Posts Filed Under Information Security

September 10, 2013

Talented Team

This is the third blog post as part of the series “How to Run an Information Security Function Effectively?” In my first post, I provided the mind map describing the thought process behind my conclusion that we can be much more successful

August 6, 2013

Something to offer (Service or Product)

This is the second blog post as part of the series “How to Run an Information Security Function Effectively?” In my first post, I provided the mind map describing the thought process behind my conclusion that we can be much more

July 24, 2013

How to run an Information Security Function effectively?

It’s an exciting experience when you get your first leadership role to build, run and manage a function, whether it’s an IT function or an Information Security function. You want to do a good job, make a good

June 24, 2013

Clueless Board or Inarticulate CISO

There was an article published by Forbes “Boards are still clueless about cybersecurity” on 16-May-2012 based on the report, The Governance of Enterprise Security: CyLab 2012 Report, published by Carnegie Mellon CyLab and RSA. This report was based on the responses from 108 respondents

June 4, 2013

What is Risk Appetite?

Governance, Risk and Compliance (GRC) sounds quite a complicated subject to a number of people. I felt the same way when I started my career in this exciting field of Security & Risk. I thought it will be

April 29, 2013

Big Debate – Is the auditor a bigger challenge to information security than the cybercriminal?

Last week, I was invited to participate in a Big Debate Keynote Panel at InfoSecurity Europe. Prior to the event, the Information Security community was given the opportunity to vote for the topic of debate and unanimously chose the

April 8, 2013

Network – Secure by design??

Recently, I have participated in several discussions around internal and external security breaches, big data and benefits of security information and event management (SIEM) solutions in making a security function proactive. As part of these discussions, I realised

March 3, 2013

Bit9 Hacking Incident – Another reminder and another awakening call

Last month another security incident hit the headlines, but this time it was even more interesting because it was related to Bit9, a company that provides software and network security services to the U.S. government and at least

February 14, 2013

Mobile Security Strategy – Past, Present & Future

Mobile Security – there is a lot of conversation going around on this topic all around us, Bring Your Own Device (BYOD) and Mobile Device Management (MDM) etc. Is this something new? Why is it becoming so important?

February 3, 2013

Security versus Compliance

Is being compliant same as being secure? Which one is more important? I have faced this question number of times, either in networking dinner, or on lunch table or having a conversation with executives in an open environment. Consider