6-16-14 Podcast References

“People will forget what you said, people will forget what you did, but people will never forget how you made them feel.”

– Maya Angelou

Target top security officer reporting to CIO seen as a mistake


C-IT Recommendation

  1. Analyze the reporting structure of your organization
    1. Interview your CISO and ask him or her where it is optimal in your organization to report. Ask questions such as “Do you believe security priorities have been bottlenecked by the current reporting structure?”
  2. If necessary, move CISO’s reporting structure directly into a top level officer or directly to a top level board

Article Resources

Who should the CISO report to?


The Global State of Information Security® Survey 2014



Android ‘SMS Stealer’ hides in World Cup-themed apps


C-IT Recommendation

  1. Perform an asset inventory of all company owned Android devices using company provided cell phone service. Your company should have a configuration management database to show which devices have which operating systems versions.
  2. Ensure anti-malware service is deployed on all company owned Android devices. If you have a mobile device management solution, enable the company webfiltering option where applicable and force the cellular devices to pass through the company webfilter/proxy before accessing the internet.
  3. Provide mobile device security awareness informing your employees not to visit pornographic sites. Also, instruct employees not to apps from unofficial stores

**If you do not have a mobile device management solution in a BYOD model, Strongly recommend users to install the security updates. Failure to do so may result in your employees devices compromising your company information and/or costing the employees or your organization a ton of money**


Leave a Reply

Your email address will not be published. Required fields are marked *