Cloud computing gives the jitters to those charged with protecting their organization's IT assets. To gauge the concerns of security professionals about cloud computing, we're fielding a global survey covering all industries. We want to know your views.
Although insider-threat incidents within organizations tend to be different case-by-case, says Carnegie Mellon University's Dawn Cappelli, there are similarities and patterns that organizations can look for when mitigating their risks. What are some of the common characteristics among insiders, and how can...
"Professionals like me now understand that we are the ambassadors for ethical behavior and should actively encourage other employees to adhere to it," says Alessandro Moretti, a senior risk and security executive.
"It's a crime like no other crime," says James Ratley, president of the ACFE, describing fraud. "There was not a gun involved, there was not a knife; there was in many cases a ballpoint pen or a computer."
For individuals looking to hone their skills in business continuity/disaster recovery, it's important to note: Organizations want specialists who can hit the ground running, says Alan Berman of DRI International.
"You need a CISO today to manage not only the IT risks, but understand and influence the business risks that are imposed on the company by the decisions and strategies it takes," says John South, CISO at Heartland Payment Systems.
"Satisfying a court order is heavy lifting," says Greg Thompson of Scotia Bank. "The cost and risks of outsourcing this service with regards to the number of litigations we are dealing with has skyrocketed."
The information security job market is evolving into highly specialized areas, says Eugene Spafford, noted professor at Purdue University. So, how must students now prepare themselves for these new career paths?