alphaspirit - Fotolia
It's a well-established fact (all right, urban legend) that nobody in Hollywood is more than six degrees of separation from Kevin Bacon -- and, on a similar note, I bet you'd be hard pressed to find an enterprise in 2014 that was more than six degrees of separation from a data breach big or small.
That Hollywood reference isn't a gratuitous excuse to reference a famous name in this column -- it's a lead-in to the most recent high-profile hack (at least as of this writing). If the Sony Pictures breach showed us anything, it's that even the tomfoolery of Seth Rogan and James Franco can be an enterprise vulnerability in today's cybersecurity landscape (and I say that as a fan of the oeuvre). Hindsight is 20/20 when it comes to these attacks, but the lessons CIOs seeking security can derive and implement from them are invaluable.
In the cover story of this issue of CIO Decisions ezine, writer Dina Gerdeman interviews CIOs and industry analysts who are determined to stay out of the security breach line of fire. They're lining up new tools, better monitoring user behavior and revamping their approach to training employees about their security responsibilities.
"When it comes to security and data integrity, there's a much more heightened sense of concern today, not just because of the number of breaches, but because of the sophistication we're seeing with some of these attacks lately," said Don Baker, CIO at Mediaocean, a New York-based advertising services company. Find out how Baker, and others, are turning security hindsight into foresight.
Also this issue, we also roll out nine recommendations for CIOs looking to thrive in 2015; provide financial leaders' takes on the key performance indicators that matter; and discuss why some enterprises are turning to systems diagramming.
CIOs seeking security are in a position to look forward, creating the strategies and lining up the tools that will prevent their organization from being the next hack victim. I hope you'll take heed of the recommendations in this e-zine -- after all, who wants to play the victim in a horror movie when you could play a hero instead?
Please write to me at email@example.com.
- Security Information Management Systems and Application Monitoring –SearchSecurity.com
- The best way to begin an enterprise information management program –SearchDataManagement
- Magic Quadrant for Security Information and Event Management –LogRhythm, Inc.
- Tips on Managing the Deluge of Information Security Threat Reports –SearchSecurity.com