CS代写 THE BUSINESS OF SECURITY

THE BUSINESS OF SECURITY

Security Technologies Director Entrust Datacard @sandycarielli

Copyright By PowCoder代写 加微信 powcoder

SECURITY AND BUSINESS

By 2020, 75% of businesses will be digital
THE RISE OF DIGITAL BUSINESS

DIGITAL BUSINESS, SECURITY AND RISK
Rather than eliminate risk, accept and implement controls to help enable business

SECURITY AS A BUSINESS ENABLER: A CONTROL THAT MAKES YOU FASTER

PRIORITIZATION

WHAT “MUST” BE DONE YOUR BUDGET

COMMUNICATION

A STORY ABOUT SECURITY RISK AND POOR COMMUNICATION…

CISO Qualities
What do you see as the key qualities of a chief information security officer (CISO)?
IT Security
How do you prefer information regarding cybersecurity be presented?
STRATEGIC RATHER THAN
TECHNOLOGIST Source: Veracode/NYSE

1. Stage your meetings
2. No jargon
3. Stay focused
4. Talk risk – but think about acceptable risk
5. Talk cost of exposure and recovery – and measure against value
SPEAKING THEIR LANGUAGE: SANDY’S (UPDATED) RULES FOR SECURITY LEADERS

TALKING TO THE BUSINESS

 It’s a month until the big release of your company’s product is about to ship. Many customers are waiting for this release, and it’s likely to make the company $20M in additional revenue in the first month alone. You have found a security bug that you believe is high severity. A fix could delay the release by several weeks.
 How do you assess the risk and impact?
 How do you communicate that to the business?
SCENARIO #1

 You would like to hire an outside consulting firm to do some “ethical hacking” of your products and identify vulnerabilities. This will cost approximately $250,000 per year. You do not have this money in your budget, and you’d like to ask for it.
 How do you justify the cost?
 How do you explain the benefits of such a
SCENARIO #2

 This morning, an unknown attacker staged a Distributed Denial of Service (DDoS) attack against your website, bringing it down for a couple of hours. Customers are concerned and the attack has been reported about in the media. You need to report to the board:
 What happened?
 How did this happen?
 How did we get back online?
 What do we need to do in the near term and longer term to reduce the risk of this happening again?
 What should we tell the media and our customers?
SCENARIO #3

QUESTIONS?

THANK YOU!

Security Technologies Director, Entrust Datacard @sandycarielli

程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com