- Microsoft Windows chief decries standards grandstanding
- The 5 best, and 5 worst, features of Google Chrome OS
- Federal government using PS3 to crack pedophile passwords
- 10G Ethernet cheat sheet
- Top 10 free Windows tools for IT pros, at a glance
Mich Kabay takes a high-level view of security issues and provides resources to help safeguard your corporate and personal security.
Chief information security officers (CISO), security consultants and other security personnel constantly face the difficulty of reaching across a cultural divide to communicate our concerns to business leaders such as CEOs and their C-level and board colleagues. We often lack shared assumptions, concepts, terminology, and priorities; our job usually involves executive education in addition to the other two components of the acronym ATE - awareness, training and education.
Many security writers have struggled with the task of communicating our point of view to our business colleagues; readers may want to check the following essays I wrote for that purpose to see if they can be helpful:
* Implementing Computer Security: If Not Now, When? This little paper reviews key threats to information and urges managers not to wait in developing and implementing security policies.
* Net Present Value of Information Security. Thoughts about ways of presenting information security as more than just loss-avoidance.
* Securing Your Business in the Age of the Internet. Five pages this time to convince your bosses to pay attention to INFOSEC.
* Security on a Budget. About 40 minutes of narrated lecture on the key elements of managing information security effectively. (Also in MP3)
* What's Important for Information Security: A Manager's Guide. Yet another attempt to reach managers who are not yet interested in security.
Much more valuable than my scattered writings is a compact little book called A Seat at the Table for CEOs and CSOs: Driving Profits, Corporate Performance & Business Agility by Jackie Bassett and Daniel Rothman and edited by Raquel Filipek.
At 134 pages of clear, uncluttered prose, this work should be in every CISO's library - perhaps in more than one copy so that we can lend them out! The authors explore a point of view with which I know many of us will concur: that security is now a critical success factor directly related to strategic planning at the highest levels. Their insights and explanations will reach intelligent business colleagues across the spectrum of industries and even non-profits and government agencies.
Jackie Bassett, MBA, is the founder and CEO of BT Industrials. She is a business consultant with extensive experience in strategic planning and has written for SecurityInfowatch, ITAudit, and other publications as well as being a guest speaker at many events including ISACA Annual conferences.
M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services. CV online.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment