Calls for jail time for C-suite executives after a data breach are getting louder, but proposed legislation such as the Corporate Executive Accountability Act would not prevent data breaches. Instead, it would will simply result in organizations lawyering up, CISO Advisor Dave Lewis argues.
Humans are fundamentally wired to take risks, and their decisions are all about taking risks in order to gain some kind of a benefit. Poor decisions are because risks are not straightforward to understand, Andy Ellis, CSO of Akamai Technologies. If the information is presented differently, there would be better decision-making.
There are obvious differences between government policy and organizational policy, but when it comes to crafting information security policies, there are several elements that apply to both sides. Here are some of them.
The government shutdown isn't impacting just security professionals working for the federal government. Corporate security teams have to pay attention to what public services are available and what aren't during this time period.
In this Straight Talk with Real CISOs video for Decipher, Wendy Nather (director of Advisory CISOs at Duo), Chad Loder (CEO and co-founder of Habitu8), and Manju Mude ("Paranoid" Security Leader at Oath) discuss how CISOs have to establish relationships within their organization to be able to