"It's not enough to know the architecture of the breach system," says Michael Aisenberg of MITRE Corp. "Leaders have to understand the different jurisdiction of where they do business, where their customers are and which breach law applies."
NRC CISO Patrick Howard is among three information security leaders who share their experiences, approaches and challenges from battling data breach incidents that had an impact on their organizations and their careers.
It's clear that major data breaches have become not just a topic of mainstream news, but they're occurring with such frequency and potential devastation that they're almost deserving of a 24-hour news desk.
More than just Facebook friends, today's Chief Information Security Officer needs to connect and collaborate with key corporate allies who can influence the enterprise risk and security practices within any organization.
In the wake of the RSA, Epsilon and Sony PlayStation data breaches, we spoke to two global information security leaders and asked for their three biggest leadership lessons learned. Here is what they shared.
A survey of American households - the same one used to determine the national unemployment rate - shows that 37,000 individuals in the United States consider themselves as information security analysts.
Patrick Gorman, a former associate director of the Office of the Director of National Intelligence, is the new chief information security officer and senior vice president at Bank of America, the nation's largest bank company.
Once a CEO understands the value and risks catered through mobile functionality, it is easier to discuss mobile innovations, policy and how the company can then strike a balance to meet customer and employee requirements.
"It shouldn't matter from where the enterprise security services are deployed. We need to just make sure as a team we are consistently closing the vulnerabilities and risk gaps." - Greg Thompson, Scotia Bank.