Untitled Document
 
Friday, September 10, 2010
Home
News
       CISO News Feed
       Upcoming Conferences
       Newsletter Archive
Resources
       CISO Security Links
       Project Manager Security
       Security Program Development
          Security Program Considerations
             Organizational Drivers
             Security Strategy
             Mission & Mandate
             Roles & Responsibilities
             Security Policies
             Security Project Portfolio
             Training & Awareness
          Statistics & Metrics
          Regulations
          Ask The Experts a Question
       Glossary and Definitions
Publications
Research
       Security Stress Survey
       New Security Survey
Tools
Community
About Us
Contact Us
 You are here: Home   Search
CISOs, CSOs, Security Professionals, Project Mangers.....Welcome!
CISOHandbook.com is a resource site for CISO's, CSO's, and security professionals. A place where security executives, managers, and practitioners can share ideas, challenges and opportunities associated with developing, participating, or managing Enterprise Security Programs.
 
The site contains metrics, tools, opinions, and most importantly access to CISO's, CSO's, experts, and other professionals in the field of security.  The sole intent of the site is to share information, ideas, tips, and techniques for addressing security issues faced by today's professional. 
 
The content of CISOHandbook.com is free to all however there are some areas that can only be accessed through registering and logging in. Registration is fast, free and easy, so what are you waiting for!

Click Here to Register!

    
The Elephant in the Room
 
  
 
    
Security Opinion

3 Tips for Measuring the Value of a Proposed Security Project

By Mike Gentile

Preface:


Many security programs spend countless hours every budget cycle trying to determine which projects to undertake for the upcoming year. Should we replace our firewalls, should we take on that federated identity management project (yuck!) Perhaps we should go with old reliable and do what our favorite research organization tells us to do (Bad choice).  One of the key components during this process is to determine the value of performing a specific security project, thus providing a decision criterion about whether it should be put on the “to-do” list or not. This article will provide simple but effective tips for determining the value of a proposed security project in the common organizational security program setting.
Click here to view the rest of the article
    
Security Opinion

Understanding the Tangible and Intangible Elements of a Security Program

By Mike Gentile, CISSP and CISOHandbook.com team 

Preface:

Building security programs is difficult.  They have many moving parts and require those who lead them to have knowledge across many different disciplines. Over the years, the team at CISOHandbook.com has strived to develop models that can help with solving this security program development riddle. This article will discuss some improvements and enhancements we have made within our models in helping you develop the right security programs for your organization.

 

Dealing with Secondhand Stress

By Daniel Johnson, SBN Principal Partner, Balance.point/Self Mastery Foundation Inc. 
 
If you have been following this series, you now have a toolkit of techniques and strategies to manage stress quickly and effectively.

 

The next question you may ask is:  How do I deal with stress at the source? 

 
 
    
On-line Security Program Health Tool

Now Available! 
 
On-line Security Program Health Tool
  • Want To See How Your Security Program Measures Up?
  • Want To See How It Compares To Other Organizations?
  • Want to Get The Results Instantly?
  • Oh Yea, It Is Also Free Courtesy Of CISOHandbook.com.
  • Do You Have More Questions? View the FAQ

Click Here To Check It Out!

This practical, easy-to-use tool enables the user to identify the strengths and weaknesses of their security program across six core areas including:

  • Program Strategy
  • Mission And Mandate
  • Roles and Responsibilities
  • Security Policies
  • Security Project Portfolio
  • Training And Awareness
Additionally, your review is benchmarked against all of the other organizations that have used the tool, providing you even more statistical information.

Everyone has asked for it, so here it comes...Don't miss out!
    
CISOHandbook Survey

Participate in Our Study!

We are conducting a survey for research we are performing in the domain of information security. The goal of this reseach is to help identify tools, tips, and techniques that can aid security professionals with the intangible complexities associated with implementing security in the modern organization. In addition, for your time as a survey participant, we will provide you the trended results from the survey in 2008.
 
Click Here to Take the Survey!
 
    
CISO Handbook Announcements
Secureworld Expo article on security program awareness
If we were to tell you that most security programs, in the typical organization, are struggling to define and obtain security success we are sure that you would not be terribly surprised. It is our belief that the primary reason in which our discipline, and specifically most organizational security efforts, are having difficulties is that they do not enlist the rest of the organization to assist with their efforts.   read more...
Secure World Expo article on PCI At
"For many organizations that process credit card transactions, compliance with the standards set forth by the Payment Card Industry (PCI) has been a large component of their security program project agenda. Thousands of security professionals are scurrying to implement the list of controls that are required, which to the credit of the authors of the standard are fairly defined and clear..."   read more...
IT Strategy Center article On Email Encryption At CIO Center
"Last year, an enterprise software survey of large North American and European companies found that one in three planned to invest in email encryption software in the coming year, according to Forrester Research. Another way to look at the survey results, however, is that one-third of these enterprises started the year out without any organized solution to secure the contents of their email..."   read more...
Computer Economics article on Security Regulations
"Organizations today must comply with a greater number of regulations than ever before. Because of the pervasiveness of information technology and the ever-changing nature of security threats, many of these regulations deal with the security of electronic systems and the protection of personal information..."   read more...
Noticebored review of CISO Handbook
"This is a well-written practical guide to building and delivering an information security improvement programme. Presenting sage advice in a consistent manner, the book is a helpful primer for the person tasked by management with ‘fixing information security..."   read more...
Shashdot review of CISO Handbook
"The CISO Handbook: A Practical Guide to Securing Your Company lives up to its title as being a practical guide to security. The book is antithetical approach to the products equal security approach, and takes a pragmatic approach to security..."   read more...
    
CISO News
    
The Unfortunate Truth
    
Now Available!
    
 
Premium Sponsors
    
Gold Sponsors
    
Advertise With Us
    
 
 
   Privacy Statement  |  Terms Of Use
Copyright (c) 2010 CISO/CSO Handbook