You might not be an expert in cybersecurity, but you’re responsible for the bottom line, and you need to know if your security program is solid. How can you tell?
Questions are an effective tool to drive important conversations, but you need the right questions to ask.
Here are the three questions Rosenquist suggests CEOs discuss with the CISO.
Cybersecurity risks fall into the categories of Confidentiality, Availability, and Integrity. All risk aspects are relevant to business success goals and must be driving considerations for the cybersecurity teams.
Security can be a significant investment for an organization. How do you know if you’re getting your money’s worth? When deciding where to expend resources on security, it is essential to understand the value proposition of that investment. How do you know if it’s enough?
Not only is security never perfect, with changing landscapes security degrades over time. Effective security requires a recognition of this true.
This work was performed for the Security Literacy Project, a subcommittee within ACDA’s Supply Chain Efficiency and Security Committee.
DEG Regular and Associate level members are invited to participate on the Subcommittees and are encouraged to submit ideas for issues to be addressed.
For more information, please email Bekah Sturm (Bekah@degonline.org).