Manage

Enterprise information security management

• Workplace of the future undergoes last-minute alterations

  Future of work plans entailed offices that fostered better employee engagements and productivity, while accommodating a small remote workforce. COVID-19 changed all that. Continue Reading

• Return-to-office plans stress safety, security, collaboration

  As offices reopen amid myriad safety measures in COVID-19's wake, companies work to maintain continuity and productivity with their office and remote workforces. Continue Reading

• Former White House CIO talks cybersecurity risk mitigation

  Cybersecurity expert Theresa Payton provides critical insight on current cybersecurity threats CIOs should be looking out for and how to prepare for them during and after the pandemic. Continue Reading

• How to ensure cybersecurity plans align with BC/DR plans

  It's crucial for organizations to have a collection of emergency-focused plans in place that can interact with each other if a cybersecurity attack occurs. Continue Reading

• How IoT, 5G, RPA and AI are opening doors to cybersecurity threats

  In the second part of a series on CIOs preparing for cyberthreats in 2020, we look at how emerging technologies like IoT and the cloud became vulnerable to cyberattacks in the last year. Continue Reading

• Preparing for the new forms of cybersecurity threats in 2020

  In the first part of a series on the new forms of cyberthreats in 2020, we're diving into the many infiltration points being targeted today and why CIOs should be prepared.Continue Reading

• Don't let edge computing security concerns derail your plans

  Security concerns give many IT organizations pause when considering edge computing. But the potential problems can be overcome with proper planning and diligence.Continue Reading

• Risk-based digital identity benefits CIOs, CMOs and customers

  Asking customers to reaffirm their digital identities by sharing private information undermines CX and data security. Instead, use a risk-based approach to digital identity.Continue Reading

• New class of cloud security suite promises next-gen protection

  Nemertes analyst John Burke points CIOs to a new type of cloud security offering that combines the functions of VPN, cloud firewall, secure web gateway and cloud access security broker.Continue Reading

• Blockchain tutorial for CIOs

  Blockchain, a distributed ledger technology, promises to change how business is done. Learn about the whats, whys and hows of this new technology in our CIO blockchain tutorial.Continue Reading

• The future of data security threats and protection in the enterprise

  The future of data security faces new threats at an ever-increasing rate. Read one expert's advice on having a data security strategy to assess and manage enterprise data security.Continue Reading

• Staring down cybersecurity risks in the digital organization

  For cybersecurity strategies to be successful, digitized companies must find the balance between the benefits and risks that come with rapidly advancing IT innovation.Continue Reading

• Technology risks: What CIOs should know and steps they can take

  Adopting new tech helps businesses thrive, but CIOs must be aware of accompanying risks. Experts sound off on how new tech continues to muddle the cybersecurity threat landscape.Continue Reading

• Cybersecurity education: North Dakota preps future workforce

  North Dakota's CIO is behind a cybersecurity education program that aims to get the state's students up to speed on the essentials of IT security.Continue Reading

• McAfee CISO: The importance of a strong cybersecurity culture

  For McAfee CISO Grant Bourzikas, building a strong cyberdefense culture is essential because employees are the first line of defense to avoid rapidly evolving cybersecurity risks.Continue Reading

• McAfee CISO: Leadership buy-in essential to boost cybersecurity

  As online risks continue to evolve, making sure company leadership buys in to efforts to improve cybersecurity posture has become essential, says McAfee CISO Grant Bourzikas.Continue Reading

• CIO roles: Developing 'safe and sound' IT systems

  Digital transformation is having a big influence on the evolution of the CIO role. For one CIO, responsibilities have expanded into ensuring the 'safety and soundness' of IT systems.Continue Reading

• How can companies protect against ransomware in the cloud?

