"It's a good idea, " says Bruce Schneier, security guru and chief security officer of British Telecom.
David Miller, chief security officer at Covisint (a subsidiary of Compuware), is a perfect example.
FORBES: Influx of Nerds Changes Tenor of Auto Industry's Summer Camp
Hire a Chief Security Officer and associated staff that will focus solely on issues relating to information security.
FORBES: Blippy Apologizes For Google-Searchable Credit Cards, Announces New Security Plan
Cisco's chief security officer John N Stewart also suggested that Mr Schmidt had his work cut out for him.
"People are cruel, " says Hemanshu Nigam, chief security officer at MySpace, which requires no ID data for any post.
Mikko Hypponen is chief security officer for F-Secure, a leading computer security company.
BBC: Viewpoint: Stuxnet shifts the cyber arms race up a gear
Moore, chief security officer at the security firm Rapid7 who has tested numerous Java exploitation techniques over the last year.
FORBES: Forget Oracle's Latest Java Patch. Just Kill The Program In Your Browser For Good
Moore, chief security officer at security firm Rapid 7, which had integrated the exploit into its Metasploit penetration testing tool.
FORBES: Oracle Quietly Releases Fix For Serious Java Security Bug--Months After It Was Reported
Counterfeiters "are going after anything and everything, from patented to non-patented, expensive to inexpensive, " said John Clark, Pfizer's chief security officer.
"Security starts with knowing what you have, " said Stephen Schmidt, chief security officer at Amazon's web services told the BBC in an earlier interview.
BBC: How the New York Times cleaned house after its hack attack
And Martin Carmichael, chief security officer at McAfee Software, says that internal data breaches are more likely than external attacks to reveal key private information.
"It's true that it's impossible to completely defend against denial of service attacks and still be accessible, " says Marcus Ranum, chief security officer of Tenable Security.
Hemanshu Nigam, first chief security officer for MySpace, said the firm warns about suspicious links and educates users about the harm phishing and malware attacks can bring.
Mr. HEMU NIGAM (Chief Security Officer, MySpace): Over the last year it's - we have implemented over, actually, over a hundred different safety features, designs and programs across our company.
"It's part of this overall story that the Chinese want to know what the West thinks of them, " said Richard Bejtlich, chief security officer with the computer-security company Mandiant Corp.
Richard Bejtlich, the chief security officer at Mandiant, the firm hired by the Times to investigate the cyberattack, said the breach is consistent with what he routinely sees China-based hacking groups do.
Richard Bejtlich, the chief security officer of the firm hired to investigate, said that if each attack was viewed in isolation it was hard to say with certainty that China's military was to blame.
And Martin Carmichael, chief security officer at McAfee Software (nyse: MFE - news - people ), says that internal data breaches are more likely than external attacks to reveal key private information.
Mandiant's chief security officer, Richard Bejtlich, said that "if you look at each attack in isolation, you can't say, 'This is the Chinese military', " but that the similar patterns and targets of the attacks indicated a connection.
Richard Bejtlich, chief security officer at Mandiant, a computer-security company, said that in cases handled by his firm where intrusions were traced back to Chinese hackers, 94% of the targeted companies didn't realize they had been breached until someone else told them.
In fact, when I spoke with Richard Bejtlich, chief security officer at Mandiant and a well-known author and blogger on network security, he argued that APT1 is actually a relatively sloppy group of hackers, and that its mistakes were what part of what allowed Mandiant to profile the unit in such detail.
FORBES: The Shanghai Army Unit That Hacked 115 U.S. Targets Likely Wasn't Even China's 'A-Team'
Far more common--but still damaging--are the high-volume crime spikes, spam e-mail distribution and "phishing, " a pernicious technique for stealing credit-card information. (For more on online scams, check out "Where The Scammers Are".) The carnage is hard to pin down in dollar terms, but Marcus Ranum, chief security officer of Tenable Security, says it's "billions upon billions"--far more than all "major" hacking incidents combined.
We have a large IT security staff overseen by a Chief Information Security Officer who works to identify and implement best practices.
In a press release on the Playstation Network blog, spokesperson Patrick Seybold added a lengthy explanation of how the company plans to respond to the hack, including adding new layers of security, changing how it encrypts customer data, and appointing a chief information security officer.
FORBES: Sony Apologizes For Playstation Breach, Appeases Users With Freebies
That said, the going forward approach then is to have a process for reporting seemingly disparate small security issues, and having a person to report them to (in most organizations a chief information security officer or CISO) who can put them all together in the context of a larger attack.
Instead of holding state-wide authority, the chief information security officer was often in the position of coordinating cross-agency resources.
FORBES: Security Experts Warn State Governments Face Losing Battle With Hackers
Yet another impediment to addressing the risk is the lack of wide authority vested in the role of chief information security officer, Robinson explained.
FORBES: Security Experts Warn State Governments Face Losing Battle With Hackers
We created the office of the Chief Information Security Officer beginning in 1995 with the appointment of Steve Katz at Citi Corp, the very first CISO.
应用推荐