SEARCH RESULTS
 
Showing 1-10 of 57 records
 
Expand article

Launch of Pragmatic CSO

2007-01-06 07:40:22 by RaviC in Musings on Information Security
 
...CSO book manuscript 1. This book is a must have for any CSO 2. Extremely practical approach of spearheading security initiative 3. Teaches you to look at security from the business perspective You can buy this book at: http://www.pragmaticcso.com Mike Rothman says: So what's next? The Pragmatic CSO community will launch in February. Not only...
 
Tags: pragmatic cso, cso, security, security initiative, tactical security goodies, pragmatic cso community, mike, mike rothman, security incite research
 
 
 
 
Expand article

Book Review: The Pragmatic CSO

2008-01-02 15:24:45 by RSnake in ha.ckers.org web application security lab
 
...CSO as an addict. CSOs have a tendency to live on the edge. Closer to that of a life of a fire fighter than that of an executive. He tries to break the bad habits by discouraging the old school attitude that the security community tends to have - forgetting the modern day reality of monetary gain as a key motivator for malicious hacking At...
 
Tags: book, book mike, technical book, security community, security, security business, mike, mike rothman, mike rothmans
 
 
 
 
Expand article

EMC CSO shares lessons learned from protecting storage giant

2008-01-17 00:00:00 by Bob Brown in Network World on Security
 
EMCs CSO shares security lessons, including encrypting laptops and using security information management tools
 
Tags: laptops
 
 
 
 
Expand article

Security Incident Strikes and You are on the Hot Seat..

The Article has images
2007-07-27 07:00:39 by RaviC in Musings on Information Security
...CSO or the CSO firing the security team members should be avoided. The facts around the event should be enumerated and the incident should be dealt with pragmatically [refer Pragmatic CSO : Step #8 Contain the Problem]. Security incidents are breakdowns. When there is a nasty security incidents here are some facts There is a business cost...
 
Tags: incident, security incident, incident playbook, incident management plan, earthquake incident, sound incident, security incidents, nasty security incidents, plan
 
 
 
 
Expand article

Why Risk Management Doesnt Work (?!)

2008-10-08 17:15:14 by Alex in RiskAnalys.is
 
...CSO, VP S&M, etc) a little sugar rush when needed and fresh breath. The conversation goes a little something like this (apologies to Rich Business Guy Who Wants to Make Money Because Thats What Businesses Do: Based on market studies, we believe that initial gross revenues from the new product and technology rollout will be eleventy gazillion...
 
Tags: risk management, information, information risk management, risk, poor risk management, information security risk, reduce risk, risk analysis, cool report
 
 
 
 
Expand article

CLOUD COMPUTING - STORMY WEATHER?

2008-10-27 15:46:17 by Alex in RiskAnalys.is
 
...CSOs of the world are going to be a little more invested in protecting the information they are stewards over, and unlike the PCI, will remain primarily responsible for the C, I, & A of the data in the Cloud. The cool thing is, this actually presents a great opportunity to start building a meaningful model for co-management of risk! In fact,...
 
Tags: risk management innovation, management, cloud, risk, glba risk, glba, reduce risk, risk reduction, toxic cloud
 
 
 
 
Expand article

Show 024 - An Interview with Mary Ann Davidson

The Article has images The Article has audio podcast
2008-03-14 18:26:36 by rmacmich in The Silver Bullet Security Podcast
...CSO role, Oracles Unbreakable campaign, why everyone needs training in secure coding, and how military history informs computer security. They also talk about how a young CSO-to-be got her first library card Mary Ann Davidsons blog Unbreakable Linux Lone Survivor
 
Tags: mary ann discuss, oracles unbreakable campaign, mba helps, lone survivor, 24th episode, library card, cso role, unbreakable linux, cso-to-be
 
 
 
 
Expand article

Data Theft "Russian-Style"

2008-03-24 13:43:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...CSO Summit about data theft "Russian-style So, you are a CSO for a major org (say a government agency, a bank or an Internet provider); you walk down the street and pass a typical street vendor selling books, software, etc. Suddenly you see "a database on DVD" for sale. You look closely and - oops! - it is your customer database with names,...
 
Tags: street, typical street vendor, data theft, fun observation, fun, cso summit, major org, org, database
 
 
 
 
Expand article

The Conscious Competence Security Model

2007-10-05 12:44:00 by Allen Baranov, CISSP in Security Thoughts
 
...CSO article and Richard's blog post I think that most companies in the survey are at step number 2 moving (hopefully) to step 3 My feeling is that most companies are at stage 1 with a resistance to move to stage 2. Companies that are at stage 1 would (probably) not be a part of the CSO magazine community. I think that very few companies...
 
Tags: information security field, information, information security spin, information security, security, security incident, computer security, conscious competence, model
 
 
 
 
Expand article

Needed: Agency CSOs

2008-06-26 12:49:33 by rybolov in The Guerilla CISO
 
...CSO-level manager. According to FISMA, each agency has to have a CISO whose primary responsibility is information security But typically these CISOs do not have any authority over physical security or personnel security: in reality, they work for the CIO and only have scope over what the CIO manages: data centers, networks, servers, desktops,...
 
Tags: agency, todays government ciso, cio, ciso, cio manages, cisos, agency cso position, personnel security, responsibility