If we look at the headlines surrounding recent data breaches, we might conclude that the role of the chief information security officer (CISO) has never been more critical to the success and sustained well-being of an organization. As a by-product of this statement, we also might surmise that the information security organization and where it reports into is also important. This is probably why every recent CISO event includes a conversation about where the CISO and information security program should reside within an organization. The challenge is that however healthy the debate, the question about where the CISO and his/her department should report generally ends with, 'it depends'. To shift from a debate to productive action, maybe the question is not where should the CISO report into [<a
Accuvant - News, Features, and Slideshows
Vulnerabilities found in remote management software that carriers insist be installed on smart phones and other mobile-enabled devices they sell are likely to put many devices at risk of compromise for some time to come.