Posts

Showing posts from April, 2016

Web Application security for CISO's - 6 things to consider

Image
At edgescan we assess 1000's of systems globally across both the web site & application layers.  We assess both pre-production and production environments deployed to data centres and the cloud alike. From experience the job of a CISO involves much more than cybersecurity but the CISO is required to set strategic direction for many aspects of security and be an oracle of knowledge.... Many of my CISO friends and colleagues understand the need to security across the entire systems development and maintenance lifecycle and have a large list of areas to cover off and secure not to mention maintaining compliance... Measuring the security maturity Level, and building an integrated approach to maintain posture Balancing cost/budget and risk prioritization Consolidation of metrics and trends to make informed decisions Maintaining clear channels of communication with the business Helping to keep security promises made to users by the business. The following is a lis