  When it comes to ransomware attacks, cloud storage is not foolproof. CyberSight's Hyder Rabbani offers tips about how to address cloud ransomware threats.Continue Reading

• CISO soft skills in demand as position evolves into leadership role

  Cybersecurity industry veteran Joan Pepin discusses how the evolution of the CISO role has made soft skills essential to thrive in the information security field.Continue Reading

• CISO: Data integrity and confidentiality are 'pillars' of cybersecurity

  When it comes to protecting online info, one cybersecurity veteran says the role of a CISO is to first incorporate processes that maintain data integrity and confidentiality.Continue Reading

• Informatica enlists cloud workload protection platform for 'zero-trust' IT security

  To secure its immense cloud operations, Informatica looks to a new tool, a cloud workload protection platform by Aporeto, with a deny-all approach to server access.Continue Reading

• Webcast: Incorporating log data analysis with incident management

  Log data analysis has evolved in recent years and can prove invaluable to security incident management. Jeffrey Ritter presents a webcast showcasing this evolution.Continue Reading

• Cybersecurity's shortage of skills leaves IT projects vulnerable

  A recent study found that as IT projects proliferate, cybersecurity's shortage of skills is leaving tech vulnerable. Analyst and study author Jon Oltsik explains in this Q&A.Continue Reading

• How to prep for the GDPR breach notification rule

  As companies prep for GDPR compliance, its breach notification rule is making waves. Csaba Krasznay, security evangelist at Balabit, discusses how to prep for Article 33 of GDPR.Continue Reading

• Incorporating security is the next step in the evolution of DevOps

  As the evolution of DevOps continues, security measures are being integrated into product development processes. Will DevSecOps live up to its promise for enterprises?Continue Reading

• More potential attack vectors complicate wearable device security

  To ensure wearable device security, organizations can no longer get by with aged approaches, said Boeing's Brian Laughlin.Continue Reading

• How to fill a CISO position in the digital age: Think cloud

  As companies move IT operations to the cloud, the chief cybersecurity role is changing, too, says cloud provider Sonian's Greg Arnette.Continue Reading

• A cloud provider ruminates on the role of a CISO

  Sonian, a recently acquired cloud application provider, discusses the role of a CISO, emerging cloud security positions and changes on the horizon.Continue Reading

• Push for public, private sector cybersecurity cooperation continues

  Efforts to establish public and private sector cybersecurity cooperation have stalled in recent years, but high-profile incidents could be turning the tide.Continue Reading

• Hybrid IT environment requires hybrid cybersecurity

  As more organizations turn to a combination of cloud-based and on-premises systems, protecting data in a hybrid IT environment requires a fresh look at cybersecurity strategy.Continue Reading

• Cybersecurity basics still a key component in managing digital risks

  Securing the digital enterprise is becoming increasingly complex, but companies should not forget the cybersecurity basics and tap into the power of its available technology, people and processes.Continue Reading

• Facing up to emerging technology: Risks and benefits

  The competitive edge that IoT, blockchain and other cutting-edge tech can deliver also brings new security threats. Read about how to mitigate emerging technology risks.Continue Reading

• Loose coupling, tight data access minimize security risks of new tech

  A recent article on biological malware got Niel Nickolaisen thinking about how to minimize security risks in emerging tech. Here are two approaches that will help.Continue Reading

• Mitigating security risks posed by emerging tech: Expert advice

  Companies are in hot pursuit of the benefits offered by cutting-edge technologies, but mitigating security risks often gets scant attention. CIOs need to change that. Here's how.Continue Reading

• Public and private partnerships helping bolster state's cybersecurity

  The CIO and CISO for the state of Wisconsin discuss how public and private partnerships have become integral to their statewide cybersecurity strategy.Continue Reading

• CISO, CFO need to connect for solid cyber-risk management

  IT security chiefs and people who handle risk need to have clear communication if they want effective cyber-risk management, MIT's Michael Siegel says.Continue Reading

• 21st century data security model: Can tech save us from ourselves?

