Whenever a breach occurs it reveals weaknesses in how an organization approached security. Compromises are a great way to reveal the hidden sins organizations are committing. In the case of the Target breach, it is a gift that keeps on giving. While the initial breach report came out in December, it seems every week there are new “interesting” details that are revealed. One of the more recent items is the fact that Target did not have a CSO and all security responsibilities were buried under the CIO.
The first question that people ask is whether the CIO should have been held responsible for the breach. The bottom line is when a major event like this occurs; someone needs to be held responsible for the negligence. Therefore it is not surprising that someone was blamed for the breach. What was surprising is that security was a responsibility of the CIO. Computer Security Services The fact that a large organization did not have a separate CSO that is a peer with the CIO, is what is most concerning about the story. Clearly many things went wrong during the breach and whoever had the responsibility of security needs to be held accountable. However, it was not fair that the executives structured the company in this manner. Running the IT infrastructure (typically a role of the CIO) and protecting the information (typically a role of the CSO) are two different roles and it is unfair to have one person expected to do both effectively. These roles while at times can be complementary, they are often at odds. Having security buried under the CIO, puts that person in a conflict of interest situation.
First and foremost, organizations of any size, especially one the size of Target needs to have an executive that is responsible for security. With the large interdependence organizations have on a digital infrastructure, security needs to have a seat at the table in the boardroom. If security gets buried under IT, whose primary responsibility is running a reliable infrastructure, bad decisions will be made and breaches will happen.
google 4358
ReplyDeletegoogle 4359
google 4360
google 4361
google 4362
google 3116
ReplyDeletegoogle 3117
google 3118
google 3119
google 3120
Thanks in support of sharing such a good thought, piece of writing is
ReplyDeletefastidious, thats why i have read it entirely
Also visit my web page - 강남안마
(mm)
Thanks for posting this valuable information, really like the way you used to describe. Hope I'll get such posts in future too. 바카라사이트인포
ReplyDeleteThank you for sharing this useful information, I will regularly follow your blog. 바둑이사이트넷
ReplyDeleteValuable info. Lucky me I found your website by accident. I bookmarked it. 바카라사이트윈
ReplyDeleteGreat post with informative content. Thanks for sharing. 안전토토사이트
ReplyDelete먹튀검증
Thank you for posting the very nice informative article. Looking forward to reading more articles from you. Visit my website and Join our community!! There are promo's and event everyday!!
ReplyDeleteNBA픽
NBA픽느바챔프
NBA해외배당
Nice information, valuable and excellent design, as share good stuff with good ideas and concepts, lots of great information and inspiration, both of which I need, thanks to offer such a helpful information here. It’s really a cool and useful piece of information. I’m satisfied that you shared this useful information with us. Please stay us informed like this. Thank you for sharing.카지노사이트핫
ReplyDelete바둑이사이트넷
토토사이트
Thanks for sharing the information keep updating, looking forward to more post. Nice post ! I love its your site after reading ! thanks for sharing. Nice information, valuable and excellent design, as share good stuff with good ideas and concepts, lots of great information and inspiration, both of which I need, thanks to offer such a helpful information here.
ReplyDeleteviolation of a protective order virginia
amend preliminary protective order virginia