Dear CISO
Dear CISO: All Organizations Need Perpetually-Updated Data Visibility
Network controls have been historically proven to be very capable in limiting access to networks and therefore the data held within them. As our networks have evolved, so have these controls. However, ...
Dear CISO: Who is Responsible for Data Privacy?
In Theory: The legal team/DPO should lead the privacy policy as well as manage direct interaction with data subjects, such as DSAR management. Security should lead the implementation of the privacy policy, ...
Dear CISO: Partial Inventory is No Inventory at All
GDPR started it and others followed. Unlike with other sensitive data assets that we as CISOs need to manage, it's now quite clear what is expected of us regarding personal data. After ...
Dear CISO: Where to Look for Personal Data
Dear CISO, It has come to my attention that recent regulations require us to manage personal data in a very specific way. I trust that the security teams that report to you ...
