Identifying the insider who could pose a threat to your organization's IT assets must be a team effort among non-technology, IT and information security managers, Carnegie Mellon University's Dawn Cappelli and Mike Hanley say.
When it's time to stand up in court and discuss forensic evidence in a legal matter, you need someone who knows your business best, says Greg Thompson, VP enterprise security services at Scotiabank Group.
Malcolm Harkins, CISO of Intel was quick to embrace BYOD as a means to cut costs and improve employee productivity. His advice to leaders struggling with the trend: "Don't shy away from the risk issues."
Complexity is among the most significant information risk challenges IT security practitioners face. Mobile and cloud computing, new technologies, outsourcing and growing threats from malware and people make managing risk more complex.
Security leaders will need to tackle the top technology trends of big data, consumerization and mobile growth in 2012. Robert Stroud from ISACA offers tips to help manage the risks presented by these trends.
Fraud threats have changed little in the past decade. But their global scale has, and James Ratley, president of the ACFE, details how fraud examiners must change their approach to fighting these crimes in 2012....
Every organization likes its business continuity/disaster recovery plan before a disaster, says Al Berman of DRI International. But in the aftermath? Different story - and one that must be addressed in 2012.
As far as Dr. Giles Hogben of ENISA is concerned, now might be the golden opportunity for information security experts to influence the security and privacy measures that may help define Internet safety for the next decade or beyond....
Information security threats - especially to critical infrastructures and from nation-states - are evolving. But security education curricula are struggling to keep pace, according to Eugene Spafford, renowned information security professor at Purdue University....
Unfortunately, says Ken Vander Wal, most organizations have done little to address security in their policies and procedures regarding BYOD, which is changing the ways companies address user behavior and risk.
Bank of America's Keith Gordon says securing the mobile channel is much like securing any other banking channel: Controlling risks requires layers of security and controls. But educating customers plays a key security function, too.
Giving back to the community. It's a civic responsibility, says Dan Waddell of Tantus Technologies. But it's also a necessity to help raise cyber awareness. Waddell explains how security pros can give back.