Essential Guide

Get started Bring yourself up to speed with our introductory content.

Managing information security amid new threats: A guide for CIOs

Managing information security is no picnic when data breaches abound. In this Essential Guide, we prepare CIOs for the challenge.

Introduction

The management of information security is at something of a crossroads. On the one hand, CIOs and their security generals have perhaps never had as many targeted tools at their disposal, nor access to as much good advice from their peers and experts on how to avoid being the next victim of a data breach. But on the other hand, the aptitude of hackers seems to be increasing as well, with threats seemingly coming from both foreign and domestic criminals looking to attack via a multitude of channels, whether it's the latest tablet or smartphone, your newest Internet of Things-connected device, or a good old-fashioned, easily crackable password.

Is your organization managing information security in such a way that mitigates these new threats? In this CIO Essential Guide, we provide updates on the latest high-profile hacks and what lessons CIOs can draw, break down the importance of preemptive information security, and offer advice on how to secure the latest breed of technological advancements in the workplace.

This Essential Guide on managing information security is part of the CIO Briefings series, which is designed to give IT leaders strategic management and decision-making advice on timely topics.

1Hacks ahoy!-

When information security goes haywire

We've all heard the horror stories: Big-name brands including Apple, Target, Home Depot and Neiman Marcus have fallen prey to hackers, who have sniffed out vulnerabilities in their IT systems in order to exploit private customer information. But it's not all bad news: In these high-profile hacks lie useful lessons for CIOs looking to build a better culture around information security in their organizations, as the following pieces explore.

News

Apple iCloud hack a prime opportunity to sell security culture

The very public iCloud breach provided CIOs with the opportunity to reinforce the importance of building a secure cloud culture and holding their vendors responsible for leaks. Continue Reading

News

How to take advantage of the hijack of 1.2 billion passwords

When a gang of Russian hackers stole user information from 420,000 websites, it was sobering -- and also a sign that CIOs should push for improved technology and security compliance. Continue Reading

Opinion

With 'Heartbleed' strike, personal identifiable information is at risk

A defect discovered in one of the Internet's key security methods, OpenSSL, forced two-thirds of all websites to consider changes to better secure consumer information. Continue Reading

News

When Heartbleed hits the healthcare industry, patient data is compromised

Despite organizations' increasing dedication to information security and awareness, there continues to be a startling number of gaps in many of their security systems. Continue Reading

News

Bash shell bug: More perilous than Heartbleed, experts say

Enterprises still reeling from Heartbleed had to turn their attention to the Bash shell bug, which many security experts called an even bigger deal than the OpenSSL vulnerability. Continue Reading

Opinion

Adobe's data security failings point to need for CIO vigilance

After more than 2.9 million customers' credit card information, as well as Adobe's source code for several software titles, were compromised, it became clear that somebody forgot to "lock the door." Continue Reading

Opinion

New post-breach CIO at Target a security heavy-hitter

Target's new CIO was formerly a senior information technology adviser for the U.S. Department of Homeland Security. The clarion call for CIOs? Reshaping roles and playing cyberoffense. Continue Reading

News

As breaches multiply, CIOs might suffer the consequences

No matter who profits from a credit card data breach, the attack will cost companies big time -- and might even cost CIOs their jobs. Continue Reading

2Videos-

Hold off hackers and know your legal limitations

The following videos explain how an enterprise mind-set predicated on strong security and compliance policies helps fend off hackers.

Video

Hacker mind-set a prereq for security engineers, says Markley CTO

In this video excerpt, Markley Group CTO Patrick Gilmore talks about why today's ideal security engineer is someone who is paranoid and aggressive and really liked to hack stuff as a teenager.

Video

How to build a security roadmap with a cascade approach

Having trouble gaining upper-level support for security plans? In this video, learn how to build a one-page security roadmap with a cascade approach.

Video

Active cyberdefense: What are the legal limitations?

In this Ask the Expert video, attorney Randy Sabett discusses the complications and legal limitations of an active cyberdefense strategy.

Video

Predictive security intelligence: How it protects today's enterprise

In this Ask the Expert video, security guru Eric Cowperthwaite explains predictive security intelligence and how to leverage it in the enterprise.

