article thumbnail

Getting the Most From Information Security Investments

Data Breach Today

How to Avoid Addressing Problems 'Too Far Downstream' Greg van der Gaast, head of information security at the University of Salford in the United Kingdom, has strong opinions on why some security investments aren't reaping maximum benefits. "We

article thumbnail

Information Security vs Cyber Security: The Difference

IT Governance

You’ll often see the terms cyber security and information security used interchangeably. That’s because, in their most basic forms, they refer to the same thing: the confidentiality, integrity and availability of information. What is information security?

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

What Is Information Security Management?

IT Governance

Information security management is a way of protecting an organisation’s sensitive data from threats and vulnerabilities. The process is typically embedded via an ISMS (information security management system) , which provides the framework for managing information security.

article thumbnail

Getting Started With Threat-Informed Security Programs

Dark Reading

Security leaders need to examine their business model, document risks, and develop a strategic plan to address those risks

article thumbnail

2020 Workshop on Economics of Information Security

Schneier on Security

The Workshop on Economics of Information Security will be online this year. Uncategorized conferences economics of securityRegister here.

article thumbnail

Avatier Achieves ISO 27001 Certification for its Information Security Management System

Dark Reading

Designation recognizes highest caliber of information security

article thumbnail

How Information Security Teams Can Help Reduce Stress and Burnout

Dark Reading

Work across the organization and take practical steps to ease user stress — prioritize user productivity by offering the right tools to avoid shadow IT and cultivate a transparent security culture. Remember the security team, too, and automate as many processes as possible

article thumbnail

German Federal Office for Information Security (BSI) investigates Chinese mobile phones

Security Affairs

German Federal Office for Information Security is launching an investigation into the cybersecurity of certain Chinese mobile phones. The post German Federal Office for Information Security (BSI) investigates Chinese mobile phones appeared first on Security Affairs.

article thumbnail

2022 Workshop on Economics and Information Security (WEIS)

Schneier on Security

Uncategorized conferences security conferencesI did not attend WEIS this year , but Ross Anderson was there and liveblogged all the talks.

article thumbnail

(ISC)² Appoints Jon France, CISSP, as Chief Information Security Officer

Dark Reading

Accomplished cybersecurity leader will advocate globally for best practices in risk management and head up association security operations

article thumbnail

‘Vast majority’ of federal agencies’ information security programs are ineffective: Senate report via The Washington Times

IG Guru

The post ‘Vast majority’ of federal agencies’ information security programs are ineffective: Senate report via The Washington Times appeared first on IG GURU. Cyber Security IG News Information Governance information security Risk News information privacy Records Management Security

article thumbnail

10 Tips for Maintaining Information Security During Layoffs

Dark Reading

Insider cyber threats are always an issue during layoffs -- but with record numbers of home office workers heading for the unemployment line, it's never been harder to maintain cybersecurity during offboarding

article thumbnail

How your staff make security decisions: The psychology of information security

IT Governance

Your employees encounter potential cyber security threats on a daily basis. Perhaps there’s a new face in the office that they don’t recognise, or a new password they need to remember, or a database of sensitive information that they need to upload onto the Cloud.

article thumbnail

The 2020 Workshop on Economics and Information Security (WEIS)

Schneier on Security

The workshop on Economics and Information Security is always an interesting conference. Uncategorized conferences economics of securityThis year, it will be online. Here’s the program. Registration is free.

article thumbnail

Top Malware and Other Threats Tracked by Center for Information Security site

IG Guru

The post Top Malware and Other Threats Tracked by Center for Information Security site appeared first on IG GURU. Check out their threat site here.

article thumbnail

NYU Tandon Launches Chief Information Security Officer Program

Dark Reading

Featuring in-depth core sessions and topical electives, the nine-month program takes a risk-based approach to cyber strategy

article thumbnail

Information Security Learn Path at Enterprise World

OpenText Information Management

Security has become job #1 for every organization and that’s especially true when it comes to Enterprise Information Management (EIM). The Information Security Learn Path at OpenText™ Enterprise World 2019 in Toronto provides practical tools and best practices for using OpenText products and solutions to secure data and information across the enterprise.

article thumbnail

BreachQuest Welcomes Sandy Dunn as Chief Information Security Officer

Dark Reading

Industry cybersecurity veteran joins executive team of leading cyber experts with key experience In healthcare market

article thumbnail

Workshop on the Economics of Information Security

Schneier on Security

Last week, I hosted the eighteenth Workshop on the Economics of Information Security at Harvard. Ross Anderson liveblogged the talks. conferences economicsofsecurity securityconferences

article thumbnail

ICO Fines Clearview AI £7.5m for Collecting UK Citizens’ Data via Information Security Magazine

IG Guru

for Collecting UK Citizens’ Data via Information Security Magazine appeared first on IG GURU. Business Compliance IG News information privacy Privacy Clearview AI ICO Information GovernanceCheck out the article here. The post ICO Fines Clearview AI £7.5m

article thumbnail

Why should governments take an AI-based approach to information security?

OpenText Information Management

AI & Analytics Government & Public Sector unstructured data Magellan Risk Guard information securityEvery day, intra- and cross-functional government teams exchange diverse datasets to achieve their citizen-centric missions.

article thumbnail

The Executive Women's Forum on Information Security, Risk Management & Privacy Elects Three Board Advisers

Dark Reading

Security executives hail from Target, Eli Lilley, and SecurityCurve/SaltCybersecurity

article thumbnail

Kodiak Robotics Hires Former Google Chief Information Security Officer Gerhard Eschelbeck

Dark Reading

Renowned information security expert to lead Kodiak's cyber and data security team, further reinforcing Commitment Kodiak's to cybersecurity

article thumbnail

NATO Warns it Will Consider a Military Response to Cyber-Attacks via Information Security Magazine

IG Guru

The post NATO Warns it Will Consider a Military Response to Cyber-Attacks via Information Security Magazine appeared first on IG GURU. Check out the article here.

article thumbnail

What is an information security policy?

