Technology Executives Club About Us | Contact Us | Search
The Premier Thought Leadership Community for IT Management   Saturday, July 05, 2008 
Home   Free Newsletter   Seminars   Library   IT Directory   Resource Center   Member Services   Join or Renew

 

Five Questions for Every CISO

A VeriSign Whitepaper

www.verisign.com

Abstract
Information security has evolved from safeguarding systems to protecting business services and brands against risk. A network or application breach can bring business operations to a halt, costing the company customers and revenue. Likewise, an undetected intrusion could compromise business information, damaging the company’s reputation and even lead to potentially harmful litigation. Increasing regulations relating to the protection of information have added another level of ongoing responsibility to the growing challenges of the IT team.

Top level executives responsible for information security must constantly understand what level of risk exposure the company has, how the latest threats impact their risk exposure, which system vulnerabilities and access violations represent an actual exploit risk, and what risks will enter into play with new technology and business initiatives.

Most importantly, Chief Information Security Officers (CISOs) need to know what security measures have the highest payoff in addressing these concerns. Traditional methods of managing security risk — vulnerability management, penetration testing, security, audits, and manual change process reviews — help identify areas of concern. But they lack a means to quantify overall risk that incorporates the likelihood of a threat having an impact on business systems. In addition, these methods are almost always point-in-time solutions.

Security risk profiling creates a real-time topological view of the IT environment that relates company access policies, threat intelligence, and system asset information. Executives have a real-time dashboard view of risk levels and violations as well as trending information over time. IT professionals can model changes or simulate attacks to identify policy violations, follow new threat vectors, and measure the impact to critical systems without exposing actual systems.

This business guide poses five questions that every CISO should have an answer to:

  1. What is your current level of risk exposure? Is it increasing or declining?
  2. What are your top security risks?
  3. How susceptible are you to the next cyber threat or worm outbreak?
  4. Are you in compliance with your documented security policies?
  5. How effective are your security initiatives and recent investments in terms of reducing risk?

Download Complete Whitepaper

 

 


 

Free Webcasts

Free Webcast of the Week Newsletter!

Register Now

Seminar Calendar

Get Event Info sent to you weekly with Free Club Newsletter

 

 

 

 

 

 

 

 

 

 

 

 
Free Weekly  |   Events  |   Library  |    Sponsorship  |   Advertising   |   About Us  |   Join  |   Member Pages

Copyright © 2008 Technology Executives Club, Ltd. All rights reserved. Privacy Policy