3Pre-emptive security-

Managing information security proactively

When facing a threat-filled landscape, often the best way to fight back is to properly protect your organization in the first place. How can a CIO go on the offensive? In this section, we review proactive security strategies, including the key players and where CIOs should focus their planning prowess.

Opinion

The best cyberdefense is a strong cyberoffense

If you're a CIO who still thinks that maintaining a strong cyberdefense is the best way to protect your enterprise, CIO expert Harvey Koeppel is delivering a wakeup call. Continue Reading

Feature

Information security: A competitive gain, not only a cost center

In these days of a breach a minute, a strong information security program is a competitive differentiator. Here's how CIOs and CISOs prove it. Continue Reading

News

Are CIOs partly to blame for a lack of proactive security strategy?

The same remote access software that lets employees log on from anywhere has more insidious uses that hackers are exploiting. When should CIOs step in? Continue Reading

Feature

Who's to blame for the presence of shadow apps?

The C-suite might shoulder some of the blame for shadow applications, given its focus on IT systems that rake in the dough. Also, we offer a rundown of security tools that pay off for CIOs. Continue Reading

Tip

A CTO stares down cyberthreats with a focus on risk profiling

CTO Niel Nickolaisen's cybersecurity strategy hinges on working with experts who can shore up enterprise defenses, and ranking potential risks facing the organization. Continue Reading

Opinion

Cyberthreats are morphing; is your cyberstrategy following suit?

Now that just about everything is hooked to the Internet, vulnerabilities are rapidly multiplying. As cyberthreats evolve, so too must the ways in which enterprises confront injurious attacks. Continue Reading

4Glossary-

Emerging security considerations

Protecting your organization's information now assumes the management of various endpoints. Here are a few areas of note:

5Expert advice-

Tackle today's most pressing security challenges

Mobile security, Internet of Things security, application security, biometric security -- suffice it to say, today's enterprise security landscape and offerings are advancing at a rapid pace. In this section, experts and practitioners offer their take on keeping your organization on the cutting edge of new security products and strategies.

News

Is the Internet of Things a sign of Cybergeddon?

With the arrival of the IoT age, CIOs must consider how to protect a widened attack surface composed of newly Internet-connected devices. Continue Reading

Answer

What are the top tools for secure mobile collaboration?

Gartner Analyst Mario de Boer discusses how to protect enterprise mobile collaboration efforts, including what constitutes an effective (or ineffective) security measure. Continue Reading

Opinion

Old-school security technologies take on new breed of threats

As enterprises seek to fend off a proliferation of data-driven cyberthreats, some IT executives are turning to decidedly old-school tools to protect their precious data. Continue Reading

Tip

The enterprise implications of biometric security measures and identification

Biometric security measures might not be mainstream -- yet -- but that didn't stop #CIOChat participants from weighing in on the prospects for biometric-scanning authentication. Continue Reading

Tip

How to eschew mobile application security snafus

The security minds behind some of the world's most well-known brands offer six tips for avoiding making mistakes around mobile application security. Continue Reading

Answer

Why is 'bring your own encryption' (BYOE) vital?

Forrester analyst James Staten explains the importance of the bring your own encryption (BYOE) in organizational cloud security efforts. Continue Reading

Tip

Continuous improvement key to effective enterprise security

While some security and risk professionals dismiss continuous improvement as fluffy, security leaders recognize CI as a powerful tool in their security arsenal, an analyst explains. Continue Reading

6Quiz-

Does your information security strategy hack it in the digital age?

CISOs are among the group of IT executives earning the heftiest paychecks right now, and security managers saw a marked increase in compensation this year as well, according to the results of TechTarget's 2014 IT Salary and Careers Survey. And perhaps rightly so, as respondents once again pointed to information security as a top-three project area of focus.

As the demand for security expertise increases, never has it been more pressing for IT leaders to make sure their enterprise's security strategy is ready to face today's fierce breed of security challenges. Review some of our recent stories and take this quiz to see if your information security strategy is strong enough to handle today's digital curveballs.

Test your security IQ

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

SearchCompliance

SearchHealthIT

SearchCloudComputing

SearchMobileComputing

SearchDataCenter

Close