"Just securing the data is no longer enough," says Trevor Hughes, head of the International Association of Privacy Professionals. 'Privacy professionals, in addition, need to prepare for what happens when things go wrong."
The same approach governments and businesses employ to protect individuals from the dangers of secondhand smoke could be applied to safeguard cyberspace, says Scott Charney, Microsoft's vice president of trustworthy computing, engineering excellence and environmental sustainability.
The recent data breaches at Epsilon and Sony should send a chilling message to privacy officers everywhere. "You can't prepare enough," says Kirk Herath, chief privacy officer of Nationwide Insurance Companies.
Kirk Herath, Chief Privacy Officer at Nationwide Insurance Companies, has been in privacy management for more than a decade, and he has two main concerns about today's enterprise: Mobile technology and cloud computing.
One of the unexpected impacts of the global economic crisis is that many organizations have lost their business resiliency, says Lyndon Bird, director of The Business Continuity Institute, headquartered in the U.K.
India's data protection standards are already strong. But to be truly secure and world-class, then organizations must protect themselves above those standards, says Dr. Kamlesh Bajaj, CEO of the Data Security Council of India.
In the wake of recent data breaches, industry experts fear that consumers and employees alike will start exhibiting signs of "breach fatigue" and treat such incidents apathetically. Here are tips for how to ward off apathy.
In the wake of the RSA, Epsilon and Sony PlayStation data breaches, we spoke to two global information security leaders and asked for their three biggest leadership lessons learned. Here is what they shared.
Cybersecurity threats are maturing, but information and risk management have yet to come of age for many Gulf countries. But this maturity must come soon, says Abbas Kudrati, head of information security at the eGovernment Authority of the Kingdom of Bahrain.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
Four years ago, the Council of Registered Ethical Security Testers began as an organization to bring standardization to the penetration testing industry. Today, CREST's scope is expanding across industries and global regions, says president Ian Glover.