing that rock into your company’s ethics pond. If you do not do so you can easily run the risk of consequences for which you may have no response for, yet be held accountable for in your company...
January 23, 2012 Added by:Michele Westergaard
Certain tasks can be defined via policy as needed but are really the small part of the role. An overarching role is to understand the key issues facing the organization, creatively challenge business processes by asking what can go wrong, then working to plug the potential holes...
January 16, 2012 Added by:Danny Lieberman
Security management is tricky. It’s not only about technical controls and good software development practice. It’s also about management responsibility. If you remember the Theory of Constraints, there is only one thing that limits a system's (or company's) performance...
December 16, 2011 Added by:Jason Clark
Many CISOs are getting questions specifically about whether they are protected from targeted attacks, malware, and data breaches. And many of these questions are coming from people who don’t really know what terms like “targeted attack” or “malware” actually mean - the Board of Directors...
December 11, 2011 Added by:Bill Gerneglia
“The face of cyber threats has rapidly evolved from curious college kids taking their hand at hacking to an enormous global ecosystem of cyber-crime. Companies need a comprehensive approach to security technology, education and awareness and a very small number have truly mastered all three...”
November 28, 2011 Added by:Ali-Reza Anghaie
Consider three fields when pondering infosec strategies: Defense, Economics, and Healthcare. All three have grasped nonlinear preventative and swarm tactics in a way we would be wise to consider. And like infosec, all three also have snake oil salesmen and demons to satiate...
First Victims of the Stuxnet Worm Revealed... Zaid Zia on 11-21-2014
Attorney General Taps Federal Prosecutors fo... Zaid Zia on 11-21-2014
Is There a Business Case in Planning for Da... Zaid Zia on 11-21-2014