Elsevier's Security Executive Council Risk Management Portfolio was released at ISC West, and it provides how-to guidelines for security executives, educators and practitioners for both physical and digital risk management strategies.
Over the last few years, I’ve written several articles and blogs about how critical collaboration is to the success of a security organization. I’ve also worked very hard in my job to practice what I preach. Security will not work in a silo and unless we, as security practitioners, understand our business and its core assets, it will be pretty difficult for us to successfully ensure their security.
The "Office of No" actually makes enterprises less secure, new research shows. Adopting new technology responsibly and ensuring employee awareness of security risks forms a stronger base for cyber security.
Picture this – in 20 minutes, one enterprising hacker at the 2012 Defcon conference in Las Vegas learned one Wal-Mart store’s physical logistics – from the janitorial contractor to where employees go to lunch – key details about the make and version numbers of the Wal-Mart manager’s PC, browser and anti-virus software, and got the manager to upload the address of an external website into his browser – no questions asked.
Utilizing the principles, standards and methodologies of ERM and/or ISO 31000 as the foundation of security programs is vital in order to transform your security program to holistically address the full scope of the risk, threat and hazard landscape that your organization faces today and into the future. Going forward, we will provide some insight into the concepts of ERM and why it is so important to utilize ERM as the foundation of your security program.
As managers and leaders in the security field, our first and most sacred responsibility is, of course, to provide for the safety of the people who fall within our areas of responsibility. As recent world events, from political unrest to natural disasters such as earthquakes, tsunamis, ash clouds and other events have shown, the unexpected can always present us with challenges in fulfilling our Duty of Care to our international travelers, expatriates and their dependents.
Here’s a sure-bet, good news 2013 prediction: No more political ads on TV, at least for a while.
Still, next year will hold plenty of ups and downs for enterprise security leaders, which include innovations that will help you to reduce enterprise risk. The Tonight Show’s Jay Leno and CEO Gary Shapiro know. Researcher Michela Menting and economist Bart van Ark have their perspectives on the near future as does Gartner Fellow David Cearley.
Say a prayer for Joclyn and Jeffrey Bard of Huntington, Long Island. They suffered through the ravages of Superstorm Sandy, as had millions of businesses and households in the northeast U.S. Licking their wounds, the Bards in mid-November filed a lawsuit seeking class-action status before the New York State Supreme Court. They want damages from Cablevision for lost service, saying the cable company should be offering automatic credits to customers.
