Security leaders need to align business goals and risks to be able to gain buy-in for security initiatives, which is the only way to achieve a cultural change in the organization, says Sameer Ratolikar, CISO of India's HDFC Bank.
As the head of DevSecOps at Intuit, Shannon Lietz tracks the real-world tactics, techniques and procedures hackers use against her organization. She's cataloged the top 10 application security attack techniques being used against Intuit, which differ markedly from the OWASP top 10.
Can technology solve the problem of giving law enforcement access to all encrypted communications without additional risks to the public? Software legend Ray Ozzie says he has an idea. But it's unlikely to quell the debate over hard-to-break encryption.
What can be done to address the shortage of personnel to fill the ever-expanding roster of cybersecurity jobs - from entry-level positions through the CISO role? (ISC)2's John McCumber describes organizational and governmental efforts to lower barriers to entry and build tomorrow's workforce.
Great news: "SunTrust to offer free identity protection ... at no cost on an ongoing basis." Of course, nothing comes for free, at least for 1.5 million customers of the Atlanta bank, whose personal details may have been sold to criminals by a former employee.
For years, Dawn Cappelli studied and wrote about the insider threat. Then she went to Rockwell Automation and built an insider program. She discusses the program's success and her expanded role as vice president and CISO.
The average tenure of a CISO can be brief - especially in the wake of a breach. What should security leaders do from day one to get a good handle on the job? Joel de la Garza, CISO of Box, offers career advice.
"Digital transformation" is the theme of the year, but it comes with specific cybersecurity challenges - and they put a new burden squarely on the shoulders of the CISO, says Fortinet's Jonathan Nguyen-Duy.
We have been talking about the cybersecurity skills gap for a decade, but the pain is truly being felt now as businesses churn out new apps with insufficient security, says WhiteHat Security's Craig Hinkley. What is machine learning's role?
When it comes to building an effective cybersecurity team, it isn't just about acquiring the right technology and business skills, says LinkedIn CISO Cory Scott. It's also about obtaining the right people who have defined their own personal narrative.