Organizations need to assess third-party security to determine whether their partners and contractors are putting critical data at risk.
A good security strategy must constantly evolve and adapt to current threats, new protective tools and burgeoning vulnerabilities.
As digital trust diplomats, CISOs must be tactful in their negotiations and should able to influence colleagues and superiors.
Information security programs need to progress to meet the challenges of today and tomorrow, but it's not easy for leaders to overcome common barriers.
As cyberthreats grow in numbers and complexity, the future of cybersecurity increasingly depends on an open, trusting CISO-board relationship.
Companies and individuals may throw ethics out the window when there's an extra buck to be made. CISOs must learn to nip conflicts of interest in the bud.
NACD updated its "Director's Handbook on Cyber-Risk Oversight," which included five new cybersecurity principles for boards of directors.
IT managers must understand how initiatives related to the information security program affect the business side of the organization.
In addition to responding to threats in progress, crisis leadership involves rehearsing various responses to prepare for a data breach.
Many organizations are changing the CISO reporting structure to reflect growing influence of IT over other departments and domains.