 |
 |
|
 |
||
|
|
|
|
||
|
URL :
 |
 |
 |
 |
September, 2003 
Culture Shock
ROUNDTABLE Security pros often talk about establishing a "security culture." Our C-level executives show you how to make it happen. by ANDREW BRINEY A Ph.D. for CISOs Consulting firm plans business continuity-based certification to meet changing role of CSOs/CISOs. by MATHEW SCHWARTZ Thinking Like A Board Member Directors live in a menacing world of personal responsibility and corporate risk. It's more important than ever to make sure they "get" security. by SANFORD SHERIZEN June, 2003 
Rinse & Repeat
Roundtable Four CISOs explore practical strategies for managing enterprise risk--from classification to assessment to monitoring to response. moderated by Andrew Briney The Risk Lifecycle Sidebar IT security risk management is best approached as a "lifecycle" of activities, one step logically leading to the next. State of Confusion Law & Regs California's new privacy law is full of ambiguity, but if you do business there, you'd better get your guard up. by Randy Sabett Turnover at the Top Security Management How to keep the security program on track...even when there are cracks in the corporate ladder. by Anne Saita Security Governance Survey Turnover in the "C-Suite" may disrupt the continuity of the infosecurity program. March, 2003 
Dollars and Sense
Roundtable Four CISOs discuss practical strategies for getting the security budget you need--and spending it wisely. Moderated by Andrew Briney 2003: Another Year of Belt Tightening Survey The assumption that IT security budgets are growing across the board is a myth, according to an Information Security survey of 518 senior security managers. By Andrew Briney For the Common Good Corner Office Like hundreds of worms and viruses before it--the SQL Slammer worm that wrecked havoc with Internet connectivity, tripled latency and knocked more than 13,000 ATMs offline for several hours--need not have happened at all. By William H. Murray September, 2002 
Proving Ground
Roundtable Infosec execs discuss the challenges of developing, implementing and policing effective infosecurity programs. Moderated by Andrew Briney Am I Liable? Infosec Liability FAQ There's no road map and little history to guide you, but here are some thoughts on the legal landscape that just might help. By Kimberly B. Kiefer and Randy V. Sabett Sun's Security King Q&A Cryptography pioneer Whit Diffie offers illuminating views on his ascension to Sun Microsystems' CSO. Interviewed by Richard Thieme Oracle CSO Mary Ann Davidson Profile Oracle's CSO is unflappable about the company's "unbreakable" pledge. By Lawrence M. Walsh To Lead Corner Office The point of a journey is not to arrive. By William H. Murray Many Hats, No Hand CISO Focus CISOs are often required to prepare budgets, configure devices and manage staff, but lack real decision-making authority, according to an Information Security survey. By Andrew Briney OTHER FEATURES Standard Practice Security Standards ISO 17799 aims to provide best practices for security, but leaves many yearning for more. By Lawrence M. Walsh The CPO Newcomers to the executive suite, chief privacy officers decide the fate of corporate--and personal--information. By Neil Roiter Anatomy of a Security Professional When it comes to infosecurity, diversification is more important than specialization. By Edward Spencer MOVERS 'N SHAKERS Ross Anderson: Cracking Infosec's Paradigms Is your company spending too much on the wrong threats? Author and crypto maven Ross Anderson takes aim at infosec assumptions. Interviewed by Jay Heiser Ronald Dick: Center of Attention Career FBI agent Ronald Dick has been given the mission of maturing the scope and capabilities of the National Infrastructure Protection Center. Interviewed by Richard Thieme NOTE: Ronald Dick recently retired from the NIPC. This article was published in August, 2001. Stephen Northcutt: A Mentor's Mantra Former Navy man Stephen Northcutt has new marching orders: Train the defenders to think like their attackers. Interviewed by Richard Thieme Richard Clarke: CyberSecurity Czar Richard Clarke has been America's de facto Security Czar for the past eight years. Facing an uncertain future in the new Bush administration, Clarke reflects on the state of national security--and his roll in bolstering it. Interviewed by Richard Thieme NOTE: Richard Clarke recently retired from the President's Critical Infrastructure Protection Board. This article was published in February, 2001. CISOs: IN THEIR OWN WORDS Fannie Mae Chrisan Herrod on securing the American dream NOTE: This article was written in November 2000. Chrisan Herrod is now Professor and Chair of the Dept of Information Operations and Technology, National Defense University. Fidelity Jerry L. Archer on the E-Signature (R)evolution U.S. Postal Service Howard Cox on securing 10,000 LANs Lockheed Martin A. Padgett Peterson on enterprise AV Province of Ontario Kirk Corkery on security culture FedEx Ron Wallace on preventing dial-up disaster MassMutual Bruce Bonsall on directory services U.S. Senate Sen. Robert F. Bennett on the need to develop better public/private collaboration on Internet security COLUMNS Defense-in-Breadth Corner Office How to reduce risk using "synergistic security." By Peter Tippett The Great AV Myth Corner Office Updating your antivirus definitions may not be as important as you think. By Peter Tippett Stronger Passwords Aren't Corner Office In the real world, an eight-character mixed alphanumeric password is no more secure than a simple four-character password. By Peter Tippett Calculating Risk Corner Office Here's a simple equation for quantifying your organization's security risk. By Peter Tippett Sweat the Easy Stuff! Corner Office Most security problems can be mitigated through inexpensive, easy-to-adopt practices. By Peter Tippett Copyright 2003 TechTarget. |
|
 |
 |
 |
