the State of Security

Risk Management

Risk Management and the State of Security

The Growing Pains of the New CISO

The Growing Pains of the New CISO

by Cindy Valladares

Recently we had an opportunity to interview Phil Cracknell (@PCracknell on Twitter) during Infosecurity Europe. Infosec expert and ‘cynic’ Javvad Malik asks Mr. Cracknell, Global Security and Compliance Director at Yell Group, about the new role of the CISO and how that’s affecting how they balance their skills (technology and business skills). Check out this [...]

Read More
The Evolving Role of the CISO

The Evolving Role of the CISO

by Cindy Valladares

At the recent Infosecurity Europe conference, infosec expert and ‘cynic’ Javvad Malik interviews Quentyn Taylor (@QuentynBlog on Twitter), Director of Information Security at Canon Europe, on the evolving role of the CISO.  Mr. Taylor offers insight into the relationship between customer loyalty, brand reputation and information security. Once a customer’s trust is betrayed, it is [...]

Read More
PCI Compliance — More Than Just a Tick Box Exercise?

PCI Compliance — More Than Just a Tick Box Exercise?

by Cindy Valladares

“Compliance” is sometimes considered a dirty word in the information security world, particularly when companies take a “tick box” or “check box” approach to achieving it before an audit instead of treating continuous compliance as a part of business as usual. Infosec expert and ‘cynic’ Javvad Malik interviews Neira Jones (@NeiraJones on Twitter), Head of [...]

Read More
Conficker Me

Conficker Me

by Michael Thelander

An article caught my eye last week that I couldn’t ignore. It was by turns interesting, infuriating and illuminating, with a simple and matter-of-fact headline: “Thanks to weak passwords, Conficker worm still rampant.” It was from SC Magazine and it made me gack just a little.

Read More

Are your security people lying about the impacts? Probably, but not on purpose.

by Shawna Turner-Rice

Security is a complex, often nuanced, topic. Today there’s a lot of subjectivity in 100% security oriented discussions. Business people like non-squidgy objective numbers. To make security investment decisions, security people have to sell their area to the business; which means speaking their language. As a consequence, security people are often trying to make objective [...]

Read More
Challenges in placing information security teams in the right organizational structure

Challenges in placing information security teams in the right organizational structure

by Shawna Turner-Rice

I often write blogs based on what crosses my inbox during a week; and recently I saw just enough articles on who security should report to that I thought I’d select it as the topic du jour.  (Much like Adam, I rarely seem to get to writing these early. This isn’t a new topic, I [...]

Read More

← Previous Entries