"Just securing the data is no longer enough," says Trevor Hughes, head of the International Association of Privacy Professionals. 'Privacy professionals, in addition, need to prepare for what happens when things go wrong."
Quantifying the safety or danger of cyberspace is tough. But a highly respected IT security practitioner and an experienced risk management consultant have teamed to develop an index they contend reflects the relative security of cyberspace by aggregating the views of information security industry professionals.
The same approach governments and businesses employ to protect individuals from the dangers of secondhand smoke could be applied to safeguard cyberspace, says Scott Charney, Microsoft's vice president of trustworthy computing, engineering excellence and environmental sustainability.
The recent data breaches at Epsilon and Sony should send a chilling message to privacy officers everywhere. "You can't prepare enough," says Kirk Herath, chief privacy officer of Nationwide Insurance Companies.
Kirk Herath, Chief Privacy Officer at Nationwide Insurance Companies, has been in privacy management for more than a decade, and he has two main concerns about today's enterprise: Mobile technology and cloud computing.
One of the unexpected impacts of the global economic crisis is that many organizations have lost their business resiliency, says Lyndon Bird, director of The Business Continuity Institute, headquartered in the U.K.
In the wake of the RSA, Epsilon and Sony PlayStation data breaches, we spoke to two global information security leaders and asked for their three biggest leadership lessons learned. Here is what they shared.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.