Tag Archives: governance

Your Policies Can Hurt You, Part 1: The Importance of Well-Tailored Instructions

Managers often think about compliance in terms of policies. There is something concrete, achievable and finite about them. And they are required by laws and regulations for protecting information and systems. But too often managers think of policies as a finish line for compliance. Need to be compliant? Then write a bunch of new policies […]

While Technological Security Risks Are a Possibility, Management Security Risks are a Certainty

Most of my information security focus these past few years has concentrated on managing risks and governance, but this was not always the case. I came into this profession as a technologist and manager who focused on team building, turn-arounds and doing a lot with few resources. But as my career moved from technology operations […]

Governance of Enterprise Security

Governance of Enterprise Security. Just read a interesting survey finding.  The 2012 survey was done by Carnegie Mellon CyLab, sponsored by RSA.  They surveyed how boards and senior executives are governing the privacy and security of their organizations’ digital assets.  They used the Forbes Global 2000 list – respondents included:  CEO/Presidents (52%), Corporate Secretaries (15%) […]