Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »Apply today for a FREE subscription to CIO Magazine!
January 02, 2008 — CIO — Looking into 2008, the information security agenda for executives continues to evolve. Long gone are the days where a firewall and an intrusion detection system can constitute the arsenal of information security defense. The complexities of what to protect and when, overlaid with requirements of regulation and compliance, create the need for a new type of information security executive—one with business savvy, sound risk fundamentals and holistic technical understanding. These skills, coupled with a strong strategy, will be necessary for organizations to achieve their 2008 information security goals.
In looking to build that type of strategy and structure, the items most likely to top the list are data protection and governance, compliance and the effective integration of information security practices into key business and risk management efforts. Executives must choose carefully; how the 2008 strategy addresses these three critical items may determine the program's ultimate success in protecting the business.
Data has gone rogue, and it didn't make any headlines in the process. Perhaps it should have. An event this important warrants some attention, but because it didn't happen with a big bang, no one seemed to notice. Inanimate as it is, data is causing problems because it's growing at an uncontrollable rate and it's hiding seemingly everywhere—both in the trusted confines of the data center and on the move through laptops, PDAs and e-mail. It's being disclosed (both on purpose and inadvertently) at an alarming rate and it's all but openly defying the letter of our corporate policies and standards.
The number one item on the 2008 information security agenda is data protection. The practice of protecting the confidentiality, integrity and availability of data is not new—passwords, encryption and data classification structures have been around for years. What has changed is the type of data that's now considered valuable. From the external attacker perspective, intellectual property and insider information were once the most sought-after data asset. Now, the data currency of choice is identity—e-mail addresses, social security numbers and credit card information. Corporate espionage is still a significant threat, but the new underground deals in volume, where success is being measured in thousands and millions of identities.
Internally, data protection is equally challenging. Executives demand that data be available to aid in decision support, albeit limited to only those team members with a "need to know." Whether through e-mail, jump drives or mobile devices, sensitive information seems to be leaving companies in droves. Add in the complexities of outsourcing and offshoring, and the data protection strategy needs to stretch beyond once-trusted walls and around the world.

Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.