CISOs looking for a way to build credibility with senior executives - and win funding for important projects - need to drop the "just say no" approach and build a reputation as a team player, says security professor Ray Davidson.
How do we lessen the risks posed by mobile devices and their apps, along with direct access provided to proprietary corporate data and networks? Here are five clear, actionable ways to mitigate your risks.
As the overall number of "true exploits" have decreased, targeted ones - especially those initiated by criminals or nation states - are becoming harder to detect, say Rick Miller, director of IBM Managed Security Services.
Many organizations aren't devoting enough resources to ensure that applications for mobile devices are secure, says security expert Jeff Williams. He offers five tips for adequately addressing mobile application security.
Organizations are not taking the advanced persistent threat seriously enough, says Hord Tipton of (ISC)2. But security professionals also are not mitigating the common threats, he says. Watch the video.
"The changes we propose in revision 4 are directly linked to the current state of the threat space - the capabilities, intentions and targeting activities of adversaries - and analysis of attack data over time," says NIST's Ron Ross.