 |
 |
|
|
|
|
|
|
 |
| CISOs, CSOs, Security Professionals, Project Mangers.....Welcome!
|
|
|
|
 |
|
 |
CISOHandbook.com is a resource site for CISO's, CSO's, and security professionals. A place where security executives, managers, and practitioners can share ideas, challenges and opportunities associated with developing, participating, or managing Enterprise Security Programs.
The site contains metrics, tools, opinions, and most importantly access to CISO's, CSO's, experts, and other professionals in the field of security. The sole intent of the site is to share information, ideas, tips, and techniques for addressing security issues faced by today's professional.
The content of CISOHandbook.com is free to all however there are some areas that can only be accessed through registering and logging in. Registration is fast, free and easy, so what are you waiting for!
|
 |
|
|
|
|
|
The Untold Story of Data Leakage
By Mike Gentile, CISSP and CISOHandbook.com team
Preface:
"Data Leakage this and Data Leakage that," everywhere you look these days it is difficult to avoid security professionals trying to demonstrate what is leaking. Most of the time, we would just classify the Data Leakage phenomenon as another marketing hype effort, similar to previous items such as “Automated Risk Management”, or “Intrusion Prevention”, designed to sell the newest security widgets to an overworked security community. But Data Leakage is different. Though there can be benefits to many of the data leakage solutions that are available, there are just as many potential disadvantages that should also be considered. In our experience thus far, unfortunately, many of these disadvantages are often being completely overlooked during the selection process. This article will discuss some quick tips for creating a balanced approach for this type of solution.
Teamwork with a Heart
There is an “I” in TEAM, and it stands for each individual constituting the group of people with whom you work. Now, I am fully aware that the United States is an individualist country: meaning that we value and admire and celebrate the accomplishments of individuals, people who had the vision and were willing to take on the risks and challenges to achieve their goals. It is part of our national psyche to view the world as if we are standing in the center. We seem to embody the old Celtic riddle that states: “Where is the center of the Universe?” The answer: “Right here, where I am standing.”
Beating Stress: Optimize Your Thoughts
By Daniel Johnson, SBN
Principal Partner, Balance.point Strategic Services/Self Mastery Foundation Inc.
I am by nature a pessimist. However, I use optimism as a tool to manage my thoughts and get the most out of any situation. I call myself an “optimistic realist”.
In these challenging times, it is not hard to be a little discouraged, confused and stifled by our environment. I do not suggest you should just put on a happy face and ignore the potential pitfalls that surround you.
|
|
|
|
|
|
| On-line Security Program Health Tool
|
|
|
|
|
|
|
Now Available!
On-line Security Program Health Tool
- Want To See How Your Security Program Measures Up?
- Want To See How It Compares To Other Organizations?
- Want to Get The Results Instantly?
- Oh Yea, It Is Also Free Courtesy Of CISOHandbook.com.
- Do You Have More Questions? View the FAQ
 Click Here To Check It Out!
This practical, easy-to-use tool enables the user to identify the strengths and weaknesses of their security program across six core areas including:
- Program Strategy
- Mission And Mandate
- Roles and Responsibilities
- Security Policies
- Security Project Portfolio
- Training And Awareness
Additionally, your review is benchmarked against all of the other organizations that have used the tool, providing you even more statistical information.
Everyone has asked for it, so here it comes...Don't miss out!
|
|
|
|
|
|
|
Participate in Our Study!
We are conducting a survey for research we are performing in the domain of information security. The goal of this reseach is to help identify tools, tips, and techniques that can aid security professionals with the intangible complexities associated with implementing security in the modern organization. In addition, for your time as a survey participant, we will provide you the trended results from the survey in 2008.
|
|
|
|
|
|
|
|
|
|
| CISO Handbook Announcements
|
|
|
|
|
|
|
Secureworld Expo article on security program awareness
If we were to tell you that most security programs, in the typical organization, are struggling to define and obtain security success we are sure that you would not be terribly surprised. It is our belief that the primary reason in which our discipline, and specifically most organizational security efforts, are having difficulties is that they do not enlist the rest of the organization to assist with their efforts.
read more...
|
Secure World Expo article on PCI At
"For many organizations that process credit card transactions, compliance with the standards set forth by the Payment Card Industry (PCI) has been a large component of their security program project agenda. Thousands of security professionals are scurrying to implement the list of controls that are required, which to the credit of the authors of the standard are fairly defined and clear..."
read more...
|
IT Strategy Center article On Email Encryption At CIO Center
"Last year, an enterprise software survey of large North American and European companies found that one in three planned to invest in email encryption software in the coming year, according to Forrester Research. Another way to look at the survey results, however, is that one-third of these enterprises started the year out without any organized solution to secure the contents of their email..."
read more...
|
Computer Economics article on Security Regulations
"Organizations today must comply with a greater number of regulations than ever before. Because of the pervasiveness of information technology and the ever-changing nature of security threats, many of these regulations deal with the security of electronic systems and the protection of personal information..."
read more...
|
Noticebored review of CISO Handbook
"This is a well-written practical guide to building and delivering an information security improvement programme. Presenting sage advice in a consistent manner, the book is a helpful primer for the person tasked by management with ‘fixing information security..."
read more...
|
Shashdot review of CISO Handbook
"The CISO Handbook: A Practical Guide to Securing Your Company lives up to its title as being a practical guide to security. The book is antithetical approach to the products equal security approach, and takes a pragmatic approach to security..."
read more...
|
|
|
|
|
|
|
|
|
|
|
|
|
 |
|
 |