Ohio is relatively new to enterprise information security, and according to David Shaw, the state's chief information security officer, there is still much to do to ensure that all the agencies' critical infrastructure is protected.
Give a man a fish, you feed him for today, the proverb says. Teach a man to fish; and you feed him for a lifetime. That adage can be applied to information security, as well.
Oregon state agencies are coming together to develop a centralized plan, ending a previously siloed approach, to simplify compliance with Internal Revenue Service rules to safeguard taxpayer data, says state CISO Theresa Masse.
Yahoo's Justin Somaini believes his fellow CISOs in business and government do a good job keeping their bosses informed of proper information security practices, but could do better in educating the rank and file about them.
The General Services Administration expects the cloud-based system will reduce e-mail operation costs by 50 percent and save more than $15.2 million over the next five years.
Eddie Schwartz didn't shy away from the offer to become RSA's first chief security officer after the security firm experienced a sophisticated advanced-persistent-threat breach. Instead, Schwartz embraced the hack as the reason to take the job. (See RSA to Get Its First Chief Security Officer.)
SafeNet CEO Chris Fedde says top executives, not chief information or chief information security officers, should have final say on what data to encrypt.
"It's not enough to know the architecture of the breach system," says Michael Aisenberg of MITRE Corp. "Leaders have to understand the different jurisdiction of where they do business, where their customers are and which breach law applies."
NRC CISO Patrick Howard is among three information security leaders who share their experiences, approaches and challenges from battling data breach incidents that had an impact on their organizations and their careers.
With so much critical information being exchanged today via e-mail, now is the time to deploy next-generation e-mail encryption solutions, says Bob Janacek, CTO and founder of DataMotion.
In the wake of the RSA, Epsilon and Sony PlayStation data breaches, we spoke to two global information security leaders and asked for their three biggest leadership lessons learned. Here is what they shared.
Intel CISO Malcolm Harkins says the Sony PlayStation breach reminds CISOs in all sectors that such incidents can't be avoided, but their risks can be managed.
"We took our understanding of the tools, tradecraft and techniques used by these malicious actors, and converted it into actionable information that ... would lower their risk to the type of attack we saw at RSA," DHS Secretary Janet Napolitano says.
Altra Federal Credit Union developed a calculated strategy before moving to the cloud -- advice all financial institutions should follow, says Brian Boettcher, VP of IT, who shares his lessons learned.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.