Managing security and risk requires multifaced procedures, technologies, IT security staff and, of course, a nice budget. For medium-sized businesses, information security managers and CIOs must know how to deal with complex attacks that probe networks and systems and have risk mananagement plans in place.
This special report is a collection of magazine and online articles, a webcast and a podcast that examine security management practices, risk management policies and staffing issues, as well as budgeting strategies to get buy-in from the business side.
Under Fire
[James Connolly, Contributor, CIO Decisions]
Despite the same old budgets and resources, midsized companies have to contend with new and more complex security attacks. Here's how a few are rising to the challenge.
Marrying the Digital and the Physical
[James Connolly, Contributor, CIO Decisions]
Increasingly, heads of IT security have to consider both physical and virtual threats. The Educational Testing Service in Princeton, N.J., is trying to meld these two worlds into a comprehensive security strategy.
CISO: The Technology Sheriff
[James Connolly, Contributor, CIO Decisions]
As midsized companies grow larger and even go public, they have to consider hiring a CISO. Here are some of the factors that should be a sign that you need a CISO.
Making the Security Pitch
[James Connolly, Contributor, CIO Decisions]
While recent data breaches may help to convince companies about the importance of a security strategy, IT still has to make the case and sell it to the business side.
IT rank and file nervous about inadequate security
[Kate Evans-Correia, News Director]
IT's rank and file are just as concerned about being used as the company scapegoat in the event of a major security breach as CIOs -- maybe more so. Many believe that when under pressure, the stressed-out CIO will point the finger at them.
Risk management: Think policy first, technology second
[Kate Evans-Correia, News Director]
Auditor on your tail? Gartner analysts have six hot technologies that'll impress the inspector -- but with one caveat: Have good policies in place before you buy.
Webcast: Risk management success: A long-term plan
Speaker: Russell D. Vines, chief security advisor, Gotham Technology Group LLC
Summary: This webcast offers the best practices CIOs can use to develop a risk management plan. All companies are vulnerable to threats, policy breaches and internal theft. Technology can thwart threats and other vulnerabilities, but technology alone isn't enough. Strategic management of enterprise risk and threats begins at the executive level. You'll learn how to implement, update and maintain a risk management plan for long-term success.
Podcast: Risk management policies: 10 essential steps for CIOs
In this podcast, Russell D. Vines offers 10 quick steps for creating a strategic risk management plan for your IT organization.
