Information security steering committee best practices


This article can also be found in the Premium Editorial Download "Information Security magazine: How to be successful with your security steering committee."

Download it now to read this article plus other related content.

"It's a brand new thing for the electric sector.We have to come up with a lot of security implementations that we hadn't really dealt with before. Some of these are fairly significant projects that cost significant dollars," Freese says. "These are the type of things we have to explain why they are needed. I have a head start because it's a required set of initiatives; nevertheless, we have to come up with a cost-effective way to do this."

Freese says security organizations will eventually have to concede and formulate some sort of steering committee, otherwise they'll be operating in a vacuum and eventually impede business. For example, having legal and HR already at the table goes a long way toward solving any potential difficulties having to do with discovery or NERC compliance around HR management systems.

"[A steering committee] does a great deal to enhance the credibility of security if it's done correctly. I think it shows there are optimum solutions to protect the business as well as the company's data and networks," Freese says.

"It doesn't have to be adversarial. I think we're a good example. We've evolved into an organization that trusts that business and security will mesh and will sustain each other. It does change relationships a great deal."

    Requires Free Membership to View

This was first published in January 2009

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: