Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Building a bridge from the CISO to the CEO

Resources to help CISOs make the case for security
Security Strategies Alert By M. E. Kabay , Network World , 05/13/2008
Sign up for this newsletter now!

Mich Kabay takes a high-level view of security issues and provides resources to help safeguard your corporate and personal security.

  • Share/Email
  • Tweet This
  • Comment
  • Print

Chief information security officers (CISO), security consultants and other security personnel constantly face the difficulty of reaching across a cultural divide to communicate our concerns to business leaders such as CEOs and their C-level and board colleagues. We often lack shared assumptions, concepts, terminology, and priorities; our job usually involves executive education in addition to the other two components of the acronym ATE - awareness, training and education.

Many security writers have struggled with the task of communicating our point of view to our business colleagues; readers may want to check the following essays I wrote for that purpose to see if they can be helpful:

* Implementing Computer Security: If Not Now, When? This little paper reviews key threats to information and urges managers not to wait in developing and implementing security policies. 

* Net Present Value of Information Security. Thoughts about ways of presenting information security as more than just loss-avoidance. 

* Securing Your Business in the Age of the Internet. Five pages this time to convince your bosses to pay attention to INFOSEC. 

* Security on a Budget. About 40 minutes of narrated lecture on the key elements of managing information security effectively. (Also in MP3

* What's Important for Information Security: A Manager's Guide. Yet another attempt to reach managers who are not yet interested in security. 

Much more valuable than my scattered writings is a compact little book called A Seat at the Table for CEOs and CSOs: Driving Profits, Corporate Performance & Business Agility by Jackie Bassett and Daniel Rothman and edited by Raquel Filipek. 

At 134 pages of clear, uncluttered prose, this work should be in every CISO's library - perhaps in more than one copy so that we can lend them out! The authors explore a point of view with which I know many of us will concur: that security is now a critical success factor directly related to strategic planning at the highest levels. Their insights and explanations will reach intelligent business colleagues across the spectrum of industries and even non-profits and government agencies.

Jackie Bassett, MBA, is the founder and CEO of BT Industrials. She is a business consultant with extensive experience in strategic planning and has written for SecurityInfowatch, ITAudit, and other publications as well as being a guest speaker at many events including ISACA Annual conferences.

M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services. CV online.

  • Share/Email
  • Tweet This
  • Comment
  • Print
Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed