Does your organization face challenges with effectively aligning cybersecurity teams and business executives? In many organizations, it seems that business executives and cybersecurity teams don't always understand each other's roles. Executive leadership may not realize the cyber risks to their organization, such as APT threats, insider threats, espionage, phishing. Also, cybersecurity teams may not know what business systems are MOST important to protect before and during an incident.
So how can you successfully align cybersecurity with the C-Suite, and keep the collaborative alignment effective? Before we answer that question, let's first talk about the challenges that have historically kept security and business executives out of alignment.
Strategic vision directly influences and impacts the success of implementation of cybersecurity controls. Cybersecurity MUST be positioned as a business enabler. And businesses... read more >
Why problem management is important to security
Well, it is now official; I am writing my first blog post. As the Regional Chief Information Security Officer for the Americas here at NTT Security, I felt it important to share with you a perspective that I have gained from my extensive experience with information and physical security, combined with my recent experience with the Information Technology Infrastructure Library (ITIL), and more specifically problem management. ITIL defines problem management as “The process responsible for managing the lifecycle of all problems. Problem management proactively prevents incidents from happening and minimizes the impact of incidents that cannot be prevented” (Steinberg, Rudd, Lacy, and Hanna, 2011). Well, then, what is a problem defined as? ITIL would tell us that a problem is “a cause of one or more incidents. The cause is not usually known at the time a problem record is created, and the problem management process is responsible for further investigation”... read more >