Jason Clark, CSO of Websense, has met recently with 400 CSOs. In a pre-RSA Conference interview, he discusses how security leaders can be more effective when facing mobile security and other challenges.
NIST's Ron Ross will be quite busy at RSA Conference 2012, not only promoting revised guidance on security and privacy controls to be unveiled at the securing conclave, but also participating in a panel on one of his favorite topics: continuous monitoring.
What are the critical steps that IT security professionals should take in the aftermath of a breach? CEO Micky Tripathi of The Massachusetts eHealth Collaborative offers eight practical lessons based on his breach resolution experience.
Five years ago, the Council of Registered Ethical Security Testers began as an organization to bring standardization to the penetration testing industry. Today, CREST's scope is expanding across industries and global regions, says president Ian Glover.
Identifying the insider who could pose a threat to your organization's IT assets must be a team effort among non-technology, IT and information security managers, Carnegie Mellon University's Dawn Cappelli and Mike Hanley say.
When it's time to stand up in court and discuss forensic evidence in a legal matter, you need someone who knows your business best, says Greg Thompson, VP enterprise security services at Scotiabank Group.
Malcolm Harkins, CISO of Intel was quick to embrace BYOD as a means to cut costs and improve employee productivity. His advice to leaders struggling with the trend: "Don't shy away from the risk issues."
Complexity is among the most significant information risk challenges IT security practitioners face. Mobile and cloud computing, new technologies, outsourcing and growing threats from malware and people make managing risk more complex.