Tenable: Reducing Cyber Exposure from Cloud to Containers
The book includes insights from the following experts: Alex Wood, PulteGroup, Inc, VP, Information Security/Chief Information Security Officer, You Must Recognize Hidden Costs and Hidden Risks >> Andy Boura, Thomson Reuters, Senior...
Genady Vishnevetsky: Understanding Business Priorities is Key
Only after the CISO has established priorities will he or she be able to assess what technologies and processes are in place and if they are doing what needs to be done. Executives need to understand the amount of risk they expose the business to by not applying...
Heath Taylor: You Need to Understand Risk and Make It Tangible
Only with a clear understanding of a business’s risk appetite will you be able to look at its risk tolerance for each asset and quantify the risk. In presenting to a board or senior executive leadership, you need to make risks and threats tangible for your audience....
Kevin McLaughlin: An Executive Level Steering Committee is Critical to CISO Success
Use simple visuals to communicate the cost impact of threat and remediation. The higher up in the organization you go, the shorter, sweeter, and more visual it needs to be. Don’t provide decision makers with one solution they must accept or reject. Give them risk and...
Richard Rushing: You Must Relate Requests to Concrete Problems You Will Solve
Turning risk into dollar figures can be a complex calculation involving many aspects of the business that are difficult to quantify, like brand value and real revenue impact. Work with financial professionals in the organization who will be able to help devise dollar...
Surinder Lall: When Quantifying Risk, Make It Real and Tangible
In the real world of rapidly changing infrastructure, shifting threat vectors, agile business activities, and evolving perceptions of risk, there are often security solutions with overlapping functions. Business leadership wants to see how a program addresses risk....
Suzie Smibert: The CISO Needs to Be a Business Leader More Than a Technical Leader
Eventually the CISO will have to go before the board and make the case for an investment. That’s when the CISO needs to be more of a business leader than a technology leader. A financial group within the company can help show if a security expenditure is going to have...
Vicky Ames: To Quantify Risk, Assess Potential Loss Events
A risk assessment methodology that analyses loss events in terms of dollar amounts can help quantify the risks a business faces. Dollar figures provide a common point of reference for security professionals and executives when conducting risk assessments. “We security...
Nehemiah Security: 7 Experts on Justifying Security Spend
The book includes insights from the following experts: Richard Rushing, CISO, Motorola Mobility, You Must Relate Requests to Concrete Problems You Will Solve >> Genady Vishnevetsky, CISO, Stewart Title, Understanding Business Priorities...
Scott Saunders: Early Detection Is Key to Shutting Down Attacks
Early detection and monitoring are important because they help a business shut down a potential attack before it worsens. Monitoring tools that incorporate artificial intelligence features can speed up the process of identifying and flagging unusual behavior. “It’s...
