"It's not enough to know the architecture of the breach system," says Michael Aisenberg of MITRE Corp. "Leaders have to understand the different jurisdiction of where they do business, where their customers are and which breach law applies."
NRC CISO Patrick Howard is among three information security leaders who share their experiences, approaches and challenges from battling data breach incidents that had an impact on their organizations and their careers.
In the wake of the RSA, Epsilon and Sony PlayStation data breaches, we spoke to two global information security leaders and asked for their three biggest leadership lessons learned. Here is what they shared.
"We took our understanding of the tools, tradecraft and techniques used by these malicious actors, and converted it into actionable information that ... would lower their risk to the type of attack we saw at RSA," DHS Secretary Janet Napolitano says.
Altra Federal Credit Union developed a calculated strategy before moving to the cloud -- advice all financial institutions should follow, says Brian Boettcher, VP of IT, who shares his lessons learned.
Expanding use of secure messaging as well as remote access to information systems are key 2011 IT priorities for Shriners Hospitals for Children, says Bill Bria, M.D., chief medical information officer.
Fraud attempts will escalate, not diminish, as new threats and channels blossom in 2011. Growth in mobile banking and the use of social networks are expected to pose new security challenges, experts say.
Electronic communication is at the heart of every organization, but one compromised e-mail can damage your corporate brand, compromise intellectual property or put you in non-compliance with laws and industry regulations. Privacy concerns, regulatory compliance, and corporate guidelines all need to be factored into...