Home > Security Tips > Risk Management Strategies > Who's responsible for security? Everyone!
Security Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

RISK MANAGEMENT STRATEGIES

Who's responsible for security? Everyone!


Ken Tyminski
05.09.2005
Rating: --- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


This presentation by Ken Tyminski, VP and CISO of Prudential Financial, was given at Information Security Decisions Spring 2005.

When the network is compromised or a worm sneaks through the AV screen, everyone looks to the security manager to find out what went wrong. Rather than having sole responsibility for security, others should be charged with security as well -- namely the business owners of the systems and data.

In this presentation, Ken Tyminski recounts his efforts to decentralize security in a company with 55,000 users. Get inside the walls of Prudential as Tyminski discusses his efforts to transfer the responsibility for security to the owners of business units, infrastructure and data. Besides security awareness training and stringent security policies, one of the most effective decentralizing methods Tyminski implemented was dismantling Prudential's SOC and making the network managers responsible for security. Hear firsthand how he did it and learn how to employ such practices within your own organization.

View this presentation

Visit our organizational communications and culture resource center

Rate this Tip
To rate tips, you must be a member of SearchSecurity.com.
Register now to start rating these tips. Log in if you are already a member.




Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
Risk Management Strategies
Easing e-discovery preparation by mapping enterprise data
Database patch denial: How 'critical' are Oracle's CPUs?
Security breach management: Planning and preparation
The ins and outs of database encryption
Failure mode and effects analysis: Process and system risk assessment
Data loss prevention (DLP) tools: The new way to prevent identity theft?
IT GRC: Combining disciplines for better enterprise security
Partner access: Balancing security and availability
Enterprise data management: Analyzing business processes and infrastructure for data protection
Filtering log data: Looking for the needle in the haystack

Information Security Awareness Training
Security Awareness Training Essential Part of Infosec Program
Societe Generale bolsters internal controls, discovers second insider
Companies still monitoring email manually, survey finds
Trading firms rethink risk strategy
Security pros focused on internal threat, training
Is it a violation of HIPAA to collect consumer Social Security numbers?
Windows Update attacks: Ensuring malware-free downloads
Are senior level executives a target for social engineering attacks?
Is the Storm worm virus still a serious threat?
What are the benefits of employee security awareness training?

Creating a Security Culture
Security Awareness Training Essential Part of Infosec Program
Societe Generale bolsters internal controls, discovers second insider
Companies still monitoring email manually, survey finds
Trading firms rethink risk strategy
Security, Privacy Offices Must Combine Resources
What can be done to block adult images in search engine results?
Building information risk management frameworks: Developing controls for people, processes and technology
Security Metrics: Replacing Fear, Uncertainty, and Doubt
Mergers and acquisitions: Building up security after an M&A
Do personal issues within a company pose a risk to the enterprise?

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
National Computer Security Center  (SearchSecurity.com)
Total Information Awareness  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineWebcastsWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Advanced Search | Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts