SlideShare a Scribd company logo

Inclusion And Empowerment

D
danielblander
Education
1 of 14
Download to read offline
Inclusion & Empowerment: How Participation and Awareness Influence Security Daniel J Blander, CISM,CISSP
[ agenda ] [ challenges ] [ why ] [ emerging strategies ]
[ challenges ] Management buy-in User Participation
[ challenges ] How consistent is your security posture? Is it integrated in to your organization’s goals?
[ challenges ] But I have tried!
[ why ] Company & Stakeholder awareness of risk • “Its never happened to us before” Stakeholder Focus: Profit, Cost, Opportunity
[ why ] CIO = Chief IT Officer Security is Only for Computers
[ why ] Self Inflicted Wounds Techno-babble F.U.D. • • Fear mongering – FUD & Hype Security is a Cost Center • Security does not generate revenue • Security is restrictive
[ change ] Create a shared Governance Function HR Finance Sales Security IT Steering Legal Committee
[ change ] Security as “Business Risk Management” • Security is a process inside The Company • People, Processes, Information • Participate in the Business Chief Risk Officer Physical Information Legal Security & IT Security
[ change ] Use security to enhance business Give back to the business Focus on: • Efficiency & Effectiveness • Availability ITIL: Process Improvement, Predictability
[ change ]  Promote a security as a cultural and behavioral change.  Focus on changing long term patterns and attitudes about security.  Focus on security enabling people, not as restricting rules.  Make security something everyone can understand and act on.  Show how security applies to all parts of life - at work and home.
[ change ] How do you lead to achieve this? • Have a New Attitude • NO FUD • Put your business hat on! • Think of good business practices that reflect security • Think of business opportunities • Be a Team Player - Include everyone on the team
[ change: sources ]

Recommended

Security Governance - Trends and Ideas
Security Governance - Trends and IdeasSecurity Governance - Trends and Ideas
Security Governance - Trends and Ideas
danielblander
 
Org chgmgt ppt95
Org chgmgt ppt95Org chgmgt ppt95
Org chgmgt ppt95
Imad Guenane
 
Failing Continuous Delivery, Devoxx Poland, 2015
Failing Continuous Delivery, Devoxx Poland, 2015Failing Continuous Delivery, Devoxx Poland, 2015
Failing Continuous Delivery, Devoxx Poland, 2015
Daniel Sawano
 
Why physical security just isn’t enough, Sending the heavies into virtualized...
Why physical security just isn’t enough, Sending the heavies into virtualized...Why physical security just isn’t enough, Sending the heavies into virtualized...
Why physical security just isn’t enough, Sending the heavies into virtualized...
Global Business Events - the Heart of your Network.
 
How To Promote Security Awareness In Your Company
How To Promote Security Awareness In Your CompanyHow To Promote Security Awareness In Your Company
How To Promote Security Awareness In Your Company
danielblander
 
IT Security for your Business
IT Security for your BusinessIT Security for your Business
IT Security for your Business
Neil Kemp
 
NZISF Talk: Six essential security services
NZISF Talk: Six essential security servicesNZISF Talk: Six essential security services
NZISF Talk: Six essential security services
Hinne Hettema
 
Belgina ism-v3 3
Belgina ism-v3 3Belgina ism-v3 3
Belgina ism-v3 3
Krist Vanneste, CISA, CGEIT
 

Recommended

Security Governance - Trends and Ideas
Security Governance - Trends and IdeasSecurity Governance - Trends and Ideas
Security Governance - Trends and Ideas
danielblander
 
Org chgmgt ppt95
Org chgmgt ppt95Org chgmgt ppt95
Org chgmgt ppt95
Imad Guenane
 
Failing Continuous Delivery, Devoxx Poland, 2015
Failing Continuous Delivery, Devoxx Poland, 2015Failing Continuous Delivery, Devoxx Poland, 2015
Failing Continuous Delivery, Devoxx Poland, 2015
Daniel Sawano
 
Why physical security just isn’t enough, Sending the heavies into virtualized...
Why physical security just isn’t enough, Sending the heavies into virtualized...Why physical security just isn’t enough, Sending the heavies into virtualized...
Why physical security just isn’t enough, Sending the heavies into virtualized...
Global Business Events - the Heart of your Network.
 
