enterprisesecuritymag

information security

Eliminating Passwords: The Journey
Enterprisesecuritymag >> cioviewpoint

Bret Arsenault, CVP & CISO, Microsoft

According to one estimate, the average person has 27 online accounts with user names and passwords. Choosing the right password is as confusing as trying to remember dozens of passwords—it should be complex, more than 8 characters long, it...

The Goldilocks Theory for Risk Management
Enterprisesecuritymag >> cxoinsights

Patricia Titus, Chief Privacy & Information Security Officer, Markel Corporation [NYSE:MKL]

Companies need the flexibility to transform the way they do business in order to meet the market demands and security needs to transform its thinking. We know that technology hasn’t stopped evolving therefore adoption continues to grow at a...

It's Time to Take the NYDFS Cybersecurity Regulation Seriously
Enterprisesecuritymag >> cxoinsights

Tom Stamulis, Senior Director, Alvarez & Marsal

It has been six months since the New York Department of Financial Services (NYDFS) released its controversial cybersecurity regulation (23 NYCRR 500) on March 1st. If your organization is considered a Covered Entity affected by the regulation, it...

It's Time to Take the NYDFS Cybersecurity Regulation Seriously
Enterprisesecuritymag >> cxoinsights

Tom Stamulis, Senior Director, Alvarez & Marsal

It has been six months since the New York Department of Financial Services (NYDFS) released its controversial cybersecurity regulation (23 NYCRR 500) on March 1st. If your organization is considered a Covered Entity affected by the regulation, it...

Leveraging ERM to drive Information Security (Cybersecurity) results
Enterprisesecuritymag >> cxoinsights

Chris Mandel, SVP & Director, Sedgwick Institute

Managing a risk, including cyber risk means identifying, tracking, scoring and valuing, normalizing and trending risk performance, including the net impacts. These steps are performed in accordance with compliance standards and aligned with risk...

Combating Organizational Financial Risks
Enterprisesecuritymag >> cxoinsights

Cris Luce, CMO/CTO, Accuro AgriServices

The modern world is defined, in large part, by electronic communication and the massive storage and exchange of digital information. While the Internet and other systems allow companies to operate on a global basis and enable geographically...

Combating Organizational Financial Risks
Enterprisesecuritymag >> cxoinsights

Cris Luce, CMO/CTO, Accuro AgriServices

The modern world is defined, in large part, by electronic communication and the massive storage and exchange of digital information. While the Internet and other systems allow companies to operate on a global basis and enable geographically...

Understanding Insurance Security
Enterprisesecuritymag >> cxoinsights

Sean Murphy, VP & CISO, Premera Blue Cross

Traditionally, the healthcare industry has been reluctant to embrace the cloud. In many cases, for good reason. There were unclear supplier obligations under HIPAA along with sketchy access and data control provisions that really slowed adoption....

Rebuilding Your Information Security Program - From Scratch
Enterprisesecuritymag >> cxoinsights

Larry Schwarberg, CISO, Omnicare

The Information Security field has continued to grow and develop as a part of the enterprise culture. Most existing Information Security programs were pieced together over time as security technologies became more advanced, threats evolved,...

Security under the Spotlight: Shoring up your Security Program against the Rising Tide of the Breach
Enterprisesecuritymag >> cxoinsights

Dana Simberkoff, Chief Compliance and Risk Officer, AvePoint

Cybersecurity and the massive, never-ending stories of data breaches have captured headlines around the world—beginning with Edward Snowden and continuing through government agencies, credit card companies, banks, telecommunications, and...

Security under the Spotlight: Shoring up your Security Program against the Rising Tide of the Breach
Enterprisesecuritymag >> cxoinsights

Dana Simberkoff, Chief Compliance and Risk Officer, AvePoint

Cybersecurity and the massive, never-ending stories of data breaches have captured headlines around the world—beginning with Edward Snowden and continuing through government agencies, credit card companies, banks, telecommunications, and...

FDA Cybersecurity Defenses and Enhancements within the Threat Landscape
Enterprisesecuritymag >> cioviewpoint

Todd Simpson, CIO, FDA

The U.S. Food and Drug Administration (FDA) reliesrely on a strong enterprise security system to help the agency fulfill its global public health mission. In September 2016, the Government Accountability Office (GAO) issued a report, “FDA...

FDA Cybersecurity Defenses and Enhancements within the Threat Landscape
Enterprisesecuritymag >> cioviewpoint

Todd Simpson, CIO, FDA

The U.S. Food and Drug Administration (FDA) reliesrely on a strong enterprise security system to help the agency fulfill its global public health mission. In September 2016, the Government Accountability Office (GAO) issued a report, “FDA...

Safeguarding Organizations through Risk-Based ISO Strategy
Enterprisesecuritymag >> cioviewpoint

Jerry Sullivan, CIO and VP, IT, Orlando Utilities Commission

Is your security department using Mall Cop tactics or a risk-based strategy? For most, I suspect your executive management’s perception prevails over the factual answer to this question. For others, behaving like the...

Role of the Modern CISO Matures
Enterprisesecuritymag >> cxoinsights

Gary Hayslip, Deputy Director, CISO, City of San Diego

Ten years ago, as a network architect managing my organization’s network teams, I was surprised one day when my organization’s CIO walked in and said “You are our new Information Security Officer in charge of both network and...

Addressing Cyber Attacks
Enterprisesecuritymag >> csoinsight

Mark Connelly, CISO, Boston Consulting Group

Cyber attacks are in the news every day. The frequent headlines and intense media scrutiny have brought the topic to the forefront of public attention. Could this be the worst of times for information security? Given the reports, it may seem...

Safeguarding Organizations through Risk-Based ISO Strategy
Enterprisesecuritymag >> cioviewpoint

Jerry Sullivan, CIO and VP, IT, Orlando Utilities Commission

Is your security department using Mall Cop tactics or a risk-based strategy? For most, I suspect your executive management’s perception prevails over the factual answer to this question. For others, behaving like the...

How to Create a Successful Security Culture Program
Enterprisesecuritymag >> cxoinsights

Masha Sedova, Senior Director of Trust Engagement, Salesforce

Ask a Chief Information Security Officer (CISO) about their employees’ security habits and a typical answer follows: “I want people to make less security mistakes.” In reality, this is just as much a description of security...

How to Create a Successful Security Culture Program
Enterprisesecuritymag >> cxoinsights

Masha Sedova, Senior Director of Trust Engagement, Salesforce

Ask a Chief Information Security Officer (CISO) about their employees’ security habits and a typical answer follows: “I want people to make less security mistakes.” In reality, this is just as much a description of security...

Role of the Modern CISO Matures
Enterprisesecuritymag >> cxoinsights

Gary Hayslip, Deputy Director, CISO, City of San Diego

Ten years ago, as a network architect managing my organization’s network teams, I was surprised one day when my organization’s CIO walked in and said “You are our new Information Security Officer in charge of both network and...