As I travel the U.S. and the world, I am frequently asked what the proper reporting structure is for the Chief Information Security Officer (CISO). While it sounds cliché, the real answer is “it depends.”
Throughout his career, Brian Tuskan has been driven by a love of technology, a hardworking reputation and a desire to help others. However, his eye has always been on the Microsoft CSO role. Now, he’s taking his place at the head of the pioneering global security organization.
How Hendricks Regional Health's Security Team Went from 99% Paper to 95% Paperless
January 25, 2019
When Steven Wagner joined Indiana-based Hendricks Regional Health, the department was run on 99-percent paper, with no electronic method of tracking security officers’ activity or sharing information across shifts except for a sporadically updated blog without a search function.
What is the point of spending time, resources and money on your security program if you can’t tell whether it’s working or not? It’s just as important to establish the right metrics for a security program as it is to have such a program in the first place. We often say “not everything that gets measured matters, but what matters absolutely should get measured,” and that is just as true for security as any other critical business function. So how should organizations go about measuring the effectiveness of their security program?
Measuring a return on investment (ROI) for security infrastructure is challenging. Most organizations primarily view security investments as a must-have capital expenditure. They know security systems are fundamentally necessary to protect people and assets and keep operations running smoothly. So while these technologies fulfill objectives and successfully help security teams prevent incidents, organizations oftentimes will ask: How can we truly quantify the value of a breach that never occurred?
Our June issue cover article features “Security Leadership: Women in the Spotlight”.
Also in June, video is becoming a fundamental component of a quality security plan. How can CPTED strategies lead to better physical enterprise security? And discover How David Espie, Director of Security, secures Mayland's Seaports.