  Modern threats have made traditional information security apparatuses obsolete, but new, tech-centric data security models are helping companies safeguard their digital assets.Continue Reading

• The NIST cybersecurity framework helps navigate modern threat landscape

  Steven Gutkin from the New Jersey OHSP explains the benefits and challenges of implementing the NIST Cybersecurity Framework and discusses various modern cybersecurity threats.Continue Reading

• As long as the workforce is human, IT security education will fall short

  Enough with training employees to be good security stewards, Niel Nickolaisen says. To err is human. He's putting his faith in behavior-based security and a few ironclad rules.Continue Reading

• IT security chief adds business aptitude to CISO skills

  Jeff Haskill, the IT security chief at AstraZeneca, is, according to his boss, "a very technical CISO." Dave Smoley, CIO at the U.K.-based pharmaceutical manufacturer, praised Haskill for his ...Continue Reading

• Public and private partnerships help fortify critical infrastructure

  NJOHSP's Steven Gutkin explains how building strategic public and private partnerships can help protect a country's critical infrastructure and offers pointers on nurturing such alliances.Continue Reading

• Compliance, security and oversight for the mobile enterprise

  Managing mobile devices just keeps getting harder. Devices and apps are proliferating. Every data breach seems to prompt new rules. We lay out the problem and a plan.Continue Reading

• The CIO-CISO dynamic: Joining forces to bolster cybersecurity

  In this video, state of Wisconsin CIO David Cagigal and CISO Bill Nash offer pointers on how a strategic CIO-CISO partnership can help drive and prioritize cybersecurity.Continue Reading

• An IT security strategy guide for CIOs

  In this Essential Guide, learn how to deal with increasing cyberthreats and discover best practices for developing a successful IT security strategy.Continue Reading

• Mobile security framework: Too little, too late vs. too much, too fast

  Mobility consultant Bob Egan weighs the options of doing too little, too late or too much, too fast when deciding to invest in and deploy a mobile security framework.Continue Reading

• Prioritizing mobile information management and mobile security

  Mobile information management and mobile security should be considered top investment priorities, mobility consultant Bob Egan explains.Continue Reading

• Changes in CISO responsibilities call for new reporting structure

  CISO responsibilities are both expanding and shifting to other departments. CEB's Jeremy Bergsman sorts out the future state of IS, privacy and the risk ecosystem.Continue Reading

• Concerned about mobile vulnerabilities, CIOs add security layers

  IT leaders are adding more security layers in an effort to protect against mobility threats. What tools are in their portfolios?Continue Reading

• The best mobile security plans examine risks first, then prescribe

  How do CIOs deliver the best mobile security? Take a cue from the great psychologist Abraham Maslow, says CTO Niel Nickolaisen.Continue Reading

• Board presentations on IT risk: Don't make these five mistakes

  CIO and CISO board presentations on cybersecurity are on the rise. Jeremy Bergsman of consultancy CEB explains what not to do.Continue Reading

• Next-generation enterprise security architecture to combat cyber weaponry

  In the first part of this webcast, Nemertes Research CEO Johna Till Johnson encourages CIOs not to ignore new, sophisticated threats and to plan for next-generation security.Continue Reading

• Business risk portfolio management: Technology categories

  In part three of this webcast series with Nemertes Research CEO Johna Till Johnson, learn about the technologies needed for a next-generation security architecture.Continue Reading

• Ways to craft a better enterprise IT security roadmap

  In this SearchCIO webcast, Nemertes Research CEO Johna Till Johnson explains how CIOs should build a functional IT security roadmap.Continue Reading

• If grid goes down, public and private sectors on hook

  A cyberattack on the nation's electrical grid could cripple the nation. The public and private sectors need to cooperate on efforts to recoup.Continue Reading

• Fight threats to information security: Inform your people

  Instilling an organizational culture to combat the swarm of threats to information security could prove to be the best defense.Continue Reading

• Balancing user experience and mobile data security

  Creating a powerful user experience (UX) is the holy grail of mobile app development, according to SearchCIO columnist and former CIO Harvey Koeppel. But the journey there is fraught with obstacles, including managing and designing apps that ...Continue Reading

• Shifting IT security budgets to attack detection, response

  A prevention-focused security strategy isn't foolproof. CIOs need to guide a shift in IT security spending toward attack detection and response.Continue Reading

