Welcome to Collaborative Strategy Guild Where insights are transformed into actions at the intersection of collaboration, information management, security, and business strategy.
|
 This year InformationWeek asked SecurityCurve to help them with their annual Federal Cybersecurity Survey. It was a great research project and we learned a lot. If you’re interested in the findings there’s a brief article at InfoWeek:
What are the most dangerous cyberthreats? And how are agencies responding? InformationWeek launched our 2012 Federal Government Cybersecurity Survey to find out. Our poll of 106 federal IT pros involved in IT security for their organizations was conducted in March. We asked respondents to rank the threats they face and their readiness to deal with them. We inquired about cybersecurity spending… Continue reading: 2012 Federal Government Cybersecurity Survey
As you know, sometimes a few of my comments about cloud make their way over to the Savvis Blog for publication in that venue. This month, I have a few comments there about VM Sprawl and why security folks should care about it. It’s written about a lot from a performance angle in the industry press, but the disorganization of it is also a huge security problem too. Anyway, I try to give a brief overview of what the issue is, why it happens, and why security teams ought to be thinking about it now… Continue reading: Comments on why Sprawl Matters
This year Ed and I have been asked to run the Application Security Tracks at the IANS Information Security Forums. In advance the first Forum, to be held on March 20-21 in Washington, DC we put together a podcast and a Q&A on application security and the topics we plan to cover. If you’re planning to attend any of the IANS Information Security Forums, or if you’re just interested in Application Security, please take a look and listen:
IANS Research Member Preview
Building an Optimized Application Security Program
IANS Research Podcast
Application Security Track: Forum Podcast with Diana Kelley and Ed Moyle
As the second law of thermodynamics tells us, all things trend toward chaos and this is no less true with a virtual environment. Sprawl can have a real security impact, and it takes discipline and planning to control sprawl — discipline and planning that won’t occur without someone from the security team actively monitoring the problem and formulating strategies for how to address the issue.
VVirtualization has been one of the most rapidly and widely adopted technologies in recent memory. It’s huge, and it’s here to stay.
And as security professionals know, setting up a virtual environment securely isn’t easy. Significant effort goes into tasks like evaluating off-premise service providers, ensuring regulatory… Continue reading: Post Virtualization Security
[Excerpted from "Security Via HIPAA Compliance," a new report By Diana Kelley and Ed Moyle, posted on Dark Reading's Compliance Tech Center.]
Healthcare compliance requirements can be a driver to improve your organization’s overall security. Here’s how:
If your security organization is in the healthcare space, you inevitably are wrestling with the Healthcare Information Portability and Accountability Act (HIPAA). HIPAA compliance is one of the biggest challenges healthcare IT organizations face — but it also could be an opportunity to advance your security agenda.
For security professionals to leverage compliance investment and activities for broader benefit, they must understand what’s driving current compliance investment.
First, it bears saying that the… Continue reading: Using HIPAA To Advance Your Security Initiative
|
|
