Blog Posts Tagged with "Employees"


Building Out a Security Skills Matrix

February 24, 2011 Added by:Brad Bemis

As the manager of a security operations team, I needed a way to track the current skills/knowledge levels of my team, and its progress over time. That’s what this matrix did for me – and it could do the same for you to – IF you’re willing to take the time to build one that is...

Comments  (1)


Managing the Infosec Investigative Function

February 13, 2011 Added by:Kurt Aubuchon

Conducting effective investigations requires specialized knowledge, skills, and abilities. It is not necessarily the case that the Infosec analyst who can manage a tight network perimeter can also conduct a good investigation. Investigations are risky and politically sensitive affairs...

Comments  (0)


Policies: What I Learned From Being a “Dummy”

February 10, 2011 Added by:Brad Bemis

I wonder what the world would be like if we wrote our policies and supporting documentation in a for-dummies-like format. Why? Because right now the common security policy fits the same bill that all those stuffy, confusing, technical references once did – and they simply don’t work...

Comments  (5)


Do You Need An MBA To Be A CSO? Part II

February 09, 2011 Added by:Healthcare CSO

It will not teach you how to explain security concepts to other business leaders. Nor how to manage your organization of high performing, but very geeky, folks that are doing the IT security work for your company. And I've yet to see a course on security risk management in traditional MBA programs...

Comments  (4)


Do You Need An MBA To Be A CSO?

February 07, 2011 Added by:Healthcare CSO

The absolute requirements that all our successful candidates must have are experience, proven skills, cultural fit, and competency. To find out if the candidate has these things, we invest time and effort into the candidates that make it through the initial screening process...

Comments  (9)


Insider Threats: Big Enough to be Parodied on The Simpsons

January 25, 2011 Added by:Headlines

If you have been parodied on the long running prime-time animated series The Simpsons, you can rest assured that you have finally arrived. The most recent member of the coveted Simpson parody club is, believe it or not, none other than the Insider Threat...

Comments  (0)


Getting Buy-In for Information Security

January 24, 2011 Added by:Robb Reck

The goal is an organization with workers who are focused on information security across all departments. Sitting in the CISO's office coming up with great ideas for security with a few InfoSec members will never be enough. We need employees thinking of security as a crucial part of their work...

Comments  (0)


Employee Privacy Enjoys Gains in the U.S.

January 22, 2011 Added by:David Navetta

2010 arguably was a breakout year for consumer privacy, but the year also brought about significant changes to employee privacy. Federal and state court decisions, state legislation and agency actions suggest that the U.S. may be moving towards a greater level of privacy protection for employees...

Comments  (0)


The Post-Holiday Blues

January 22, 2011 Added by:Javvad Malik

You walk back to the office knowing full well, like hundreds of others in their office, they’ve forgotten their password. You then have to jump through 20 different hoops to identify yourself. Your name, ID number, user ID, your managers name, your national insurance number… blah blah blah... Finally, you’re told that your password has been reset to Password123. Success? Nearly, becaus...

Comments  (0)


Phishing for Mobile Users? They Are Taking the Bait

January 05, 2011 Added by:Katie Weaver-Johnson

It is critical for organizations to implement clearly defined policies for using mobile devices. It is also important that organizations continue to update their employees as risks, threats, requirements, etc. change on an ongoing basis. A once-a-year general training program is not enough...

Comments  (0)


How to Assess Risk Part I: Asking the Right Questions

December 14, 2010 Added by:Danny Lieberman

It seems to me that self-assessment of risk is a difficult process to understand and execute, primarily because the employees who are asked to assess the risk in their business process don’t really understand the notion of risk, and don’t really care...

Comments  (2)


Don’t Share Passwords with Co-Workers

November 26, 2010 Added by:Dan Dieterle

Do not share your password with co-workers, or place your password in obvious places, like a sticky note on your monitor or under your keyboard. Also, lock your workstation before you walk away from it even if you think you will only be gone for a short while...

Comments  (5)


Ex-Employee Stole Trade Secrets Worth Over $50M

November 24, 2010 Added by:Headlines

The theft of trade secrets has widespread consequences, as it causes companies to lose their competitive edge, can make it difficult to realize a return on billions of dollars worth of research and development efforts, and ultimately devalues shareholder value...

Comments  (2)


Majority of Employees Plan to Steal Company Data

November 24, 2010 Added by:Headlines

A new study reveals an alarming statistic: The majority of workers plan on stealing company data if and when they leave their current positions. The survey of 1000 white collar employees conducted by Imperva shows that more than two-thirds are willing to take everything from client and customer records to the intellectual property of their employer...

Comments  (0)

Page « < 4 - 5 - 6 - 7 - 8 > »