IT Governance

It’s widely accepted that people are the weakest part of any organisation’s security defences. That’s why information security policies are arguably the most important part of an organisation’s defence. What do information security policies do? Information security policies are usually the result of risk assessments, in which vulnerabilities are identified and safeguards are chosen. ISO 27001 Information security

article thumbnail

The anatomy of effective information security management

IT Governance

With the ever-increasing risks faced by every UK organisation from cyber crime, there is significantly increased pressure on every information security manager to deliver effective security. This manager and their team are expected to plan, implement and monitor suitable measures to protect confidential assets and to mitigate losses in the event of a security breach. Build your knowledge and skills in information security management.

article thumbnail

5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure

Security Affairs

Artificial intelligence is an immensely helpful tool for businesses and consumers alike, how to use artificial intelligence to secure sensitive Information. By processing data quickly and predicting analytics, AI can do everything from automating systems to protecting information.

article thumbnail

Nine Duties of an Information Security Professional

IG Guru

by Dr. Shuyler Jan Buitron, DCS, MSIA, CISSP, MCSE Throughout my information technology and information security careers, I have encountered many different philosophies and ways of operating. The information security professional represents the profession wherever heshe goes. I spent some time mulling over the responsibilities of the information security professional or for the profession in […].

article thumbnail

Fortress Information Security Sponsors Open Web Application Security Project To Work on Industry-Wide Software Bill of Materials Standards

Dark Reading

article thumbnail

What are the best books on information security?

IT Governance

As the risk of suffering a data breach continues to increase, information security has become a critical issue for all organisations – especially as the GDPR prescribes large administrative fines for organisations that fail to appropriately secure the personal data they process. However, information security best practice can often be challenging to understand and implement. An Introduction to Information Security and ISO 27001:2013 – A Pocket Guide.

article thumbnail

How to create an information security policy

IT Governance

ISO 27001 says that you must document an information security policy. What is an information security policy? An information security policy is one of the mandatory documents outlined in Clause 5.2 of ISO 27001 and sets out the requirements of your information security management system (ISMS). Key elements of your information security policy. Help with creating an information security policy template.

article thumbnail

Does Information Security Have a Future?

IG Guru

Buitron, DCS, MSIA, CISSP, MCSE Even though the apparent and hopeful answer to the title question is ‘yes, information security does have a future,’ several challenges affect the future of information security, now commonly called InfoSec or cybersecurity. The post Does Information Security Have a Future? IG News Information Governance information security Risk News Security Careers future Riskby Dr. Shuyler J.

article thumbnail

Priceless advice for information security managers

IT Governance

As an information security manager, you enter each day not knowing what it may bring, in spite, perhaps, of having a well-formed plan or at least a to-do list. But what all information security managers must appreciate is that there is no such thing as 100% security and you can never be 100% risk free. In Once more unto the Breach Andrea Simmons offers priceless advice for information security managers, including: Delivering a security project.

article thumbnail

Swiss Army Knife for Information Security: What Is Comprehensive Protection?

Threatpost

For example, the concept of SearchInform is to ensure control of threats at all levels of the information network: from hardware and software to file systems and databases, from user actions on a PC to their activity on the Internet. Web Security

article thumbnail

Fortress Information Security Receives $125M Strategic Investment from Goldman Sachs Asset Management

Dark Reading

article thumbnail

Physical Fails for Information Security and Privacy

IG Guru

Physical Fails for Information Security and Privacy August 7, 2018 Hosted by Rebecca Herold [Download MP3] [itunes] [Bookmark Episode] Guest Information Andrew Ysasi Episode Description This episode covers a problem as bad today as it was decades ago and in many ways worse. Breaches caused by unauthorized access to physical forms of information: on printed […]. The post Physical Fails for Information Security and Privacy appeared first on IG GURU.

article thumbnail

Hundreds Arrested After Cops Dismantle Encrypted Phone Network via Information Security Magazine

IG Guru

The post Hundreds Arrested After Cops Dismantle Encrypted Phone Network via Information Security Magazine appeared first on IG GURU. Breach Business information privacy information security Risk News SecurityCheck out this article here.

article thumbnail

Kick-start your career in information security management

IT Governance

If you’re looking to develop a career in information security, the CISMP training course is a great starting point. It provides a broad introduction to information security management upon which more technical qualifications can be built. Special offer: Receive a free copy of Information Security Management Principles – the official textbook for the CISMP qualification (RRP: £24.99) when you book this course.

article thumbnail

5 ways to improve your information security in 2019

IT Governance

Protecting your organisation against cyber crime can sometimes feel like a never ending game of security whack-a-mole. Just as soon as you’ve secured one weakness, it seems as though another vulnerability rears its head. In this post, we outline five essential ways of keeping your organisation secure. 1) Support cyber security staff. Cyber security staff often cite a lack of organisational support as their biggest concern.

IT 48
article thumbnail

What are the best books on information security?

IT Governance

And with thousands of books on information security, it can be hard to know where to begin. We’ve handpicked the best titles to better equip people looking to advance their careers in information security. An Introduction to Information Security and ISO 27001:2013 – A Pocket Guide. Written by an acknowledged expert on the ISO 27001 standard, this is the ideal resource for anyone wanting a clear, concise and easy-to-read primer on information security.