November 10, 2015
The increase in the number of corporate-targeted cyberattacks over the past few years, combined with an increase in the complexity of those attacks, has caused cybersecurity to be scrutinized in the boardroom like never before. As seen with major shake-ups among corporate leaders following massive data breaches, CEOs and other top leadership are now fully invested in the overall security health... READ MORE›
October 26, 2015 | Managing AppSec
The evolution of the CISO (chief information security officer) position over the past few years is nothing short of remarkable. Not too long ago, ensuring that a business's technology was secure fell to the CTO or CIO. But as the value of security has increased, the majority of enterprises now have someone dedicated to that role, someone who faces the board on a regular basis. A new survey... READ MORE›
October 16, 2015 | Security News
While suffering a cyberattack may be an eventuality these days, one organization's experience with cybercrime can be very different from another's. Anecdotal evidence from business leaders regarding information security can be interesting, but it's impossible to understand what's truly going on in the industry without gaining insight from hundreds of organizations. That's why... READ MORE›
October 14, 2015 | Managing AppSec
The past few years have shown that as external network defenses become stronger, applications truly are the new security perimeter. Many enterprise CISOs have developed robust testing processes and programs for internal applications but don't quite have a handle on how to effectively expand those programs to include third-party software. For application security, supply-chain risk is at an... READ MORE›
October 12, 2015
More than ever before, chief information security officers (CISOs) now find themselves in front of the board of directors, detailing the security incidents, issues and solutions that affect the business. For those not accustomed to it, presenting to the board can be a difficult experience, one in which they want to impart all the necessary information without wasting anyone's time. On top of... READ MORE›
October 1, 2015
One of the most important aspects of any CISO's job is keeping up with the emerging trends in cybercrime. And with the cyberthreat landscape undergoing changes every few weeks — and criminals constantly changing their tactics to stay ahead of security professionals — it's not enough to simply be able to protect a business against the major threats of the day. Successful CISOs... READ MORE›
September 29, 2015
A recent survey of business and technology leaders in the United Kingdom, entitled "Business and Economic Consequences of Inadequate Cybersecurity," highlights the pervasive thought that cybersecurity, regardless of its ability to manage risk, is a detriment to innovation. While controls will almost always stifle innovation in some way, CISOs must investigate ways to minimize this... READ MORE›
September 3, 2015
Given the number of InfoSec incidents over the past few years, just about every enterprise that develops software has already put some kind of official security testing program in place. While this kind of application security assessment is a huge step forward, many programs have been built with the wrong priorities in mind. CISOs have to learn the misconceptions surrounding secure software... READ MORE›
September 1, 2015 | Managing AppSec
There is always a silver lining. When it comes to the recent surge of information security issues, the silver lining is these breaches have given CISOs increased prominence within their enterprises. What was once just one aspect of a CIO or CTO's role is now a full-fledged area of responsibility with direct access to the highest levels of the organization. Presenting to the C-suite or the... READ MORE›
August 25, 2015 | Security News
There's little wonder why the concept of threat-information sharing is becoming so popular: It represents a state where security professionals can share and access real-time threat information, greatly increasing their ability to respond to emerging threats. But while the concept of open threat intelligence is gaining significant traction, the movement is still truly in its infancy.... READ MORE›