Stories about: Ernst & Young

Becoming the chief information security officer (CISO) of a corporation makes you a strategic IT advisor to business management, the chief information officer, and the rest of the information technology staff. Just as no company is the same as another, the job of CISO -- or alternately, "chief security officer," which might include physical security as well -- isn't either. The four security professionals who share their priorities with us make it clear there's nothing cookie-cutter about the top IT security job.

The 2006 Ernst & Young global information security survey has found organizations worldwide are failing under the weight of vendor risk management in outsourcing relationships, but internally have woken up to the relationship between information security and effective risk management.

It was two close calls that changed how Rob Israel thought about encrypting the data on his users' laptops.

The Australian Information Security Summit begins today with the keynote address from Dr Paul Dorey, member of the Global CSO Council, an IT security thinktank based at Carnegie Mellon's CyLab.

The typical computer network isn't like a house with windows, doors and locks. It's more like a gauze tent encircled by a band of drunk teenagers with lit matches".

Companies that make regulatory compliance the sole driver of their information security efforts could be weakening their long-term security posture instead of improving it, according to IT managers at the 32nd annual US Computer Security Institute conference held last week. Therefore, it's better to make compliance a by-product of a broader corporate security strategy -- not its sole end objective, they said.

A recent security survey by Ernst and Young (E&Y) found there is both a lack of IT security priority in the executive suite and a lack of security awareness amongst users.

Information security is everyone's business, but that message doesn't always filter up to the highest level of the organisation. New research from Ernst & Young finds that companies should be doing more to safeguard their data.

Information security is of “high importance” to US health care companies, however few of them rake make ROI calculations for such spending.

Inadequate funding remains the single largest obstacle to implementing effective IT security measures at most companies, according to the results of a recently completed global survey by Ernst & Young International.