Shawn Drew has spent the last five years helping businesses understand the difference that technology can make for their internal processes, external connections, and bottom line. He specializes in all things cloud computing and security, and hopes to impart some knowledge on how the two can be combined to enhance the inherent benefits of each. His work has been published on the websites and blogs of a number of technology industry leaders, such as IBM, Veracode and Boundary.
- The Top 3 Security Concerns in the Boardroom
The increase in the number of corporate-targeted cyberattacks over the past few years, combined with an increase in the complexity of those attacks, has caused cybersecurity to be scrutinized in the boardroom like never before. As seen with major shake-ups among corporate leaders following massive data breaches, CEOs and other top leadership are now fully invested in the overall security health… READ MORE
Stay up to date on Application Security
The evolution of the CISO (chief information security officer) position over the past few years is nothing short of remarkable. Not too long ago, ensuring that a business's technology was secure fell to the CTO or CIO. But as the value of security has increased, the majority of enterprises now have someone dedicated to that role, someone who faces the board on a regular basis. A new survey from… READ MORE
- Top 5 Lessons C-Level Executives Can Learn From British Security ProfessionalsOctober 16, 2015 | Security News
While suffering a cyberattack may be an eventuality these days, one organization's experience with cybercrime can be very different from another's. Anecdotal evidence from business leaders regarding information security can be interesting, but it's impossible to understand what's truly going on in the industry without gaining insight from hundreds of organizations. That's why the data from "… READ MORE
More than ever before, chief information security officers (CISOs) now find themselves in front of the board of directors, detailing the security incidents, issues and solutions that affect the business. For those not accustomed to it, presenting to the board can be a difficult experience, one in which they want to impart all the necessary information without wasting anyone's time. On top of the… READ MORE
One of the most important aspects of any CISO's job is keeping up with the emerging trends in cybercrime. And with the cyberthreat landscape undergoing changes every few weeks — and criminals constantly changing their tactics to stay ahead of security professionals — it's not enough to simply be able to protect a business against the major threats of the day. Successful CISOs will have to live in… READ MORE
- CISOs Must Manage Risk Without Impeding Innovation
A recent survey of business and technology leaders in the United Kingdom, entitled "Business and Economic Consequences of Inadequate Cybersecurity," highlights the pervasive thought that cybersecurity, regardless of its ability to manage risk, is a detriment to innovation. While controls will almost always stifle innovation in some way, CISOs must investigate ways to minimize this impact and turn… READ MORE
- Application Security Assessment: Reviewing Your Testing Program
Given the number of InfoSec incidents over the past few years, just about every enterprise that develops software has already put some kind of official security testing program in place. While this kind of application security assessment is a huge step forward, many programs have been built with the wrong priorities in mind. CISOs have to learn the misconceptions surrounding secure software… READ MORE
- CISO Tips for Risk Communication: How to Effectively Position Yourself in the BoardroomSeptember 1, 2015 | Managing AppSec
There is always a silver lining. When it comes to the recent surge of information security issues, the silver lining is these breaches have given CISOs increased prominence within their enterprises. What was once just one aspect of a CIO or CTO's role is now a full-fledged area of responsibility with direct access to the highest levels of the organization. Presenting to the C-suite or the… READ MORE
- Threat Intelligence Sharing: Is Your Enterprise Ready?August 25, 2015 | Security News
There's little wonder why the concept of threat-information sharing is becoming so popular: It represents a state where security professionals can share and access real-time threat information, greatly increasing their ability to respond to emerging threats. But while the concept of open threat intelligence is gaining significant traction, the movement is still truly in its infancy. Enterprise… READ MORE
- How DevOps and an Agile Methodology Can Alter Security IntegrationAugust 9, 2015 | Secure Development
Security controls and tests have never been the easiest things to incorporate in the software development lifecycle (SDLC) — but as application security grows in importance, some changes in the way software gets made are making security integration more difficult than ever. The Agile methodology, especially when combined with a DevOps paradigm, embraces speed, making it much harder to get strict… READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.