Board Governance
- Overcoming stubborn execs for security sake. CSO, January 7, 2016
- Cybersecurity and the Twenty-First Century Board of Directors. Huffington Post, December 31, 2015
- What The Boardroom Thinks About Data Breach Liability. Dark Reading, November 6, 2015
- What Cybersecurity Questions Are Boards Asking CISOs? Security Intelligence, October 23, 2015
- Why Corporate Boards Are Picking Women to Fill Cybersecurity Posts, Bloomberg Business, October 22, 2015
- How do you translate data security information to the board?, Information Age, October 22, 2015
- Do boards of directors actually care about cybersecurity?, CSO, September 1, 2015
- Cybersecurity on the agenda for 80 percent of corporate boards, CSO, May 28, 2015
- Boards Dissatisfied with Cyber, IT Risk Info Provided by Management, Security Week, January, 2, 2015
- Managing Cyber Risk: Job #1 for Directors and General Counsel, FTI Journal, July 2014
- The Board’s Role in Cybersecurity, Richard Clarke and Jacob Olcott, The Conference Board, March 2014
- Cybersecurity — A Board Primer, BDO Board Reflections, Winter 2014
- Cyber Risk and the Board of Directors—Closing the Gap, Michael Gold, Bloomberg Law, October 2013
- 2013 NACD Advisory Council on Risk Oversight Summary of Proceedings. NACD, May 2013
- CISOs Must Engage the Board About Information Security. CIO May 31, 2013
- Unbalanced alignment. Information security needs to become a board-level priority and its executives need to have a seat at the boardroom table. Ernst & Young 2012 Global Information Security Survey – Fighting to close the gap, October 2012
- Clueless’ boards risk lawsuits, threaten national security. Network World, May 23, 2012
- Boards Are Still Clueless About Cybersecurity. Forbes Magazine, May 16, 2012
- Governance of Enterprise Security – Carnegie Mellon University – CyLab Report, 2012
Citadel Cybersecurity White Papers and Management Guides
- The Human Factor in Information Security – Kim Pease, Citadel Information Group & Michael Kemps, Innovative Computing Systems, Law Journal Newsletter, December 2016
- Effectively Managing Information Security Risk
- Success Strategy for Infosec Planning and Implementation
- Seven Requirements for Successfully Implementing Information Security Policies, 2012
- Beyond Awareness Training, It’s Time to Change the Culture
- Can You Prevent Hackers from Taking Over Websites – Web-Site Security Basics
- Memo: Mitigating the Risk of Disciplining IT Staff
- Protecting your Business from the Social Network Threat
Other Management Guidelines
- Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0, National Institute of Standards and Technology (NIST), February 2014
- Cybersecurity Framework, General Information Page, NIST
- 10 Social Media Must Haves for Corporate Compliance and Ethics, Michelle Sherman, 2011
- US CERT Common Sense Guide to Prevention and Detection of Insider Threats (2005)
- Fraud Advisory for Businesses-Corporate Account Take Over, FS-ISAC, 101018
- ISSA Generally Accepted Information Security Practices (2004)
- ISACA Information Security Governance Guidance for Boards of Directors and Executive Management 2001
- Information Security Governance National Cybersecurity Partnership, 2004
- Information Security Governance, PPT-charts, National Cybersecurity Partnership, 2004
- NSA Defense In Depth
- Protecting Consumer Privacy in an Era of Rapid Change, FTC, 2012
- Securing Cyberspace Business Roundtables Framework for the Future, 2004
- NIST-7621 Small Business Information Security Fundamentals (2009)