• Cybersecurity experts: 'Brittle' security systems need overhaul

  Cybersecurity experts urge enterprises to embrace new tools, including micro-virtualization and intelligence-led security.Continue Reading

• Taming today's cyberthreat landscape: A CIO checklist

  The cyberthreat landscape grows more dangerous by the day. Harvey Koeppel offers a 12-point cybersecurity checklist for CIOs.Continue Reading

• Among threats to information security, human behavior a constant risk

  Among the myriad evolving threats to information security, CIOs can count on one constant: Human error. Niel Nickolaisen offers three best practices for dealing with ourselves.Continue Reading

• Mobile payment systems boost data security, consumer trust trumps infosec fears

  Infosec professionals worry that mobile payment systems will increase the risk of data breaches, but experts argue their fears are overblown.Continue Reading

• Apple's Tim Cook stands up for consumer privacy

  This week, Tim Cook delivered strong words on consumer privacy and how other digital companies do business. Also in Searchlight: Caitlyn Jenner beats Obama's Twitter record; Yahoo will live-stream an ESPN game.Continue Reading

• Eight steps for keeping pace with data ownership

  Social, mobile, analytics and cloud computing require a fresh look at issues related to data ownership, according to Harvey Koeppel. His eight-point CIO checklist can help.Continue Reading

• Renegade IT essentials: A CIO quiz

  Are you properly handling renegade IT at your organization? Assess your IT management skills with this CIO quiz.Continue Reading

• Mobile pulls CIOs into vetting next-generation security

  Among its many other wonderfully disruptive consequences, mobile computing forces CIOs to figure out a next-generation information security strategy.Continue Reading

• The new security paradigm

  When it comes to the most high-profile data breaches of the past year -- Target, Home Depot, Sony and J.P. Morgan come to mind -- hindsight is 20/20. Security budgets are increasing in the wake of these massive breaches, and CIOs are employing new ...Continue Reading

• CIOs beef up security tools in wake of 2014 data breaches

  What's different about security strategies in the aftermath of the 2014 data breaches? More money, more monitoring, more employee training, and that's just for starters.Continue Reading

• Managing information security amid new threats: A guide for CIOs

  Managing information security in a breach-a-day climate is no picnic. In this Essential Guide, we prepare CIOs for the challenge.Continue Reading

• Shadow apps: Turning SaaS risk into CIO strategy

  What can businesses' willy-nilly adoption of SaaS apps do for CIOs? Remove the invisibility cloak, and shadow apps become a golden opportunity to enable business goals, beef up security and save money.Continue Reading

• How to build a security roadmap with a cascade approach

  Having trouble gaining upper-level support for security plans? In this video, learn how to build a one-page security roadmap with a cascade approach.Continue Reading

• Security Policies for Next-Generation IT: Ezine Download

  IT security threats are evolving faster than management practices can keep up. Find out how to stay ahead in this ezine issue.Continue Reading

• Social media tips and other helpful lists

  In this week's roundup, we have a list made up primarily of lists -- how meta! Included are social media tips and a general how-to on being a good CIO.Continue Reading

• Even a minor lapse in security protocol can lead to major costs

  When security protocols are neglected, data isn't the only loss. A breach in Utah cost the state CIO his job and possibly his reputation.Continue Reading

• Promoting innovation, from boss-less offices to tweaking big data

  This week's roundup of tidbits from the Web includes ways of promoting innovation, as well as talent in the workplace.Continue Reading

• Spring is here, and innovation is in the air

  In this week's roundup of news and notable bits from around the Web, spring brings thoughts of innovation.Continue Reading

• Siri, find me a good lawyer

  In this week’s roundup, a legalpalooza: Yahoo sues Facebook, someone sues Siri and a lawyer slowly backs away from her Pinterest boards.Continue Reading

• How big data improves an information security strategy

  A security guru discusses new ways of looking at the intersection between big data and an information security strategy.Continue Reading

• Security woes and a different kind of Net threat

  We're feeling a little vulnerable this week. Maybe it's because our cache of tech bits is a little heavy on security issues.Continue Reading

• Data loss statistics: Emerging culprits

  Social networking, cloud computing and mobile technology create business opportunities. But data loss statistics show these advances create risks too.Continue Reading

• Who's the 'insider' security campaigns target?

