Report urges companies to adopt management framework for information security
The Corporate Governance Task Force of the National Cyber Security Partnership last week issued a management framework and call to action to industry, nonprofit organizations, and educational institutions, challenging them to integrate information-security programs into processes for corporate governance.
As described by Robert Holleyman, president and CEO of the Business Software Alliance, a member of the partnership, security isn't just a technical issue but an executive-management challenge. The report, "Information Security Governance: A Call To Action" offers five recommendations toward this end that focus on CEO and board involvement in committing to and publicizing their commitment to the information-security-gov- ernance framework.
In some ways, information-security governance has always been an executive concern, given the related financial responsibilities faced by CEOs, says Howard Hantman, director of corporate information security at RSA Security Inc. "But to make those meaningful," he says, "you have to have information-security controls as well."
While some companies already operate according to the proposed management framework, Hantman says for many, this will be a wake-up call.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.