[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
EH-Net • View topic - [Article]-InfoSec in the Boardroom

[Article]-InfoSec in the Boardroom

<<

don

User avatar

Administrator
Administrator

Posts: 4270

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Thu Dec 29, 2011 4:04 pm

[Article]-InfoSec in the Boardroom

CISSP, MCSE, CSTA, Security+ SME
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Tue Jan 03, 2012 9:10 am

Re: [Article]-InfoSec in the Boardroom

I've been talking about this with other colleagues lately. It's great that these issues are finally getting to executive management and Sowash certainly highlights the challenges communicating these complex issues to non technical people. His advice is pretty basic, but that's what makes it useful I think. We use these same tactics when we're debriefing our clients on our findings. I've also been on the operations side and had to use these tactics to try and get budget dollars to solve problems I was facing at the time. The biggest takeaway from this article and general advice is not to run into exec management waving your arms in the air and trying to scare people into decisions. It just doesn't work at this level. I do think that the media hype of high profile attacks can be brought up delicately to help support an argument.

I completely agree with the author in that you have to be unemotional about these problems, stay logical and keep in mind the execs frame of reference is going to be quite different than you as an info sec professional.

Return to Opinions

Who is online

Users browsing this forum: No registered users and 0 guests

cron
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software