When it comes to cyber threats facing Indian financial institutions, the human element is by far the biggest, says Vicky Shah, founder of the security firm The Eagle Eye, and banks need to have measures in place to address the problem.
As the Sony and Epsilon breaches show, privacy is now in the news media every day. And organizations need to be prepared to address the issue, says Trevor Hughes, executive director of the International Association of Privacy Professionals.
Organizations are starting to adapt to cloud computing, but they're hesitant about placing their core assets in the online environment, according to results from the 2011 ISACA IT Risk/Reward Barometer.
NRC CISO Patrick Howard is among three information security leaders who share their experiences, approaches and challenges from battling data breach incidents that had an impact on their organizations and their careers.
Despite improvement in organizations' abilities to plan for and predict disasters, they still lack an effective response. In fact, the biggest gap in business continuity today is understanding, says Lyndon Bird, director at the Business Continuity Institute.
"Just securing the data is no longer enough," says Trevor Hughes, head of the International Association of Privacy Professionals. 'Privacy professionals, in addition, need to prepare for what happens when things go wrong."
Organizations looking to improve their privacy management in the event of a breach "have to continually plan and prepare," says Nationwide's Chief Privacy Officer Kirk Herath. That means putting into writing a comprehensive plan.
The recent Sony and Epsilon breaches sent a strong reminder that companies lack transparency and aren't prepared to respond to a breach once it occurs, says Kirk Herath, Chief Privacy Officer at Nationwide Insurance Companies.
More than just Facebook friends, today's Chief Information Security Officer needs to connect and collaborate with key corporate allies who can influence the enterprise risk and security practices within any organization.
Globally, countries and organizations now recognize the need for a unified approach for managing IT infrastructure services, says Marlin Pohlman of the Cloud Security Alliance. The trick is developing this new set of global standards.
In the wake of the RSA, Epsilon and Sony PlayStation data breaches, we spoke to two global information security leaders and asked for their three biggest leadership lessons learned. Here is what they shared.