How To Promote Security Awareness In Your Company
How To Promote Security Awareness In Your CompanyHow To Promote Security Awareness In Your Company
How To Promote Security Awareness In Your Company
danielblander
 
IT Security for your Business
IT Security for your BusinessIT Security for your Business
IT Security for your Business
Neil Kemp
 
NZISF Talk: Six essential security services
NZISF Talk: Six essential security servicesNZISF Talk: Six essential security services
NZISF Talk: Six essential security services
Hinne Hettema
 
Belgina ism-v3 3
Belgina ism-v3 3Belgina ism-v3 3
Belgina ism-v3 3
Krist Vanneste, CISA, CGEIT
 
The Art & Science of Simple Security
The Art & Science of Simple SecurityThe Art & Science of Simple Security
The Art & Science of Simple Security
Ravila White
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
Craig Willetts ISO Expert
 
IT governance and Information System Security
IT governance and Information System SecurityIT governance and Information System Security
IT governance and Information System Security
CSSRL PUNE
 
Infocon Bangladesh 2016
Infocon Bangladesh 2016Infocon Bangladesh 2016
Infocon Bangladesh 2016
Prime Infoserv
 
110.decision makers.cio.ciso
110.decision makers.cio.ciso110.decision makers.cio.ciso
110.decision makers.cio.ciso
Larry Smith
 
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
EC-Council
 
Five Essential Enterprise Architecture Practices to Create the Security-Aware...
Five Essential Enterprise Architecture Practices to Create the Security-Aware...Five Essential Enterprise Architecture Practices to Create the Security-Aware...
Five Essential Enterprise Architecture Practices to Create the Security-Aware...
UBM_Design_Central
 
Taking Control Of Workplace Safety
Taking Control Of Workplace SafetyTaking Control Of Workplace Safety
Taking Control Of Workplace Safety
Phil La Duke
 
Information Security is NOT an IT Issue
Information Security is NOT an IT IssueInformation Security is NOT an IT Issue
Information Security is NOT an IT Issue
Evan Francen
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...
Michael Kaishar, MSIA | CISSP
 
Data Protection: An Approach to Privacy
Data Protection: An Approach to PrivacyData Protection: An Approach to Privacy
Data Protection: An Approach to Privacy
Symptai Consulting Limited
 
Fissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-trainingFissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-training
Swati Gupta
 
Taking Control Of Workplace Safety
Taking Control Of Workplace SafetyTaking Control Of Workplace Safety
Taking Control Of Workplace Safety
ladukepc
 
ISO27k Awareness presentation v2.pptx
ISO27k Awareness presentation v2.pptxISO27k Awareness presentation v2.pptx
ISO27k Awareness presentation v2.pptx
Napoleon NV
 
A to Z of Information Security Management
A to Z of Information Security ManagementA to Z of Information Security Management
A to Z of Information Security Management
Mark Conway
 
Information security
Information securityInformation security
Information security
avinashbalakrishnan2
 
Outsourcing it security yes, it’s still your problem
Outsourcing it security yes, it’s still your problemOutsourcing it security yes, it’s still your problem
Outsourcing it security yes, it’s still your problem
Interop
 
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS
 
ISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and Challenges
Certification Europe
 
Cyber security infotech profile
Cyber security infotech profileCyber security infotech profile
Cyber security infotech profile
Cyber Security Infotech Pvt. Ltd.
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
Asian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptxAsian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptx
David Douglas School District
 

More Related Content

Similar to Inclusion And Empowerment

Fissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-trainingFissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-training
Swati Gupta
 
Taking Control Of Workplace Safety
Taking Control Of Workplace SafetyTaking Control Of Workplace Safety
Taking Control Of Workplace Safety
ladukepc
 
ISO27k Awareness presentation v2.pptx
ISO27k Awareness presentation v2.pptxISO27k Awareness presentation v2.pptx
ISO27k Awareness presentation v2.pptx
Napoleon NV
 
Outsourcing it security yes, it’s still your problem
Outsourcing it security yes, it’s still your problemOutsourcing it security yes, it’s still your problem
Outsourcing it security yes, it’s still your problem
Interop
 

Similar to Inclusion And Empowerment (20)

The Art & Science of Simple Security
The Art & Science of Simple SecurityThe Art & Science of Simple Security
The Art & Science of Simple Security
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
 
IT governance and Information System Security
IT governance and Information System SecurityIT governance and Information System Security
IT governance and Information System Security
 
Infocon Bangladesh 2016
Infocon Bangladesh 2016Infocon Bangladesh 2016
Infocon Bangladesh 2016
 
110.decision makers.cio.ciso
110.decision makers.cio.ciso110.decision makers.cio.ciso
110.decision makers.cio.ciso
 
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
Global CCISO Forum 2018 | Anthony Dupree "Evolving Role of the CISO: Reshapin...
 
