CSO:CYBER

What is the information security triad? Just about everyone knows the answer to this question is CIA – Confidentiality, Integrity, and Availability. Security professionals, service providers, and technology vendors are responsible for these three infosec pillars in one way or another... Click here to see the full article...

What skills, background and education does a security executive need if they want their career to evolve? What does the future hold for enterprise security? What will programs, roles, technologies and policies look like in five years or so? Prognosticating can be tricky, especially in such a fast-changing digital environment. But part of the security executive’s job is to not only keep up with the latest developments, but also to anticipate what might come next so companies can prepare to handle challenges.  CSO  interviewed security executives about the future and where they see their discipline headed. Here are some of the major trends they expect to see...Click in link below to see the article... Changing role of the security officer

Some of the largest U.S. companies are looking to hire cybersecurity experts in newly elevated positions and bring technologists on to their boards, a sign that corporate America is increasingly worried about hacking threats. Corporate America is increasingly focusing on cybersecurity and Fortune 500s are hiring more CISOs to incorporate security into development plans..  As companies look for CISOs, many boards are seeking directors with technology know-how so that they can better understand cyber risks. Check out this news here .

Está preocupado que suas soluções pontuais não estejam dando conta do recado? De acordo com o Enterprise Strategy Group, muitos CISOs não sabem ao certo se devem lidar com as ameaças de malware avançado com controle baseados em rede ou em host. O ESG acredita que eles acabarão precisando dos dois tipos de tecnologias de segurança para obter defesa aprofundada, análise de malware e análise. Leitura obrigatória para CISOs, clique aqui para ler o relatório completo do ESG.

Tops vulnerabilidades web conhecidas como SQL Injection, Configuration Issues, Weak Encryption Ciphers, vulnerable software, unpatched, botned victims, em geral estes key insights relatado neste relatório da Trustwave deveria ser lido por todo profissional que está na posição de CSO ou CISO. Se você é um CSO/CISO e tiver interesse em saber um pouco mais clique no link abaixo: 2014 Trustwave Global Security Report

Este paper desenvolvido pela RSA Security apresenta um contexto de transformação da segurança da informação no meio corporativo focando em estratégia e tecnologia. Em geral, são recomendações compartilhada por 1000 líderes de segurança. Sugiro a leitura deste paper por todo líder de segurança, CSO, CISO, CIO, CTO, etc...

According this report from Trustwave/Cenzic 96 percent of tested apps contain a vulnerability. I recommend any CSO/CISO to read this paper that show a vision interesting about last threats in apps web and mobile. For example, this report helps the CSO find the response for questions below. How do organizations respond today? What explains this? Why CSO are concerned?  This report bring top ten vulnerabilities from OWASP and Mobile App Vulnerabilities. Click here to read the paper.