How to make business managers responsible for security

It's often said but rarely followed: The security manager isn't accountable for security; rather, he is accountable for making sure everyone else in the company is accountable for security. In this presentation, Tom Doughty, vice president of information systems at Prudential Financial, shows you the most effective ways your security team can motivate -- rather than mandate -- security sensitivity in an organization's various lines of business. Doughty shares Prudential Financial's philosophy that final accountability for maintaining secure business practices belongs to the business stakeholders. You see how the organization has moved toward functional-level execution of enterprise-level control initiatives. Plus, you learn how security can be baked into business processes without incurring unwanted costs, project del...

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security Architecture Insider Multifactor authentication options to secure online banking Security benefits of virtual desktop infrastructures How to secure data backup Too many encryption methods make secure communications difficult How to streamline role-based access control Five considerations for choosing network access control products Fighting fraud: Understanding technology and threats How to shift to centralized authentication and ease compliance Winning the war: Personal information protection Why financials must implement Web application security best practices Network security devices for financial institutions Five considerations for choosing network access control products Organization aims to develop encryption standard for card data How to use data loss prevention tools to stop data exfiltration How to perform a network device audit Event data analysis Security on the street with SearchFinancialSecurity.com: Mobile banking Don't let fads dictate your network security strategy How to easily integrate managed email security services Integrating firewalls into your financial enterprise systems How to integrate network behavior anomaly detection into enterprise systems

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

ays or headaches.

Download this presentation for a solid understanding of:

• The keys to "backward planning" for security, i.e. how security professionals can advocate for their interests in terms management understands
• Why fluid controls for fluid stakeholder objectives drive business management ownership
• The difference between belief-driven execution and rule-driven execution as a control multiplier
• The value of business management and staff as intelligence gatherers for your security program
• The key difference in stakeholders' perspective of security programs versus technical risk management programs
• Why C-level buy-in is not enough

  Download this presentation

  
  

  Rate this Tip To rate tips, you must be a member of SearchFinancialSecurity.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.