Five Essential Enterprise Architecture Practices to Create the Security-Aware...
Five Essential Enterprise Architecture Practices to Create the Security-Aware...Five Essential Enterprise Architecture Practices to Create the Security-Aware...
Five Essential Enterprise Architecture Practices to Create the Security-Aware...
 
Taking Control Of Workplace Safety
Taking Control Of Workplace SafetyTaking Control Of Workplace Safety
Taking Control Of Workplace Safety
 
Information Security is NOT an IT Issue
Information Security is NOT an IT IssueInformation Security is NOT an IT Issue
Information Security is NOT an IT Issue
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...
 
Data Protection: An Approach to Privacy
Data Protection: An Approach to PrivacyData Protection: An Approach to Privacy
Data Protection: An Approach to Privacy
 
Fissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-trainingFissea09 mgupta-day3-panel process-program-build-effective-training
Fissea09 mgupta-day3-panel process-program-build-effective-training
 
Taking Control Of Workplace Safety
Taking Control Of Workplace SafetyTaking Control Of Workplace Safety
Taking Control Of Workplace Safety
 
ISO27k Awareness presentation v2.pptx
ISO27k Awareness presentation v2.pptxISO27k Awareness presentation v2.pptx
ISO27k Awareness presentation v2.pptx
 
A to Z of Information Security Management
A to Z of Information Security ManagementA to Z of Information Security Management
A to Z of Information Security Management
 
Information security
Information securityInformation security
Information security
 
Outsourcing it security yes, it’s still your problem
Outsourcing it security yes, it’s still your problemOutsourcing it security yes, it’s still your problem
Outsourcing it security yes, it’s still your problem
 
NUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital ageNUS-ISS Learning Day 2019-Architecting security in the digital age
NUS-ISS Learning Day 2019-Architecting security in the digital age
 
ISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and ChallengesISO 27001 Certification - The Benefits and Challenges
ISO 27001 Certification - The Benefits and Challenges
 
Cyber security infotech profile
Cyber security infotech profileCyber security infotech profile
Cyber security infotech profile
 

Recently uploaded

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
Association for Project Management
 

Recently uploaded (20)

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Asian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptxAsian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptx
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
Third Battle of Panipat detailed notes.pptx
Third Battle of Panipat detailed notes.pptxThird Battle of Panipat detailed notes.pptx
Third Battle of Panipat detailed notes.pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
 

Inclusion And Empowerment

  • 1. Inclusion & Empowerment: How Participation and Awareness Influence Security Daniel J Blander, CISM,CISSP
  • 2. [ agenda ] [ challenges ] [ why ] [ emerging strategies ]
  • 3. [ challenges ] Management buy-in User Participation
  • 4. [ challenges ] How consistent is your security posture? Is it integrated in to your organization’s goals?
  • 5. [ challenges ] But I have tried!
  • 6. [ why ] Company & Stakeholder awareness of risk • “Its never happened to us before” Stakeholder Focus: Profit, Cost, Opportunity
  • 7. [ why ] CIO = Chief IT Officer Security is Only for Computers
  • 8. [ why ] Self Inflicted Wounds Techno-babble F.U.D. • • Fear mongering – FUD & Hype Security is a Cost Center • Security does not generate revenue • Security is restrictive
  • 9. [ change ] Create a shared Governance Function HR Finance Sales Security IT Steering Legal Committee
  • 10. [ change ] Security as “Business Risk Management” • Security is a process inside The Company • People, Processes, Information • Participate in the Business Chief Risk Officer Physical Information Legal Security & IT Security
  • 11. [ change ] Use security to enhance business Give back to the business Focus on: • Efficiency & Effectiveness • Availability ITIL: Process Improvement, Predictability
  • 12. [ change ]  Promote a security as a cultural and behavioral change.  Focus on changing long term patterns and attitudes about security.  Focus on security enabling people, not as restricting rules.  Make security something everyone can understand and act on.  Show how security applies to all parts of life - at work and home.
  • 13. [ change ] How do you lead to achieve this? • Have a New Attitude • NO FUD • Put your business hat on! • Think of good business practices that reflect security • Think of business opportunities • Be a Team Player - Include everyone on the team