The book includes insights from the following experts:
- Eric Bedell, MUFG, Chief Information Security Officer, The Framework Provides a Common Language for a Global Company >>
- Russ Kirby, Creditsafe, CISO, Adapt the Framework to the Business, not the Business to the Framework >>
- Daniel Cisowski, Vorwerk Group, Corporate Information Security Officer, Even for Sophisticated Companies, Frameworks Help With Navigation and Priority Setting >>
- Tero Lampiluoto, Outokumpu, Chief Information Security Officer, A Framework Can Streamline Vendor Onboarding >>
- Oren Ben Shalom, Tel Aviv University, CISO, Security Frameworks Require High-Level Collaboration >>
- Erik Blomberg, Handelsbanken, Head of Information- & IT-security, Frameworks Can Play a Role in Building Customer Confidence and Transparency >>
- Nir Yizhak, Micro Focus, SaaS CISO, Framework as an Instrument of Change >>
- Jayesh Patel, Save the Children International, Head of Global InfoSec / CISO, Security Frameworks Require a Focused, Dedicated Approach >>
- Ole Frandsen, ISS A/S, Group CISO and Head of Group Information Security, A Framework Enables a Consistent Security Practice in an Extended Global Enterprise >>
- Paul Heffernan, Unipart Group, Group Chief Information Security Officer, Framework Benefits Tie Back to Reasons for Framework Adoption >>
Economic, Operational and Strategic Benefits of Security Framework Adoption was generously sponsored by Tenable.
Not so many years ago, a standard security framework was something that large enterprises implemented. Most small and midsized organizations, particularly those in unregulated industries, cobbled together security strategies based on best practices that seemed important to them. More recently, however, security frameworks have gone mainstream. This is driven in part by the growth of cybercrime, a more demanding regulatory environment, and the increased complexity of the IT infrastructure. With all this newfound enthusiasm for security frameworks, how have businesses actually benefited by adopting them?
With generous support from Tenable, we set out to discover the answers by asking 30 security experts from a wide range of industries and regions around the world the following question:
What are the business and security benefits that come from adopting a security framework?
In our discussions with the experts, we found that benefits relate to motivations for adopting a framework in the first place. Some businesses have legal requirements to show compliance with standards. For them, non-compliance is itself an important risk factor. Many businesses adopt frameworks to prove to their customers they are a safe business partner. But for all of them, the benefits typically run deeper and become embedded in the culture of their operation. We identified many businesses that take creative approaches to framework adoption, along with some good tips on how to sell management on the need for a framework. And once you win that battle, then the real work begins.
Whether you are considering adopting a framework, or you have already implemented a framework and are facing an ever-changing security and regulatory landscape, I’m sure you will gain useful insights from these experts.