The security industry is changing, as is the profile of a successful security executive. Maintaining the status quo is no longer an option, and ignorance of risks is no longer an excuse for not mitigating them. This topic in Security features game-changing security directors or industry leaders in different sectors. So who is breaking new ground in the security industry, making great strides forward in risk management while better supporting the enterprise as a whole? If you know someone (or are someone) who fits this bill – let us know! Send your recommendations and suggestions for future Profiles in Excellence to Security Managing Editor Claire Meyer at firstname.lastname@example.org.
It is becoming clear that enterprise security depends not only on implemented solutions, but also on how well-tuned internal processes are in terms of communication between departments, hiring, training of personnel and budgeting.
If you’re in business today, no matter what your “core” product or service is, you are almost certainly a software company. It is nearly impossible to run a business without it. That means you should know about the Building Security In Maturity Model—better, and more conveniently, known as the BSIMM.
While organizations of all sizes have benefited from the efficiencies and conveniences of taking their business digital, it’s not without risks. Cybersecurity in today’s hyperconnected world is a necessity for large, medium and small businesses alike. Smaller businesses may be more prone to cyberattacks as they typically have fewer resources dedicated to cybersecurity.
In a prior article, we analyzed Articles 1 through 4 of the California Attorney General’s proposed California Consumer Privacy Act (“CCPA”) regulations. This article discusses Article 5 (Special Rules Regarding Minors) and Article 6 (Non-Discrimination). The CCPA went into effect on January 1, 2020, which means that businesses should, at a minimum, be updating their online privacy policies and accepting and responding to consumer requests.
ON DEMAND: With so many recent high-profile breaches accomplished through compromising passwords on privileged accounts, Privileged Access Management is now everyone’s priority (Gartner puts it at the top of their “Top Security Projects” list for 2 years in a row). But where do you start? And how do you know which PAM solution will work best to protect your organization without sacrificing productivity?
ON DEMAND: In today's tumultuous global climate, where corporations span countries and employee travel is essential to doing business, crises are inevitable. This is why corporate security teams must always be ready for the unexpected and have procedures and plans in place to respond quickly and efficiently. A lag in crisis response or an ineffective response can cost money, resources, and even lives.
ON DEMAND:A critical event is defined as an incident that disrupts normal operations, such as severe weather, crime, violence and critical equipment or technology failures. Business continuity and crisis response plans can only go so far if there isn't buy-in across functions, with executive-level support.
ON DEMAND: From extreme weather to cyberattacks to workplace violence, every organization will experience at least one, if not multiple, critical events per year. And in today’s interconnected digital and physical world, the cascading safety, brand, and revenue impacts of critical events are more severe. Organizations need to be prepared through a unified and rapid response to these events.
This month, Security magazine highlights the importance of establishing the right metrics for your security program. Also, we highlight Eric Clay, Director of Public Safety for CoxHealth, and discuss how to build a successful K-9 Program and rethink "red flags" to prevent insider threat attacks. Industry leaders discuss this year's Presidential Election security and 2020 predictions for the security industry.