Shawn Drew
Shawn Drew has spent the last five years helping businesses understand the difference that technology can make for their internal processes, external connections, and bottom line. He specializes in all things cloud computing and security, and hopes to impart some knowledge on how the two can be combined to enhance the inherent benefits of each. His work has been published on the websites and blogs of a number of technology industry leaders, such as IBM, Veracode and Boundary.Posts by Shawn Drew
The Top 3 Security Concerns in the Boardroom
November 10, 2015
The increase in the number of corporate-targeted cyberattacks over the past few years, combined with an increase in the complexity of those attacks, has caused cybersecurity to be scrutinized in the boardroom like never before. As seen with major shake-ups among corporate leaders following massive data breaches, CEOs and other top leadership are now fully invested in the overall security health... READ MORE›
5 Key Qualities of a CISO
October 26, 2015 | Managing AppSec
The evolution of the CISO (chief information security officer) position over the past few years is nothing short of remarkable. Not too long ago, ensuring that a business's technology was secure fell to the CTO or CIO. But as the value of security has increased, the majority of enterprises now have someone dedicated to that role, someone who faces the board on a regular basis. A new survey... READ MORE›
Top 5 Lessons C-Level Executives Can Learn From British Security Professionals
October 16, 2015 | Security News
While suffering a cyberattack may be an eventuality these days, one organization's experience with cybercrime can be very different from another's. Anecdotal evidence from business leaders regarding information security can be interesting, but it's impossible to understand what's truly going on in the industry without gaining insight from hundreds of organizations. That's why... READ MORE›
Supply-Chain Risk: The 3 Most Popular Practices for Addressing Risk
October 14, 2015 | Managing AppSec
The past few years have shown that as external network defenses become stronger, applications truly are the new security perimeter. Many enterprise CISOs have developed robust testing processes and programs for internal applications but don't quite have a handle on how to effectively expand those programs to include third-party software. For application security, supply-chain risk is at an... READ MORE›
Presenting to the Board: What Board Members Really Want to Hear From CISOs
October 12, 2015
More than ever before, chief information security officers (CISOs) now find themselves in front of the board of directors, detailing the security incidents, issues and solutions that affect the business. For those not accustomed to it, presenting to the board can be a difficult experience, one in which they want to impart all the necessary information without wasting anyone's time. On top of... READ MORE›
Cebr Survey Highlights Key Trends in Cybercrime and What They Mean for CISOs
October 1, 2015
One of the most important aspects of any CISO's job is keeping up with the emerging trends in cybercrime. And with the cyberthreat landscape undergoing changes every few weeks — and criminals constantly changing their tactics to stay ahead of security professionals — it's not enough to simply be able to protect a business against the major threats of the day. Successful CISOs... READ MORE›
CISOs Must Manage Risk Without Impeding Innovation
September 29, 2015
A recent survey of business and technology leaders in the United Kingdom, entitled "Business and Economic Consequences of Inadequate Cybersecurity," highlights the pervasive thought that cybersecurity, regardless of its ability to manage risk, is a detriment to innovation. While controls will almost always stifle innovation in some way, CISOs must investigate ways to minimize this... READ MORE›
Application Security Assessment: Reviewing Your Testing Program
September 3, 2015
Given the number of InfoSec incidents over the past few years, just about every enterprise that develops software has already put some kind of official security testing program in place. While this kind of application security assessment is a huge step forward, many programs have been built with the wrong priorities in mind. CISOs have to learn the misconceptions surrounding secure software... READ MORE›
CISO Tips for Risk Communication: How to Effectively Position Yourself in the Boardroom
September 1, 2015 | Managing AppSec
There is always a silver lining. When it comes to the recent surge of information security issues, the silver lining is these breaches have given CISOs increased prominence within their enterprises. What was once just one aspect of a CIO or CTO's role is now a full-fledged area of responsibility with direct access to the highest levels of the organization. Presenting to the C-suite or the... READ MORE›
Threat Intelligence Sharing: Is Your Enterprise Ready?
August 25, 2015 | Security News
There's little wonder why the concept of threat-information sharing is becoming so popular: It represents a state where security professionals can share and access real-time threat information, greatly increasing their ability to respond to emerging threats. But while the concept of open threat intelligence is gaining significant traction, the movement is still truly in its infancy.... READ MORE›
