CIO Areas of Interest

Disaster Recovery Planning, Job Descriptions, Salary Survey, Business Continuity, ITSM, SOA, Compliance, SOX, and HIPAA

The Janco News feed is an XML news feed that you can subscribe to and re-publish on your web site or blog. The only requirement that you need to meet is that the feed is included with no modifications and that the links within the feed are retained as is.

If you wish to subscribe to this news feed the options that you have are:

    • IT Standard News Feed - 30 items

      10 actions that a CIO or CSO can take to protect data assets

      May 7th, 2015

      10 actions that a CIO or CSO can take to protect data assets:

      1. Instill on all employees that they are the first line of defense when it comes to data protection and data security.
      2. Develop and implement specific policies and procedures regarding the handling of proprietary or sensitive information.
      3. Validate that the policies and procedures meet all industry and mandate compliance requirements.
      4. Improve training and require all employees to take.
      5. Maintain a tight control on all data assets and ensure only the minimum necessary access to the information.
      6. Require all passwords be changed frequently and not be repeated.
      7. Communicate, enforce and apply consistent sanctions for information privacy or security violations.
      8. Monitor employee activity both on PCs and mobile devices.
      9. Ensure adequate oversight or governance of information security programs.
      10. Have independent 3rd parties test the data protection and data security compliance practices

      Policy and Procedure Manual
      Compliance Management Made Easy
      ISO 27000 / HIPAA / SOX / CobiT / FIPS 199 Compliant

      Supports Meaningful Use Compliant Stage Implementation

      Includes PCI DSS Audit Program PLUS 24 Electronic Forms that are ready to use

      Order Security ManualTable of Contents
      - more info

      CIO Management and best practices are defined on the Janco blog

      April 27th, 2015

      CIO concerns are constantly changing but the solutions are always centered around three factors: technology, infrastructure and people

      Threat Vulnerability AssessmentDownload Threat AssessementDownload Threat Assessement

      Current CIO Articles and posting on the Janco blog (

      1. Top 10 CIO concerns Top 10 CIO concerns for the New Year Top 10 CIO concerns – Janco Associates has just completed an informal survey of 75 CIOs and...
      2. Top 10 steps to an effective IT organization Top 10 rules of the road for CIOs when creating IT organizations Top 10 rules of the road for CIOs as they build a modern...
      3. Mobilizing Smartphones is a Challenge Mobilizing Smartphones is a very difficult job according to  CIOs Mobilizing applications for employees to use on their Smartphones sure sounds like a fun idea....
      4. Many CIOs have not addressed cloud security issues Less than 50% of all organizations have policies in place that for vetting cloud computing applications for possible security risks before deploying them. The number...
      5. Top 10 indicators that you are about to be fired Top 10 indicators that you are about to be fired Circumstance often make CIO and It Managers oblivious to the clues they are about to be...
      - more info

      A trick to improve security to software idenitied

      April 24th, 2015

      A trick to improve security to software idenitied

      Security PoliciesA good way to make software more secure is to implement revisions so frequent that attackers don’t have time to figure out where the vulnerabilities are before the potential attack surface has morphed to something else.

      Order Patch Management PolicyPatch Management Policy

      Also, network defenders need to take advantage of the honeymoon effect, where new software goes unmolested for a period after it is issued while adversaries analyze it for flaws. With frequent revisions, software is never in place long enough to fall prey to exploits and old exploits are less likely to have an impact.

      Security Policies - Procedures - Audit Tools

      - more info

      Proposed legislation will weaken data security and breach notification laws

      April 16th, 2015

      Proposed legislation will weaken data security and breach notification laws

      Security Breach Prevention

      The Data Security and Breach Notification Act, approved by the House Energy and Commerce Committee, would pre-empt stronger breach notification laws in several states and would eliminate data protections of telecom account records.

      The bill is weaker than the data security and breach notification standards that consumers currently enjoy under stronger state laws and existing federal law.

      The legislation would require businesses across the U.S. to notify affected customers after a data breach is headed toward a vote on the floor of the House of Representatives even though the bill will actually weaken protections for consumers.

      Order Security ManualTable of Contents

      - more info

      Many data breaches take over 1 year to fix after the first intrusion

      April 14th, 2015

      Security Audit Program

      ISO 28000, 27001, & ISO 27002 / HIPAA / SOX PCI-DSS Compliant

      Severs and coprorate data are breached on a daily basis.  While this is happening most companies are  unaware that their propritary information is being stolen. Janco has found that over 90% of cybercrime victims find out about the compromise only after a 3rd party notifies them.  Then after a cybercriminal gains access to an enterprise's network it takes an average 416 days to detect the intrusion.

      OrderTable of Contents

      - more info