Premium Content

Access "Service-focused security offers best value to organization"

Published: 20 Oct 2012

The tactics and personalities assumed by security teams have bred some rather novel approaches for implementing and promoting security practices within organizations. We've likely all seen the iron-fisted security group, which prefers the stick over the carrot, and tries to garner support and compliance through the spread of fear and uncertainty. Having seen an information security manager brute force C-level executive passwords and post them for all to see, I long ago concluded this approach doesn't work. Too often, security professionals damage relationships with key stakeholders through such aggressive tactics. Other security teams attempt to raise awareness for their practice through the more benevolent approach of security metrics. But implementing metrics that demonstrate the monetary value of a security practice to the C-suite is a conundrum. Realistic security metrics related to monetary value simply don't exist and never will except in a very few unique, isolated scenarios. While their approaches are radically different, the iron-fisted and the ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free