Security Leadership - News, Features, and Slideshows


  • 3 things CSOs can learn from CPOs

    The role of the CSO and CIO has been changing dramatically as technology becomes more and more vital to business strategies. Sometimes, it can be hard to keep up.

    Written by Maria Korolov31 Jan. 15 01:44
  • The evolution of the CISO role and organizational readiness

    If we look at the headlines surrounding recent data breaches, we might conclude that the role of the chief information security officer (CISO) has never been more critical to the success and sustained well-being of an organization. As a by-product of this statement, we also might surmise that the information security organization and where it reports into is also important. This is probably why every recent CISO event includes a conversation about where the CISO and information security program should reside within an organization. The challenge is that however healthy the debate, the question about where the CISO and his/her department should report generally ends with, 'it depends'. To shift from a debate to productive action, maybe the question is not where should the CISO report into [<a

    Written by By Brian Engle29 Oct. 14 00:56
  • Five CISO skills critical to your success in the next five years

    There's certainly no shortage of claims regarding the current shortfall of cybersecurity professionals. These findings show up repeatedly in our surveys, most recently the 2014 Global Information Security Survey and the 2013 State of the CSO, which both revealed that the demand for skilled IT security professionals continues to strain organizations' ability to fill security positions. Finding skilled information security workers was identified as one of the greatest challenges for 31 percent of large companies.

    Written by George V. Hulme14 Aug. 14 01:51
  • 6 steps to win executive support for security awareness programs

    In our article, "The 7 Elements of a successful awareness program," we identified the first and most critical element was obtaining C-level support. Such support is critical for the success of just about any organizational effort. Their support brings organizational buy-in and authority for your efforts. You can get other departments to support your efforts. While you will still meet some resistance, it is easier to overcome or bypass. Most importantly, you get more funding to put together a respectable awareness program.

    Written by Ira Winkler and Samantha Manke22 July 14 05:56
  • Turning your security strategy inside out: The convergence of insider and advanced threat

    Regardless of your industry, the size of your organization, or the type of business you have, insider threat is a menacing reality. In most organizations, this threat has been undervalued, underestimated and underfunded. It's the elephant in the room that no one wants to talk about because it means acknowledging that one of your own employees might take you for a ride. And, it requires taking several challenging and, to some, uncomfortable steps to combat.

    Written by Jason Clark, James Robinson03 July 14 04:20
  • 10 tips to attract women to infosec jobs

    Women make up just 11 percent of information security professionals. Just increasing that number to 22 percent would solve the industry's staffing shortage problem.

    Written by Maria Korolov06 May 14 04:54
  • Mark Weatherford: The Veteran

    Weatherford, a principal at The Chertoff Group, understands security from both governmental and commercial perspectives

    Written by Lauren Gibbons Paul23 Oct. 13 19:08
  • Scott Pettigrew: The Builder

    Over the course of his eclectic career, Pettigrew, who's now CSO at HMS, has assembled three security departments from the ground up

    Written by Lauren Gibbons Paul23 Oct. 13 15:50
  • Grant Lecky: The Visionary

    Founder of the Canadian Security Partners' Forum, Lecky went after his dream of elevating the security industry while keeping his day job

    Written by Lauren Gibbons Paul22 Oct. 13 20:30