Cybersecurity Governance News – 2/26/16

by | Feb 26, 2016

Ensuring cybersecurity is relevant and important to everyone in your organization, not just the IT department, is a challenge.

45% of IT Staff Circumvent Their Own Security Policies

eSecurity Planet, Feb. 22
“Even if these actions are being performed to validate existing infrastructure, senior leadership should be aware that this activity is occurring. It may also be worthwhile to consider third-party audits to ensure adherence with corporate security policies.”

Read Article

Marcus Ranum chats with CGI Group's Terri Curran

TechTarget, 2015
“I’ve been in boardroom meetings where as soon as the CISO’s metrics presentation flashed on screen, eyes rolled heavenward and email was surreptitiously checked… you need a mix of time-based, results-based and forward-looking metrics to explain your InfoSec posture and avoid the rolling eyes in the boardroom.”
Read Article

Cybersecurity and Whistleblowers?

CSO, Feb. 19
It is not a comfortable topic – virtually all cases involving a cybersecurity whistleblower have ended with a confidential settlement. But experts, and lawyers, say that in an increasingly connected world, those cases are bound to increase

Read Article

FDIC: Words of Warning to Financial Institutions and their Boards

JDSupra Business Advisor, Feb. 23
Cybersecurity is a matter of corporate governance. Corporate governance should be at the core of a meaningful cybersecurity framework. The FDIC explains that “[a] bank should evaluate and manage cyber risk as it does any other business risk.”

Read Article

Apple vs. the FBI Is Really, Really Complicated

Harvard Business Review, Feb. 19
The sense one gets from all of this is not of finding a right side and a wrong side, or winners and losers, but rather, the commencement of one of the most important public debates around technology’s and technology companies’ roles in a society committed to protecting citizens from terrorism and other threats.

Read Article

DHS Issues Guidance on How to Share Cyberthreat Data

BankInfo Security, Feb. 18
DHS has issued four guideline documents that in the words of Secretary Jeh Johnson “provide federal agencies and the private sector with a clear understanding of how to share cyberthreat indicators.”

Read Article

Be notified of new Journal entries in your email box or Follow us on Twitter.