Whether we are dependent on a supply chain or part of a supply chain, we are all vulnerable to disruptions beyond our control. What can we do to work towards achieving our supply chain resilience? Here are some tips.
Security personnel should be required to prove not only that they know how to do things right, but also that they know how to do the right thing. They must demonstrate commitment to ethical behavior.
Blaming developers for application security problems is the wrong thing to do. Here are five reasons why application security development fails in the software development ecosystem of many companies.
A successful organization in today's business world has most likely cultivated a "brand." Have you ever thought about creating your own brand to enhance your career?
It is difficult to get buy-in at the very top in organizations because business continuity management is wrongly seen as an operational issue. Here is my advice for practitioners to seek upper management attention.
Every new information security job search is likely to be fiercely competitive in today's market. Here is my game plan for potential candidates to help them stand out and get that next position.
It's the everyday attacks, not the Flames, that are most likely to put an organization's IT infrastructure in jeopardy. Here is advice for how organizations can staff up and improve cybersecurity.
Why do so many small and mid-sized enterprises continue to believe that business continuity planning is just for the big guys? And how do we go about convincing them otherwise? Here are some tips.
Application security is driving demand for highly skilled consultants. It's a challenging profession, and I've broken out five key skills that will distinguish you in the field.
How can organizations ensure that their information security staff is mitigating the latest threats? And what truly defines an information security professional? Here are some of the key ingredients.
Anti-fraud professionals often uncover misconduct in the course of our work. What types of ethical dilemmas must we navigate in our efforts to prevent fraud? Here are a few that come to mind.
Far too often the relationship between auditors and their boards is not as effective as we might hope. What makes the difference? Here is some advice based on my recent conversations.
Earlier this month, I had the chance to attend RSA Conference 2012, which always reminds me how fluid our industry is, and how important it is to stay educated and abreast of change.
What skills are needed to be an effective fraud examiner? My short answer is that, as with any discipline, there are certain skills and areas of knowledge one needs to learn to be successful.
For those auditors who have not yet found the time to read the COSO exposure draft, I wanted to take this opportunity to let you know what has changed.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.