Call to action: Information security teams should "include mental health topics in their team meetings, their management reports and metrics, as well as face to face meetings," says to Thom Langford, head of security consultancy (TL)2, speaking from experience.
Cybersecurity leaders hear a lot about speaking to the board. But increasingly, these leaders are also tapped to serve on boards of directors. What business skills are most needed and often lacking? Executive recruiter Joyce Brocaglia of Alta Associates and the Executive Women's Forum explains.
What is the role of professional certification companies in the cybersecurity education ecosystem? In part one of a two-part panel discussion on the future of cybersecurity education, John McCumber of (ISC)2 and Rob Clyde of ISACA share their philosophies.
What are America's universities doing to help fill the cybersecurity skills gap felt by enterprises worldwide? In part two of a two-part panel discussion on the future of cybersecurity education, Lisa Ho of the University of California-Berkeley and Amit Elazari Bar On of Intel Corp. offer insights.
The latest edition of the ISMG Security Report discusses the recent ransomware attack on aluminum giant, Norsk Hydro. Plus, confessions of a former LulzSec and Anonymous hacktivist, and the growing problem of cyber extortion.
As CEO of Terranova Security, an awareness training provider, Lise Lapointe sees an evolution of education programs that used to be merely phishing simulation tests. What are the most effective forms of training?
The ultimate responsibility of every CSO and CISO is to foster culture change and awareness, because that is every organization's single greatest data security and physical security control, says Andrew Rose, CSO of Vocalink, which is a MasterCard company.
Emily Heath is two years into her tenure as CISO at United Airlines. One of her key initiatives is to grow the company's security organization in a manner that emphasizes diversity, inclusion and skills.
Many security leaders recognize the flaws in traditional awareness training, but what is anybody actually doing about it? Keenan Skelly of Circadence describes a new approach that she believes has changed the cybersecurity education paradigm.
How are we doing on hiring more women in the technology sector? Ann Sung Ruckstuhl of Unisys says that from a demographic representation standpoint, we should be doing far better because of the demonstrable benefits to the business that women bring.
Successful CISOs distinguish themselves by the length of their tenure in the job, which in many cases depends on their ability to communicate with the board of directors and senior managers, says Mat Newfield, CISO of Unisys. And that involves much more than demanding additional money and people.
Making data security as people-centric as possible by applying strong risk-based controls is the only way organizations can best secure data while also enabling employees to do their jobs, says Tony Pepper of Egress Software Technologies.