How to make business managers responsible for security

It's often said but rarely followed: The security manager isn't accountable for security; rather, he is accountable for making sure everyone else in the company is accountable for security. In this presentation, Tom Doughty, vice president of information systems at Prudential Financial, shows you the most effective ways your security team can motivate -- rather than mandate -- security sensitivity in an organization's various lines of business. Doughty shares Prudential Financial's philosophy that final accountability for maintaining secure business practices belongs to the business stakeholders. You see how the organization has moved toward functional-level execution of enterprise-level control initiatives. Plus, you learn how security can be baked into business processes without incurring unwanted costs, project delays or headaches.

Download this presentation for a solid understanding of:

MORE INFORMATION Read more tips and expert advice on creating a corporate culture of security View more presentations from some of the industry's foremost security practitioners Learn more about Information Security Decisions

• The keys to "backward planning" for security, i.e. how security professionals can advocate for their interests in terms management understands
• Why fluid controls for fluid stakeholder objectives drive business management ownership
• The difference between belief-driven execution and rule-driven execution as a control multiplier
• The value of business management and staff as intelligence gatherers for your security program
• The key difference in stakeholders' perspective of security programs versus technical risk management programs
• Why C-level buy-in is not enough

  Download this presentation

  
  

  Rate this Tip To rate tips, you must be a member of SearchFinancialSecurity.com. Register now to start rating these tips. Log in if you are already a member. Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Security Architecture Insider Entitlement management systems alleviate access control pain points How to secure SOA Identity federation standards ease authentication pains How to implement the NIST role based access control model NAC fulfills compliance and security needs Password management best practices for financial services firms Pros and cons of multifactor authentication technology for consumers Global authentication policies made easy How fault-injection attacks threaten applications How to integrate social engineering into an information security assessment Network security devices for financial institutions Top NAC challenges include cost, interoperability issues Banking on policy in next-generation firewall Intrusion detection system deployment recommendations Firewall redundancy: Deployment scenarios and benefits Three points to consider before buying an enterprise firewall RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.