Author: Michael J. Corby, CCP, PMP, CISSP

We learned (or maybe just heard about) Security being comprised of three main Components, Confidentiality, Integrity and Availability. Some argue that there is a fourth, Compliance, but we’ll leave that for another time. Yeah, the press latches on to the violations in confidentiality and we hear endless stories of credit card, driver’s license, social security, health and criminal records being lost or stolen. The buzz around the confidentiality violations is constant and chronic. (more…)

Author: J. Andrew Brinkhorst, CISM

In the best businesses, operations flow smoothly from area to area, function to function, with little or no wasted effort. Ideally, each function in the business works hand-in-hand with others, providing the smooth flow that predicates success. Today, information technology and processing is acknowledged as one of those key processes. (more…)

Author: David A. Meunier, CISSP, HISP, VP Information Risk Management & CISO, MasterLink Corporation

“Information Risk Management is the Holistic process of institutionalizing the identification, analysis, evaluation, mitigation, monitoring and communication of risk to achieve compliance with corporate policy, regulatory requirements and processes in accordance with the CIA Triad of Confidentiality, Availability and Integrity of information.”

That statement accurately outlines the tremendous amount of effort required to achieve risk reduction and regulatory compliance. A key success factor relies on the security leader’s ability to reduce the potential information risk his or her business faces on a daily basis. (more…)

Author: Dan Lohrmann, CISO, State of Michigan

The conventional wisdom is that government security culture at all levels suffers from a lack of training. But leaving the quality, timeliness and relevance of specific courses aside for a minute, is it possible that the real problem is too much training? Some say yes, but I doubt it. (more…)

The Security Executive Council (SEC), an international membership organization for public- and private-sector security executives, and ASIS International, the preeminent society for security management professionals, have formed a partnership to provide leadership tools and solutions to benefit members of both organizations and the security industry. ASIS will offer the SEC’s innovative leadership materials—including books, presentations and research reports—in the ASIS bookstore. (more…)