Careers Newsletter
 
NEWSLETTERS
 

CIO.com updates, insights and advice on technology, management and your career.

 CIO BlackBerry News and Tips
 CIO Research and Analysis
 CIO Microsoft
 CIO Insider
More Newsletters | Edit Profile
 
RSS Feeds »
 
 
LEADERSHIP
 
CIO Executive Programs
The Leader in Face-to-Face Education for Senior Executives

Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »

 
CIO Executive Council
A Peer-Advisory Service and Professional Association for CIOs

Public Council Teleconference: Application Rationalization — Hidden Costs and Smart Decisions

November 17 at 11:00 am US/Eastern (GMT-5)

Join Honorio Padrón, of The Hackett Group, who will share the drivers for companies to tackle application rationalization and the results of research that define the hidden cost of complexity. Additionally, we will discuss key decision milestones—to start or not, holding the course steady and fulfilling expectations.

Virtual Desktop Cost-Benefit Analysis — Michael Jacobs, Catlin Group

The analysis contained in this presentation measures the cost of everything from the machines and licenses to the infrastructure for virtual vs. traditional desktop environments.

Honor your best senior team members - Apply for the CIO Ones to Watch Award

Get well-earned public recognition for your top up-and-coming team members, your IT organization and your enterprise. Award winners will be announced, publicized and feted in May 2010, great timing to help attract new IT recruits to your company.

More / Register »

Learn more about the CIO Executive Council »



 
 
RESOURCE CENTER
 

buy a link »

Ads by TechWords
 
 
Book Excerpt
 

Book Excerpt: The Adventures of an IT Leader, Part 3

A new CIO scrambles to contain a security breach—and to keep his job. Read the third installment of our exclusive series.

 

By Robert D. Austin, Richard L. Nolan and Shannon O'Donnell

March 11, 2009CIO

The story so far: Jim Barton, the head of loan operations for financial services company IVK, has been tapped as the CIO by the company's new CEO, Carl Williams. The previous CIO has been fired, and Barton must restore Williams's confidence in IT while he learns on the job. In his previous role, Barton had argued against a security upgrade. Now an apparent data breach may have compromised customer information, and Barton's job as CIO is on the line. Read the first and second installment.

More on CIO.com
Book Excerpt: The Adventures of an IT Leader, Part 1
Book Excerpt: The Adventures of an IT Leader, Part 2
Book Excerpt: The Adventures of an IT Leader, Part 4

Friday, June 29, 9:12 a.m....

Barton and his direct reports had convened at 7:15 a.m., and they'd begun talking through a list of issues.

First, they needed to identify the security measures they wanted to implement to reduce the risk of future attacks. The upgrade project that had been rejected earlier would be accelerated, but Barton wanted them to figure out what else they could do.

Second, they needed to decide what should be done to make the company secure against additional mischief from the attack that had just happened. They had no smoking gun to tell them that there had been intruders, but neither could anyone think of a way a database index file could be renamed without someone meaning to do it.

Third, they needed to figure out what to recommend to Williams about what, if anything, they needed to disclose outside the company. This was the issue most likely to get people fired, the issue most likely to spell an ugly end for IVK.

Friday, June 29, 3:47 p.m....

Options were shaping up. The team would work on "future event avoidance" on a less urgent time frame, but the other two issues, recovery from the attack and what to disclose, had to be dealt with now. There were three possible courses of action:

1. Do nothing. Assume that the past mischief was the worst that the bad guys had intended—if in fact there had been bad guys.

2. Shut down the company except for operations that could run manually and rebuild critical systems from development files. This was the "playing it as safe as possible" option, but the shutdown would be noticeable enough from outside IVK that it would need to be explained.

3. Build a mirror site from development files and rebuild production systems after the mirror site was up and running. It would cost money and take a couple of weeks to assemble the necessary facilities and equipment.

 
 
Loading...
TOOLS
CONNECTIONS
Harvard Business Press
 
WHITE PAPERS

Exclusive Economist Intelligence Unit Research

Find out why - and how technology can help balance centralized control and individual autonomy.
 

How Data Mining Can Rock Your Career

Recently, U.S. News & World Report listed "data miner" as one of only a handful of careers core to today's digital enterprises. The University of Illinois at Chicago takes a look.
 

Upgrading to VMware vSphere with vWire

Learn how vWire can help ensure the success of your upgrade from ESX 3.x to vSphere.
 

Explore the Common Barriers to Virtualization

Discover best practices around furthering virtualization in a secure and compliant environment.
 

