The increase in the number of corporate-targeted cyberattacks over the past few years, combined with an increase in the complexity of those attacks, has caused cybersecurity to be scrutinized in the boardroom like never before. As seen with major shake-ups among corporate leaders following massive data breaches, CEOs and other top leadership are now fully invested in the overall security health… READ MORE

The evolution of the CISO (chief information security officer) position over the past few years is nothing short of remarkable. Not too long ago, ensuring that a business's technology was secure fell to the CTO or CIO. But as the value of security has increased, the majority of enterprises now have someone dedicated to that role, someone who faces the board on a regular basis. A new survey from… READ MORE

While suffering a cyberattack may be an eventuality these days, one organization's experience with cybercrime can be very different from another's. Anecdotal evidence from business leaders regarding information security can be interesting, but it's impossible to understand what's truly going on in the industry without gaining insight from hundreds of organizations. That's why the data from "… READ MORE

More than ever before, chief information security officers (CISOs) now find themselves in front of the board of directors, detailing the security incidents, issues and solutions that affect the business. For those not accustomed to it, presenting to the board can be a difficult experience, one in which they want to impart all the necessary information without wasting anyone's time. On top of the… READ MORE

One of the most important aspects of any CISO's job is keeping up with the emerging trends in cybercrime. And with the cyberthreat landscape undergoing changes every few weeks — and criminals constantly changing their tactics to stay ahead of security professionals — it's not enough to simply be able to protect a business against the major threats of the day. Successful CISOs will have to live in… READ MORE

A recent survey of business and technology leaders in the United Kingdom, entitled "Business and Economic Consequences of Inadequate Cybersecurity," highlights the pervasive thought that cybersecurity, regardless of its ability to manage risk, is a detriment to innovation. While controls will almost always stifle innovation in some way, CISOs must investigate ways to minimize this impact and turn… READ MORE

Given the number of InfoSec incidents over the past few years, just about every enterprise that develops software has already put some kind of official security testing program in place. While this kind of application security assessment is a huge step forward, many programs have been built with the wrong priorities in mind. CISOs have to learn the misconceptions surrounding secure software… READ MORE

There is always a silver lining. When it comes to the recent surge of information security issues, the silver lining is these breaches have given CISOs increased prominence within their enterprises. What was once just one aspect of a CIO or CTO's role is now a full-fledged area of responsibility with direct access to the highest levels of the organization. Presenting to the C-suite or the… READ MORE

There's little wonder why the concept of threat-information sharing is becoming so popular: It represents a state where security professionals can share and access real-time threat information, greatly increasing their ability to respond to emerging threats. But while the concept of open threat intelligence is gaining significant traction, the movement is still truly in its infancy. Enterprise… READ MORE

Security controls and tests have never been the easiest things to incorporate in the software development lifecycle (SDLC) — but as application security grows in importance, some changes in the way software gets made are making security integration more difficult than ever. The Agile methodology, especially when combined with a DevOps paradigm, embraces speed, making it much harder to get strict… READ MORE