CSOONLINE.com - Exec. Communication

5 Must-Do Cyber Security Steps for Obama

Bill Brenner — Wed, 03 Dec 2008 05:00:00 GMT

As President-Elect Obama focuses on two wars and a hemorrhaging economy, security experts are urging him to address five weak security links in America's cyber infrastructure that threaten the nation's defenses and financial institutions.

Jeff Spivey on Enterprise Risk Management

Derek Slater — Mon, 10 Nov 2008 05:00:00 GMT

The former ASIS president explains the accelerating move to more comprehensive risk management models. (Part of the What Happens Next security predictions series.)

PCI's Post-Audit Pain Points

Bill Brenner — Wed, 05 Nov 2008 05:00:00 GMT

Passed your first PCI compliance audit? You've only just begun! Veterans say ongoing challenges with log management, database encryption and upper management buy-in mean the task is never finished.

Five Mistakes Security Pros Would Make Again

Bill Brenner — Mon, 29 Sep 2008 04:00:00 GMT

Whether it's getting fired for standing up for what's right or making a network configuration mistake that leads to better security, there are some mistakes worth making. Five security pros offer personal examples.

Ouch! Security Pros' Worst Mistakes

Bill Brenner — Wed, 03 Sep 2008 04:00:00 GMT

We've all done regrettable things on the job, but does any valuable wisdom come of it? Four security pros candidly explain their biggest blunders and what they learned in the process.

Data Breach Fallout: Do CISOs Need Legal Protection?

Bill Brenner — Wed, 30 Jul 2008 04:00:00 GMT

Since the security executive is on the hot seat after a data breach, some industry experts suggest CISOs get themselves some form of liability protection. The downside is that such protection could shield those who deserve the blame for an incident.

Former ISACA Head: SAS 70 Changes Coming

Bill Brenner — Fri, 25 Jul 2008 04:00:00 GMT

Marios Damianides, a partner in Ernst & Young's technology and security risk services group and past president of ISACA's board of directors, expects changes for SAS 70 and more collaboration between security and non-security management groups.

Information Security Management: The Basics

Tue, 01 Jul 2008 04:00:00 GMT

It's one thing to establish a security program that meets the needs of your organization. It's quite another to successfully embed the principles of that program into the very DNA of your organization.

Industry View| Ira Winkler on Awareness Training

Mon, 30 Jun 2008 04:00:00 GMT

Awareness training is great when people can hurt only themselves. But when people can hurt others, stronger measures are required.

Cost-Cutting Through Green IT Security: Real or Myth?

Bill Brenner — Wed, 25 Jun 2008 04:00:00 GMT

Some say the concept of green IT security is a stretch, but others see a real opportunity to cut costs as well as carbon emissions. (Part two in a series: How to Manage Security in a Recession)

Security and Business: Financial Basics

Michael Fitzgerald — Mon, 23 Jun 2008 04:00:00 GMT

You need to find and use the right financial metrics to communicate security's value to your company. Here are pros and cons of four: TCO, ROI, EVA and ALE.

Making Security Work When Staffing is Tight

Bill Brenner — Thu, 19 Jun 2008 04:00:00 GMT

When you can't afford new hires, there are plenty of ways to give the people you have better security scruples. (Part One in a series: How to Manage Security in a Recession)

DOJ Staffer Tapped to Head US-CERT

Robert McMillan — Wed, 18 Jun 2008 04:00:00 GMT

The Department of Homeland Security has named Mischel Kwon as head of US-CERT.

Security and Business: Communication 101

Tue, 17 Jun 2008 04:00:00 GMT

Communication skills are the number one requirement for leadership success. In security, step one in communication is understanding the language and priorities of the business.

Citrix Executive to Replace Sourcefire CEO

Robert McMillan — Tue, 17 Jun 2008 04:00:00 GMT

Citrix Systems' executive John Burns has been named CEO of Sourcefire, effective July 14.