Practical Approaches for Securing Web Applications

Enterprises understand the importance of securing web applications to protect critical corporate and customer data. What many don't understand, is how to implement a robust process for integrating security and risk management throughout the web application software development lifecycle.
 

An Executive's Guide to Web Application Security

Since so many Web sites contain vulnerabilities, hackers can leverage a relatively simple exploit to gain access to a wealth of sensitive information, such as credit card data, social security numbers and health records. It's more important than ever to examine your Web application security, assess your vulnerability and take action to protect your business.
 

WEBCASTS

Smart techniques for application security: whitebox + blackbox security testing.

Whitebox & blackbox application security testing are two approaches for detecting vulnerabilities in Web-based and ...
 

Lower the Cost and Complexity of a Mobile Workforce through Automation

Lower the Cost and Complexity of a Mobile Workforce
 

Extending Client Refresh - 11 Steps to Maximize Savings

11 Steps to Maximize Savings
 

Consolidate Your Servers and Storage to Lower Costs with Oracle Database 11g

Live Webcast
Tuesday, December 8, 2009
2:00pm ET/ 11:00am PT

Oracle Database 11g and Oracle Real A...
 

The Last Software You'll Ever Buy? The Platform Approach to Development

Torn between "buy" and "build"? There is a third option that can give you the custom fit of an in-house build and t...
 

Profit from Power Savings

Cut Costs & Green Your IT Operations with PC Power Management

Find out how and why 400 organizations have d...
 

Resource Alerts

Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.

 
IT Jobs
 
 
 
FEATURED SPONSORS
 
 
 
SPONSORED LINKS
 

The Total Economic Impact of Network Security Intrusion Prevention

Return on Information: Google Enterprise Search pays you back. Get the facts.

VMware. The source for Business Infrastructure Virtualization.

ShoreTel tells businesses to untangle from competitors' complexity and turn to its brilliantly simple UC solution

See how AT&T can help protect your network.

Streamline IT Costs. Boost Performance with WAN Optimization.

Build your 1st app FREE with Force.com

TDWI checklist helps define data readiness for analytics. Download report.

A Clear View Toward Virtualization

Virtualization Technology as a Business Solution

The rules of infrastructure management just changed.

A Clear View Toward Virtualization

Interactive Q&A helps you discover key ways to maximize IT assets.

Ready to virtualize tier one applications? Check your virtualization maturity.

Think you can't afford a Cisco Switch? Cisco Catalyst Switches are now more affordable.

Five minute business analytics assessment. Immediate results.

The Case for Investing in Business Analytics Technology. Read white paper.

Upgrading to VMware vSphere with vWire

Top 10 Lessons Learned for Corporate 3G Mobile Broadband Deployments

CRM Built for IT: The Executive Guide to Selecting CRM that Meets IT Needs

Return on Information: Google Enterprise Search pays you back

ROI of Application Delivery Controllers

Making Consumer Two-Factor Authentication Simple and Cost-Effective

Mining the Cloud to Ease the Enterprise Compliance Burden

Solve Five Key IT Security Challenges with Cloud-Based Authentication

Disciplined Autonomy: Resolving the Tension Between Flexibility and Control

AT&T Synaptic Storage as a Service. Expand on demand

Trend Micro ranked #1 against real-world malware. Read more.

Webinar: Jump-start your in-house e-discovery with Ringtail QuickCull from FTI Technology

Top Five CIO Challenges

Read the RSA report: Security for Business Innovation

64-page prescriptive guide to security, compliance, and IT operations.

Increase UPS efficiency without sacrificing protection.

eZine: A Roadmap to Reducing IT Complexity

Reduce risk, gain agility. See how Progress can help your business.

Virtualization Technology as a Business Solution

eZine: A Roadmap to Reducing IT Complexity

World-class trading technology solutions from NYSE Technologies.

If You're Paying for Telecom, You're Paying Too Much. Contact Asentinel Today.

Trade-In your old printer and save up to $1,000 plus free recycling!

infoBOOM! - The Mid-Sized Company CIO's Exclusive Community

Live Webinar: Applying Business Analytics. Click here to learn more

Removing Barriers To Better Server Virtualization Efficiency

4G Revisited. The Continued Evolution of Wireless Mobility.

What's Next for Enterprise Resource Planning?

Maximizing website Return on Information with high-quality search

Gartner Magic Quadrant, Application Delivery Controllers 2009

Authentication as a Service by Forrester Research

Cloud-Based Authentication for Next-Generation Extranets

Cut Costs & Green Your IT Operations with PC Power Management