David Sherry is the CISO at Brown University. He leads the Information Security Group, charged with the development and maintenance of Brown's information security strategy, information security policies and best practices, security training and awareness programs, as well as ongoing risk assessment and compliance tasks.
There is a phrase that has become quite popular in information security circles and it goes along the lines of “there are two types of organizations, those that have been breached and those that don’t know they’ve been breached.” I hear it quite regularly from industry commentators and speakers at conferences - the key message being that every organization has been breached and only those with good information security have been able to detect and respond to the breaches.
Rafal Los, Chief Security Evangelist at HP Software, talks about the evolution of the CISO role, its current reality, and offers a few tried and tested solutions for a number of problems all CISO practitioners face sooner or later.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.