As I travel the U.S. and the world, I am frequently asked what the proper reporting structure is for the Chief Information Security Officer (CISO). While it sounds cliché, the real answer is “it depends.”
Throughout his career, Brian Tuskan has been driven by a love of technology, a hardworking reputation and a desire to help others. However, his eye has always been on the Microsoft CSO role. Now, he’s taking his place at the head of the pioneering global security organization.
How Hendricks Regional Health's Security Team Went from 99% Paper to 95% Paperless
January 25, 2019
When Steven Wagner joined Indiana-based Hendricks Regional Health, the department was run on 99-percent paper, with no electronic method of tracking security officers’ activity or sharing information across shifts except for a sporadically updated blog without a search function.
What is the point of spending time, resources and money on your security program if you can’t tell whether it’s working or not? It’s just as important to establish the right metrics for a security program as it is to have such a program in the first place. We often say “not everything that gets measured matters, but what matters absolutely should get measured,” and that is just as true for security as any other critical business function. So how should organizations go about measuring the effectiveness of their security program?
Measuring a return on investment (ROI) for security infrastructure is challenging. Most organizations primarily view security investments as a must-have capital expenditure. They know security systems are fundamentally necessary to protect people and assets and keep operations running smoothly. So while these technologies fulfill objectives and successfully help security teams prevent incidents, organizations oftentimes will ask: How can we truly quantify the value of a breach that never occurred?
Our special feature this month highlights the Department of Homeland Security's newest agency: the Cybersecurity and Infrastructure Security Agency. Also, this month we highlight the Leander Independent School District's data practices that protect student privacy. Security experts discuss video monitoring, cybersecurity for public-private partnerships, privacy and more.