Security content on Enterprise CIO Forum

Technology, Cloud

Why lawyers need the cloud

Blog-post by Rick Blaisdell, Fri, 12/19/2014 - 13:40

Cloud computing is not just a cool technology for early adopters. It is now the digital backbone for individuals and businesses that demand highly secure, scalable, accessible and centrally managed data centers maintained by highly trained IT professionals.

Business Issues, Security

Banks could make retailers pay for poor data and security governance

Federal judge rules in favor of banks.

Blog-post by Myles Suer, Tue, 12/16/2014 - 23:20

A couple months ago, I reached out to a set of CIOs on the importance of good governance and security. All of them agreed that both were incredible important. However, one CIO retorted a very pointed remark by saying that “the IT leadership at these breached companies wasn’t stupid”. He continued by saying that when selling the rest of the C-Suite, the discussion needs to be about business outcomes and business benefits.  For this reason, he said that CIOs have struggled at selling the value of investments in governance and security investment.

(1) (1)

Business Issues, CIO Leadership, Technology, Applications, Big Data, Cloud, IT Infrastructure, IT Performance, Mobility, Security, Services

2015 CIO and CISO Priorities: Cybersecurity, the Cloud and IT Budget

Blog-post by Thu Pham, Mon, 12/15/2014 - 20:44

What are some of the top concerns of Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs) today? According to a 2014 TechAmerica Federal CIO and CISO Survey – it’s improving cyber security. As new threats increase, risk management involves both educating users about security risks such as phishing attempts as well as building up network protection with continuous monitoring.


Business Issues, CIO Leadership, Technology, Applications, Big Data, Cloud, IT Performance, Mobility, Security, Services

Security in 2015: The Enterprise Begins to Favor Integrated Cloud Services vs. On-Premise Point Solutions

Blog-post by Paul Lipman, Mon, 12/15/2014 - 19:57

Today’s Chief Information Security Officer (CISO) is faced with an over-load of point products (NAC, IDS, IPS, Endpoint Security, Web Gateway, Next Generation Firewall and APT to name just a few) provided by a plethora of vendors. These products are typically deployed in some on-premise configuration and tend to be difficult, if not impossible, to integrate together – resulting in severe visibility limitations across the organization’s security posture.

(1) (1)

Business Issues, CIO Leadership, Technology, Big Data, Cloud, IT Infrastructure, Mobility, Security

Can Your Security Protection Keep Up with Roaming Mobile Workers?

Blog-post by Paul Lipman, Tue, 11/18/2014 - 16:58

As 2014 comes to a close, many of us in the security industry cringe as we look back at a year full of massive, high profile security breaches. In spite of major investments of capital and time by large corporations, attackers are still getting through their defensive perimeters, and dwelling undetected long enough to do extensive damage. It’s become painfully clear that enterprises today are so interconnected, any gap in their widely dispersed infrastructures or ecosystems can provide an entry point for sophisticated cybercriminals.


Business Issues, Applications, Mobility, Security

So many security concerns and topics, so little time

"Fake cell towers!?" See conversation 2.

Blog-post by John Dodge,
Community Manager
, Fri, 11/14/2014 - 15:42

Our #CIOchat yesterday about security nightmares touched on human error, penetration testing, privacy, Point of Sale vulnerabilities, training, education, layered security, 7x24 threat monitoring and who should be charge of enterprise cyber security. The sheer number of topics expresses the complex and never ending task of keeping enterprise data secure.

Business Issues, CIO Leadership, Technology, Cloud, IT Performance, Mobility, Security

Stolen Credentials Led to Data Breaches at Universities

Blog-post by Thu Pham, Tue, 11/11/2014 - 17:49

Earlier this year, the University of Maryland suffered a data breach of more than 300k students and personnel, prompting an investigation by the Secret Service and resulting in a testimony before Congress by the UMD president. As the Chronicle of Higher Education reported, the total costs of the data breach could easily reach millions of dollars, with expenses spread across five years of credit monitoring, legal and IT forensics firm fees.


Business Issues, Cloud, IT Infrastructure, Security

What security threats keep you awake at night?

#CIOchat's topic for this week: 2-3 p.m. ET Thursday

Blog-post by John Dodge,
Community Manager
, Mon, 11/10/2014 - 17:01

I just read an excellent piece about what constitutes a "malicious insider." The post by two HP security strategists asserts that malicious insiders are much more than disgruntled or bumbling employees.

Here's how post authors Dan Schulte and Neil Bryden describe malicious insiders.

CIO Leadership, Security

Take a Value Chain approach to secure your enterprise

Embed security in each activity performed by IT every day

Blog-post by Michael Garrett, Mon, 11/03/2014 - 17:09
Michael Garrett

We all know enterprise security is changing. It’s becoming imperative to integrate security into every aspect of IT. We call this approach Converged Security, and it fits into the way IT is evolving.

(2) (2)

CIO Leadership, Security

Converged Security: Why we should integrate Security and IT Operations

Achieve benefits of scale by uniting teams for mutual benefit

Blog-post by Michael Garrett, Thu, 10/30/2014 - 18:45
Michael Garrett

The threat landscape is changing rapidly. It wasn’t so long ago that CISOs were worried about worms and viruses. Back then, the focus was on perimeter defense. But today’s high-profile security attacks exploit internal weaknesses. They’re often slow moving and hard to detect. Security is having to cover more ground, and in the process its activities are overlapping with those performed by IT Operations.

The good news is this overlap gives IT an opportunity to cut costs, improve efficiency, and reduce waste.

Monitor, detect, correct

Syndicate content