Certainly, security professionals must be totally capable of evaluating risk, but, more importantly, in any organization, it is becoming more necessary to communicate that risk to management in a way that gets a buy-in and support for truly being able to mitigate that risk for the organization.

With that in mind, we suggest you read a recent article published in Dark Reading, and authored by Tim Wilson.  Much of the material in the article comes from a series of speakers and presentation made at the recent CSI Annual Conference - 2009 .

Read the full article.

Compliance Week is offering an e-Conference on Wednesday and Thursday, October 28-29, that represents an alternative to the typical conference/trade show for those compliance professionals tasked with both regulatory compliance and corporate compliance responsibilities, and yet facing restricted travel budgets to attend such offerings.

Click on the link below to learn more details as well as read Lora Bentley’s recommendations for participating in this first ever E-Conference ….

http://www.itbusinessedge.com/cm/blogs/bentley/e-conference-offers-alternative-for-compliance-professionals/?cs=36998

Business Continuity Planning and those related Information Security Projects for most organizations have often been strategies and activities executed as a kind of an insurance policy to cover potential disasters that might happen to that organization.  By having a business continuity strategy or plan in place, management aims to provide mitigation and hopefully, even prevention, of  those problems – both internal and external —  affecting the business in a negative way. 

In an article written by Ian Masters,  and recently posted on the IT BusinessEdge blog, a point is made that looking forward, organizations are demanding more from their business continuity investments.  In other words, business continuity planning efforts along with business continuity software investments must have an additional ROI now presented to management — it is no longer enough to be simply an insurance policy against something going wrong.

Read this article for more information about this growing business continuity requirement trend.