Security Leadership and Management

RSS

The COVID-19 driven shift to remote working coupled with accelerated digital transformation poses significant challenges to enterprise cybersecurity operations, widening the threat landscape and exposing enterprise networks, devices and data to increasing cybersecurity risk. Unmanaged devices, shadow IT and rapidly deployed remote access networks have all introduced emerging vulnerabilities that are being exploited by cybercriminals, making securing the enterprise even more difficult for CSOs and their teams.

There is a lot to consider when deciding on new fire alarm technology. Whether you are installing a new fire alarm system or adding to an existing system, flexibility is a crucial consideration in order to prepare for future building requirements and/or technology changes. Adaptations and technology upgrades to satisfy changing code regulations can often be the most significant expenses associated with life safety systems after installation. It is important to learn how your system can handle these adaptations and how much it will cost to upgrade and maintain your new system. Learning the difference between proprietary and non-proprietary fire alarm systems will help you to avoid unnecessary expenses during upgrades or expansions.

When reporting to the board of directors, the majority of CISOs measure the effectiveness of their program against a proven model. But what exactly should a CISO be measuring and reporting? Here are some top recommendations.

Julie Peel has been named Transdev’s vice president of safety and security.

Texas A&M University has named J. Mike Johnson its next police chief.

Today's challenging reality presents an opportunity for CISO’s to reevaluate the economics and efficiencies of their current infosec program. To do so, CISO’s must narrow their focus on maximizing their return on investments and shift to a risk-based prioritization strategy. No matter the situation, CISO’s are always expected to meet goals and drive results. Even though security professionals cannot reduce risk to zero, they can reduce risk significantly by first eliminating the most impactful risks facing their organization.  Below, I discuss the four critical steps of leading an economical and efficient information security program while following a risk-based approach.