WISEGATE WATCH

Keeping Infosec and IT professionals abreast of new research and content,
upcoming live virtual roundtables and other industry news.
SPECIAL ANNOUNCEMENT

Vote for our sessions at SXSW 2016 today through September 4! Wisegate’s CEO and founder Sara Gates and Editor-in-Chief both have proposed sessions at Austin’s largest interactive festival. Click on the links below to give them a “thumbs up” (you must register for a free Panelpicker account, first – it’s easy and quick!).

Stop Reinventing the Wheel and Recycle Brainpower: http://panelpicker.sxsw.com/vote/54938

The IT threat not much bigger than 2-meters: http://panelpicker.sxsw.com/vote/55018

LATEST FROM THE GATE — NEW MEMBER-BASED RESEARCH
Have you seen Wisegate's latest toolkits? Don't miss out on getting IT tips and resources inspired by Wisegate members—from starting a new job to developing a security strategy, these toolkits can help IT pros get quick answers for their careers and company challenges.



Geek Speak for the C-Suite: A Guide for Effectively Communicating Security Risks to the Board
It’s many IT professionals’ dreaded task—explaining security risks to Business management. Senior executives may understand risk well; they just don’t always understand the geek-speak that we use when we talk to them about these risks. Wisegate’s “Geek Speak for the C-Suite” kit contains a list of steps IT professionals should consider in order to help communicate confidently with the C-Suite.

Download the Kit

What Does Information Security Have In Common With Eastern Air Lines Flight 401?
Drawing comparisons to the tragic Florida Everglades crash of Flight 401, Zinaich discusses the "nearly imperceptible descent" of information security. In this seven-part series, exclusively published on Security-Today.com, Zinaich explores the recent birth of the information security world, including challenges and obstacles CIOs continue to face.

Download the Research
WISEGATE NETWORK BUZZ

Top Searches in the Wisegate Community

Top Wisegate Member Discussions

  • Tools for Researching a URL
  • What are your timeline SLAs for deployment of security patches?
  • With phishing attacks on the rise, how do you identify whether the email was authored internally or externally?
  • We're looking to migrate away from Blackberrys for our end users. We are considering Samsung Galaxy S5 with Knox or IPhones. Which one would be the most secure?
  • What do you guys use for security awareness training, if you don't have an on-premise Learning Management System? Please also provide your comments based on the vendor's capability in providing additional material, doing phishing campaigns etc..
  • What are your thoughts on McAfee's Next Gen Firewall and IPS. How does it compare to Palo Alto, SourceFire and CheckPoint?
  • How are you managing patches, particularly in high-availability environments?
  • What security architecture framework have you adopted?
  • For vulnerability assessments for 50 to 200 nodes, what approach do you recommend? Would you recommend an automated solution, in house software packages or a service?
  • What tools are you using to track and report on compliance and remediation issues? What has been your experience with them?
  • What sort of approach are you taking when devising a cloud security strategy?
  • What would you recommend as a tool to track user access on various systems and applications?
  • What tools does your organization use to report on the various applications installed on workstations?
  • Do you have a sample risk acceptance memo you are willing to share?
  • Information Security Budget
1.) What is your information security budget?
2.) What percent of the organizational budget does this number represent?
3.) Is the budget a security budget or a component of the IT budget?
  • Aside from your Board of Directors, do you have any voluntary (i.e. not regulatory) external oversight of your Information Security program? For example, a key consulting firm advising you related to priority of roadmap items, emerging risk, etc?
  • What tools can we use to restrict dictionary words from being used in a password in Active Directory?
  • I'm looking for a laptop encryption and backup solution that is easy roll out, implement, and maintain on a limited budget. What solutions would you recommend?
UPCOMING LIVE RESEARCH, ROUNDTABLES AND EVENTS
Live Research — Live, interactive calls covering Infosec & IT issues and peer discussions

August Wisegate Live Research (membership required)

  • 8/26/15: Workgroup -- Malicious Insiders
  • 8/27/15: Member Call -- Business Intelligence Primer
  • 8/28/15: Roundtable -- Shop Talk – DLP


Upcoming Live Research (membership required)

  • 9/8/15: Member Call -- Incident Response
  • 9/4 – 10/9/15 (each Fri): Roundtable -- Office 365 Series
  • 9/30/15: Roundtable --The Identity of Things
  • 10/16/15 – 10/23/15 (each Fri): Roundtable --
    Professionalization of Information Security (two part series)

WISEGATE IN THE NEWS
Critical skills for IT and InfoSec leaders

You've held a technical role in IT or information security (InfoSec) for a number of years, and now you'd like to move into a leadership role. Maybe even become a CIO or CISO. Good for you! There's a need for good people in those roles. Wisegate's Linda Musthaler shares insight from Wisegate's ebook, A CISO Handbook to Effective Leadership & the Art of Influencing People in this Network World article.

Read the Full Article
FROM OUR INSIDE THE GATE BLOG
Special Series: Wisegate and Security Today - In this seven-part series exclusively published on Security-Today.com, Wisegate member Martin Zinaich draws comparisons to the tragic Florida Everglades crash of Flight 401 to illustrate the "nearly imperceptible descent" of information security, and explore the recent birth of the information security world. Visit our blog to view all seven articles on Security-Today.com. Also, check out Martin's complete report above.
Read More »
Recruiting Talent for IT & Security - Recruiting can be difficult in any industry, but in IT and security, picking the wrong person for the job can cost money, reduce productivity and create risks for business. During one of Wisegate's roundtables, senior-level IT and security professionals discussed best practices and tips for recruiting talent.
Read More »

More From our Blog
DIRECT FROM THE MOUTH OF WISEGATE MEMBERS

We love hearing feedback on how Wisegate is helping you and how it can get better. Here's a story we heard recently about how Wisegate provides talent management advice:

1:1 COMPLIANCE INSIGHT

Service Organization Controls (SOC) 1, SOC 2 and SOC 3 are assurance reports for internal controls beyond financial data and are driven by an increasing popularity of outsourcing business processes to service organizations. Many of these third party service organizations include cloud data storage and computing providers, which causes heightened concerns around confidentiality, privacy, security, availability and processing integrity. One member was able to fast track implementation of AICPA (American Institute of CPAs) SOC 2 requirements.

This member had the SOC 1 under their belt, but needed a faster way to learn about and apply the SOC 2 requirements to their organization and meet a compliance deadline. Through Wisegate, this member connected one on one with another member, who led SOC 1, 2 and 3 PCI assessments for their organization. Through that call the member learned:

  • About the policies
  • Monitoring and communication requirements
  • What was required to be deemed SOC 2 compliant
  • Guidelines for prioritizing requirement implementation
  • How much money, time and effort the other company spent for their assessments, which was useful for budgeting
  • Applicable insights and best practices.

Have a story or feedback you'd like to share with us? Let us know!
ABOUT WISEGATE
Wisegate connects peers, hosts virtual roundtables, and produces and analyzes customized research, surveys, and more, offering IT leaders the quickest path to answers and decisions. With Wisegate, IT leaders create and implement tried-and-true strategies, ramp up programs, select technologies, manage teams and achieve their goals – at a fraction of the cost.


See if You Qualify for Membership

Manage your email communications or Unsubscribe

13413 Galleria Circle
Suite Q-302
Austin, TX 78738