Home > Financial Services Information Security Tips > Security Architecture Insider > How to make business managers responsible for security
Financial Security Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

SECURITY ARCHITECTURE INSIDER

How to make business managers responsible for security


Tom Doughty
03.12.2008
Rating: --- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


It's often said but rarely followed: The security manager isn't accountable for security; rather, he is accountable for making sure everyone else in the company is accountable for security. In this presentation, Tom Doughty, vice president of information systems at Prudential Financial, shows you the most effective ways your security team can motivate -- rather than mandate -- security sensitivity in an organization's various lines of business. Doughty shares Prudential Financial's philosophy that final accountability for maintaining secure business practices belongs to the business stakeholders. You see how the organization has moved toward functional-level execution of enterprise-level control initiatives. Plus, you learn how security can be baked into business processes without incurring unwanted costs, project delays or headaches.

Download this presentation for a solid understanding of:

    MORE INFORMATION

    Read more tips and expert advice on creating a corporate culture of security

    View more presentations from some of the industry's foremost security practitioners

    Learn more about Information Security Decisions

  • The keys to "backward planning" for security, i.e. how security professionals can advocate for their interests in terms management understands
  • Why fluid controls for fluid stakeholder objectives drive business management ownership
  • The difference between belief-driven execution and rule-driven execution as a control multiplier
  • The value of business management and staff as intelligence gatherers for your security program
  • The key difference in stakeholders' perspective of security programs versus technical risk management programs
  • Why C-level buy-in is not enough

    Download this presentation


    Rate this Tip
    To rate tips, you must be a member of SearchFinancialSecurity.com.
    Register now to start rating these tips. Log in if you are already a member.




    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


    RELATED CONTENT
    Security Architecture Insider
    Entitlement management systems alleviate access control pain points
    How to secure SOA
    Identity federation standards ease authentication pains
    How to implement the NIST role based access control model
    NAC fulfills compliance and security needs
    Password management best practices for financial services firms
    Pros and cons of multifactor authentication technology for consumers
    Global authentication policies made easy
    How fault-injection attacks threaten applications
    How to integrate social engineering into an information security assessment

    Network security devices for financial institutions
    Top NAC challenges include cost, interoperability issues
    Banking on policy in next-generation firewall
    Intrusion detection system deployment recommendations
    Firewall redundancy: Deployment scenarios and benefits
    Three points to consider before buying an enterprise firewall

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary

    DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2008, TechTarget | Read our Privacy Policy
  TechTarget - The IT Media ROI Experts