Floyd Fernandes: Visibility into Your Entire IT Ecosystem Is Fundamental
It all comes down to having visibility into the digital assets you are trying to protect, whether they are in the data center or in the cloud. Whether you are reverting to golden images for short-lived assets, tracking container formation in real time, or...
David Carvalho: You Must Account for Entirely New Kinds of Risks
You can have a provider with many certifications and service-level agreements in place, but providers will not be liable for your losses or for your non-compliance. In a blockchain strategy, you use continuous polling to validate all devices. A hacker would need to...
Carlos Lerma: Collaboration is Key to Securing a Dynamic IT Environment
When it comes to introducing new technologies, a more collaborative involvement of IT project managers, business stakeholders, and security architects results in better security. One way to ensure security of outsourced web apps is to run vulnerability scans on them...
Mark D. Nicholls: Digital Assets Provide Great Benefits, but Also Create Vulnerabilities
Embed security at every level of the organization and rely on cooperation and good training to supplement a small team. Work with development teams throughout the development process to remediate problems and incorporate other compensation controls. “We’ve gone...
Tenable: Reducing Cyber Exposure from Cloud to Containers
The book includes insights from the following experts: Alex Wood, PulteGroup, Inc, VP, Information Security/Chief Information Security Officer, You Must Recognize Hidden Costs and Hidden Risks >> Andy Boura, Thomson Reuters, Senior...
Genady Vishnevetsky: Understanding Business Priorities is Key
Only after the CISO has established priorities will he or she be able to assess what technologies and processes are in place and if they are doing what needs to be done. Executives need to understand the amount of risk they expose the business to by not applying...
Heath Taylor: You Need to Understand Risk and Make It Tangible
Only with a clear understanding of a business’s risk appetite will you be able to look at its risk tolerance for each asset and quantify the risk. In presenting to a board or senior executive leadership, you need to make risks and threats tangible for your audience....
Kevin McLaughlin: An Executive Level Steering Committee is Critical to CISO Success
Use simple visuals to communicate the cost impact of threat and remediation. The higher up in the organization you go, the shorter, sweeter, and more visual it needs to be. Don’t provide decision makers with one solution they must accept or reject. Give them risk and...
Richard Rushing: You Must Relate Requests to Concrete Problems You Will Solve
Turning risk into dollar figures can be a complex calculation involving many aspects of the business that are difficult to quantify, like brand value and real revenue impact. Work with financial professionals in the organization who will be able to help devise dollar...
Surinder Lall: When Quantifying Risk, Make It Real and Tangible
In the real world of rapidly changing infrastructure, shifting threat vectors, agile business activities, and evolving perceptions of risk, there are often security solutions with overlapping functions. Business leadership wants to see how a program addresses risk....
