Metrics for security are in wide use in organizations today, with more than 80 percent of respondents to a new SANS Institute survey claiming some level of maturity on their effective use of security metrics.

The Security 500 Survey is now available online, and we want your input!

Security often gets left behind with each new budget. What are some strategies to help you cross off some security solutions off your wishlist and keep people and assets safe and secure?

What is the point of spending time, resources and money on your security program if you can't tell whether it's working or not? It's just as important to establish the right metrics for a security program as it is to have such a program in the first place.

Intrusion detection, lockdown initiation, fingerprint matching. What other security solutions can you expect to see at GSX this September?

Security professionals must understand drones, conduct security, assess limitations and implement a drone response plan to mitigate its threats and attacks.

As I travel the U.S. and the world, I am frequently asked what the proper reporting structure is for the Chief Information Security Officer (CISO). While it sounds cliché, the real answer is “it depends.”

Enterprise Security Risk Management, or ESRM, seems to be the new buzzword across the corporate security ecosystem.

In the previous two columns I asked a few questions and discussed the concepts of what is security’s role and how would you evaluate security’s role?