The CISO/board relationship is an hot topic, and Selim Aissi has a unique perspective. Besides serving as a board member on several organizations, he has been regularly reporting to the private and public company boards in his role as CISO. So he knows exactly what CISOs should be conveying - and how.
In the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including open-source software vulnerabilities, and provides insights on updating SOCs and communicating effectively with the board.
It would seem for the foreseeable future, if you want something done, it will increasingly have to be done remotely. This is the new operating environment in which we have had to live, adapt and deliver.
This whitepaper is not intended to be an exhaustive guide to mainframe services and client requirements in the new...
There is a skills shortage in most tech roles, but cybersecurity for critical infrastructure is a newly identified problem that requires new approaches to resolve. Mex Martinot, Vice president of industrial cyber and digital security business at Siemens Energy, offers advice on steps to bridge the particular skills...
For Nicki Doble, group CIO and CISO at Cover-More Group - an Australian travel insurance company and part of the Zurich Insurance Group - the top priority is global security and privacy standardization across the organization.
A lot of CISOs talk about having security "baked into" their products and solutions. But for Stephenie Southard, vice president and and CISO at BCU, security leadership is all about ensuring that cybersecurity is part of the enterprise's very fabric.
As an international bank, Barclays needed to invest more in its information security training in order to minimize risk and ensure business continuity. The goal was learn and teach the modern way to minimize a security breach posed by the latest advanced threats.
Cyber sieges immerse teams in real-world cyberattack...
In theory, organizations are best protected by a layered security approach to cybersecurity based on best-in-class security tools.
In reality, the desired outcome is rarely achieved.
Why? Because most teams are not fully trained to use the technology on which their security program is built.
Fintech firms offer established financial services companies the ability to navigate the open banking revolution, but convincing them to rely on emerging cloud, container and other technologies requires flexibility and salesmanship, says Finleap Connect's Francis McGillicuddy.
Driving employees to make cybersecurity a core part of their work vision and mindset continues to be a challenge. Anne Hännikäinen, CISO of Fintraffic, describes essential best practices - from having senior leadership on board to facilitating better communications via such strategies as gamification.
As the head of product security for LeanIX, Michael Lines is primarily focused on risk management, risk assessment and data governance. He tells why he believes that more security leaders and CISOs should focus on risk.
As both a CISO and CTO, Tim Heger is in the unique position of shaping HealthBridge's approach to security as well as adopting new technologies to keep the organization on the cutting edge. In his spare time, he helps mentor and encourage startups.
Experience as a chief enterprise architect offers excellent underpinnings for performing as a security leader, in that both roles require creating and executing a vision, backed by stakeholder buy-in and navigating obstacles - no matter the scarcity of resources, says Suren Naidoo, CISO of The Foschini Group.
"No risk, no business." As global CISO of Egyptian Arab Land Bank, Mohamed Mostafa says he regularly applies that maxim, which he learned from a prior boss, as he seeks to maximize his organization's security posture while working closely to collaborate with every line of business.
Drawing on her experience selling cybersecurity products and services, Nastassja Finnegan now sits in the hot seat, serving as CSO of South Africa's First National Bank. Succeeding in either role, she says, requires interfacing with users, understanding their needs and helping them to do the right thing.