the rational approach to disruptive information security
TRANSCRIPT
Information Security Information Security
JuggernautJuggernaut
The Rational Approach to Disruptive Information Security
By Ravila Helen White, CISSP, CISM, CISA, GCIH, ITIL v.3
ijijMaking it better without making Making it better without making it complexit complex
DisclaimerDisclaimerThis presentation and the concepts
herein are my opinions through private research, practice and chatting with other professionals.
It is not the opinion of past, present or future employers.
AgendaAgendaChecklist(s) – What is wrong
about them…Understanding Disruption– It’s
the driver behind technology we must secure…
How to be disruptive – NIST won’t help you but…
Checklist(s)Checklist(s)What is wrong about them….
Find a standardFind a best practicePerform a gap analysisTrain our usersAll the boxes for the auditors are
checked
Going down the wrong Going down the wrong path…path…
Why?Why?The solution must meet the use
caseThe solution must protect against
real threatsSolutions must align to business
operations
Appearance is Appearance is everything…everything…
The reality is…The reality is…Business is not linearBusiness is driven by innovationBusiness is driven by disruption
Knowing is not understanding. There is a great difference between knowing and understanding: you can know a lot about something and not really understand it. [Charles Kettering]
How we got here..How we got here..Not understand the mental
model of our organizationNot adjusting our mental modelImplementing mental models
based on checklists
Understanding DisruptionUnderstanding DisruptionIt’s the driver behind technology
we must secure… …
Disruptive Technology Disruptive Technology and/or Innovationand/or InnovationCreating a new market or value networkImprove a product or serviceDesigning for a different set of consumers
“It represents a mindset—a rebellious instinct to discard old business clichés and remake the market landscape. An eagerness to deliberately target situations where the competition is complacent and the customer has been consistently overlooked or under-served.” [Luke Wilson]
“The potential for reinvention is all around us, and it’s an exciting time to be thinking about how to structure (or restructure) your business, your community, or your life in ways that create new value. Enjoy the possibilities.” [Richard Branson - 1998]
Innovation Disrupted MarketUSB Flash drivesDownloadable digital
mediaMinicomputersDigital photographySteamboatsAutomobilesLCDGPS Navigation
Floppy Disk drivesCDs, DVDsMainframesChemical photographySailing shipsRail transportCRTNavigational map
(paper)
Harnessing DisruptionHarnessing Disruption
Examining the Examining the Outcome…Outcome…
© Gene Bellinger, Durval Castro and Anthony Mills - systems-thinking.org
How Mental Models How Mental Models InfluenceInfluenceA mental model is an image,
story, or an assumption that influences what we see in the world, determines the structures we put in place, and ultimately drives our behavior.
How to be disruptiveHow to be disruptiveNIST won’t help you, but…
Identify and remove the Identify and remove the inertia…inertia…Industry StandardsIndustry best practicesAudit ChecklistsIndustry jargon
Reframe your approach…Reframe your approach…
Reversal through Reversal through ISO7498ISO7498
The principle of The principle of reapplication…reapplication…
Patterns of behavior…Patterns of behavior…
Structured RationalizationStructured Rationalization
Value through disruption Value through disruption as…as…
Credits & ReferencesCredits & References
General Professional Influencers Disrupt: Think the
Unthinkable to Spark Transformation in Your Business
Google: www.Google.com The Visual Miscellaneum Change by Design Threat Modeling Thinking Page:
www.thinking.net Wikipedia:
www.wikipedia.com
Colleen F. Ponto, Ed.D
Copyright InformationCopyright InformationSome works in this presentation
have been licensed under the Creative Common license (CC). Please respect the license when using the concepts or adapting them.
For more information please go here:
www.creativecommons.org
Thank you…Thank you…
Questions and Comments
Contact me via slidshare.net