  Can CIOs learn anything from a security campaign launched by the military more than 60 years ago?Continue Reading

• Re-evaluating endpoint security tools

  Has technology advanced to the point that some endpoint security tools -- and the staff needed to support them -- will go away?Continue Reading

• Getting a grip on shadow IT in the age of self-service technology

  Shadow IT should be a serious concern for all CIOs in an age of self-service technology. Here's how to get a grip on it.Continue Reading

• Process improvement methodologies guide for CIOs

  Learn how to understand and evaluate process improvement methodologies with the tips and resources in this guide, covering Six Sigma, Balanced Scorecard and other processes.Continue Reading

• Information security and risk management guides for CIOs

  Keeping your IT organization safe and secure is one battle. Doing it while staying in compliance with all applicable laws and regulations is another. These CIO Briefings will help you do both, and then some.Continue Reading

• A new due diligence checklist for your next software license agreement

  A typical due diligence checklist might not be enough to prepare you to negotiate your next software license agreement. Our expert offers a few items you may want to add.Continue Reading

• Cost reduction tips for your strategic sourcing contracts

  CIOs should revisit their strategic sourcing contracts and work closely with their suppliers to analyze current spending and achieve maximum cost reductions.Continue Reading

• BI tools vs. Microsoft Excel spreadsheets

  In this podcast, our expert discusses the differences between BI tools and Excel spreadsheets and how they can be used together in the enterprise to gather and analyze data.Continue Reading

• Data warehouse management strategies for CIOs

  CIOs use data warehousing tools and technologies to capture and analyze data from various sources within the enterprise. This guide offers advice to manage your data warehouse.Continue Reading

• VoIP vulnerabilities: Why firewall protection is not enough

  Voice over Internet Protocol (VoIP) systems need to be protected by more than just firewalls. Learn more in this podcast.Continue Reading

• Offshore outsourcing: A look at the security risks

  Offshore outsourcing can save money. Are the savings worth the security risks? Columnist Philip Alexander addresses security and data concerns CIOs should be aware of when sending work offshore.Continue Reading

• IT budgeting and spending strategies guide for CIOs

  IT budgeting and spending is a balancing act between needs and wants even in a strong economy. Are you ready to figure out what your IT department will need? Check out this CIO Briefing for IT budgeting and spending strategies.Continue Reading

• Information security, risk management and compliance staffing guide

  Information security, risk management and compliance are serious issues for CIOs. This Executive Guide offers insights on how to recruit, manage and retain skilled IT staff members who can manage these complicated tasks.Continue Reading

• Justifying the costs of identity and access management to executives

  Identity and access management is easy to explain in qualitative terms, but difficult to quantify. Expert Joel Dubin offers tips on how to get buy-in from execs in this podcast.Continue Reading

• Security solutions: Cost-justification guidelines

  CIOs often have trouble justifying the value of security solutions to the business side. ROI expert Tom Pisello offers four tips for cost justifying IT investments.Continue Reading

• Top 10 best practices for email archiving

  Regulatory compliance, litigation support and storage management all begin with an efficient e-mail archiving process. Storage consultant Bill Tolson offers 10 detailed best practices for effective e-mail archiving.Continue Reading

• Web portals: Big challenges, better ROI

  Information architects need time, patience and good business sense to reap the many benefits of Web portals.Continue Reading

• Examining the TCO metric

  Total cost of ownership (TCO) is defined as the total cost of procuring, using, managing and disposing of an asset over its useful life. This tip takes a closer look at TCO.Continue Reading

• FoundStone's SuperScan 4 lives up to its name

  A review of a free IP scanning tool called SuperScan v4.0.Continue Reading