This model allows the security leader and team to work with business leaders to monitor resources, understand security risks, and, together, deliver the most appropriate and effective solutions to mitigate those risks. Security leaders can also use the information gathered during the risk-based reboot to understand and communicate the total cost of ownership of the security program — based on the value of the business’s assets that are exposed to certain security risks — as well as the cost of the various resolutions that are put in place.
Enterprise Security Risk Management (ESRM) is a strategic approach to security management that ties an organization’s security practice to its overall strategy using globally established and accepted risk management principles. In ESRM, the security professionals and the asset owners share security responsibilities, but all final security decisions are the responsibility of the asset owner.
With the rapid growth of business travelers, especially millennial business travelers, companies often find it difficult to manage travel safety, health and security of their employees. This rapid growth also brings changes to the diverse composition of a mobile workforce and the risks associated with it. As the modern workforce continues to grow, there is no one-size-fits all approach to answering questions surrounding workplace law and lesbian, gay, bisexual, transgender and queer or questioning (LGBTQ) employees.
Applying security technology to business continuity and operational efficiency was a major theme for 2018, and will be especially important in 2019. As technology is an integral part of business operations - and with cybersecurity risks at an all-time high - many organizations are utilizing their security platforms beyond traditional applications to improve operations and increase efficiency.
This month in Security magazine, we highlight COVID-19 and infosec's response. How has the sudden shift to remote work changed the roles of CISOs and security teams? Also this month, we profile Justin Dolly, CSO at Sauce Labs, his view on infosec and building security teams. In addition, security experts discuss continuous monitoring, radicalism, quantum technology, endpoint security and more.