Tip

A guide to governance, security and safeguarding your business

Dr. Fred Cohen, Principal Analyst for The Burton Group, presented this session Information Security Decisions Fall 2005.

Information security is much more than a series of technical issues. If done correctly,

    Requires Free Membership to View

    Login

security becomes a key component of running an effective business. In this presentation, Dr. Fred Cohen, who is one of the world's leading researchers and analysts in information protection, investigates the link between corporate governance and information protection. For many businesses, regulations drive this discussion, but Dr. Cohen shows you how successful security programs can also lead to sensible protection that focuses on business performance and enhances shareholder value.

He begins by discussing information security strategy as it relates to a business' needs. You learn how an effective information security program must serve the interests of the company by being overseen by executives, shareholders, the board of directors and auditors. Dr. Cohen shows you how this translates into a duty to protect that is driven by the risk management process into protection requirements that give executive security managers the mandate to lead.

MORE INFORMATION

Visit our resource center for tips and expert advice on enterprise risk management

View more presentations from some of the industry's foremost security practitioners

Learn more about Information Security Decisions

Dr. Cohen also walks you through a roadmap for the way in which security leaders must interact with others within the organization to enable them to create business practices and processes that ensure proper levels of security. He offers tips for security managers to effectively get their message across, as well as outlines the structure of a successful security program.

Specific highlights of this presentation reveal:

  • How governance fits into the overall enterprise security architecture
  • How to effectively use power and influence in security governance
  • How to accomplish more with little or no budget
  • The role the CISO should play within the corporate governance structure
  • How to make continuous improvement to information security programs and practices

Download this presentation


This was first published in October 2005

Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.

    Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

    Back to top