the business of security leadership
TRANSCRIPT
![Page 1: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/1.jpg)
The Business of Security Leadership
8 July 2016ISSA Tampa Bay
![Page 2: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/2.jpg)
Speaker BioISSA International Board of DirectorsSecurity ExecutiveU.S. Government ExpatriateAuthorBusiness ownerMentorFamily guyMinistry leaderAmateur comedian
Keyaan [email protected]/in/keyaan
![Page 3: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/3.jpg)
Outline
ISSA International Updates
The Business of Security Leadership
Summary
Q&A
![Page 4: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/4.jpg)
Updates from the Mother Ship
What is going on at ISSA International?
![Page 5: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/5.jpg)
In case you missed it:
2016 International Conference
November 2-3, 2016Hyatt Regency DallasRegistration is Now Open!
![Page 6: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/6.jpg)
ISSA International ConferenceEarly registration is closed, but . . .
•One complimentary registration is available for each Chapter. •Have a sponsor rent a bus.•We still want to see you if you are out of work. We
have volunteer opportunities.
![Page 7: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/7.jpg)
ISSA Fellows: 2016 Cycle is now open!
Submit a nomination for a Senior Member, Fellow, or Distinguished Fellow.
Deadline August 1, 2016 (11:59pm ET)
![Page 8: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/8.jpg)
Special Interest Groups (SIGs)ISSA SIGs offer additional, targeted opportunities to get involved.• Security Education and Awareness• Women In Security• Financial SIG• Healthcare SIG• Cyber Security Career Lifecycle (CSCL)
Want to serve as a liaison? Contact [email protected]
![Page 9: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/9.jpg)
ISSA CISO Executive Membership
If you are a CISO, this is a worthwhile membership level that offers 4 executive sessions per year to collaborate with
other CISOs and security leaders.
![Page 10: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/10.jpg)
The Business of Security Leadership
Some thoughts and perspective about the role of security in a business.
![Page 11: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/11.jpg)
I am not a security leader. Why do I care?
Everyone should care about security – especially security people.
![Page 12: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/12.jpg)
I am not a security leader. Why do I care?
You don’t have to be a security leader to care about or contribute to security
leadership.
![Page 13: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/13.jpg)
I sell security products or services. Why do I care?
You must have a deep understanding of your product and your customers to sell it
effectively.
![Page 14: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/14.jpg)
What is the main idea?
Information security is not really about . . .
controls, compliance, or technology.We are focusing on the wrong problem.
![Page 15: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/15.jpg)
What is security about?
Security is about equipping the business to operate with the fewest
possible disruptions.
![Page 16: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/16.jpg)
How does security equip the business?
Enhance and support business initiatives.
![Page 17: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/17.jpg)
How does security equip the business?
Protect confidentiality, integrity, and availability of business processes.
![Page 18: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/18.jpg)
How does security equip the business?
Identify threats and provide mitigation and/or timely remediation.
![Page 19: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/19.jpg)
How does security equip the business?
Support resilience of business systems and services.
![Page 20: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/20.jpg)
Where does security leadership start?
Security leadership starts at the top. Business leaders must agree on governance for the enterprise before security can contribute to
the process.
Data management
Enterprise architecture BCM BIA Policy
![Page 21: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/21.jpg)
Everyone agrees on governance. Now what?
Develop a strategy and clearly define programs and investments you need to genuinely equip
your business.
![Page 22: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/22.jpg)
What else?
Security must operate like the other business units in an organization.
![Page 23: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/23.jpg)
What do I need to run security like a business?
Program Management
Project Management
Managerial Accounting
Information Management Negotiation Collaboration
![Page 24: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/24.jpg)
Summary
What could we possibly learn in such a short time?
![Page 25: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/25.jpg)
This applies to everyone, not just security leaders.
Business is about business, and security just contributes.
Security must operate like a business unit to support the business effectively.
If you aren’t familiar with something we discussed, do research and learn more.
![Page 26: The Business of Security Leadership](https://reader036.vdocument.in/reader036/viewer/2022062823/587065591a28ab48378b4d95/html5/thumbnails/26.jpg)
Q&A
Message me if I couldn’t get to you during the session.